We discourage to do this, but PIL.Image.MAX_IMAGE_PIXELS can be None. If so, please specify FILE_MAX_IMAGE_SIZE in your settings.py. If both are not set, any admin user can upload images as big as they wish opening up any project to memory bombs.
This PR allows PIL.Image.MAX_IMAGE_PIXELS to be None. If both PIL.Image.MAX_IMAGE_PIXELS and settings.FILER_MAX_IMAGE_PIXELS are not set, the checks framework will raise a warning.
1474
...
Checklist
[x] I have opened this pull request against master
[ ] I have added or modified the tests when changing logic
[x] I have read the contribution guidelines and I have joined #workgroup-pr-review on
Slack to find a “pr review buddy” who is going to review my pull request.
Description
Related resources
We discourage to do this, but
PIL.Image.MAX_IMAGE_PIXELScan beNone. If so, please specifyFILE_MAX_IMAGE_SIZEin yoursettings.py. If both are not set, any admin user can upload images as big as they wish opening up any project to memory bombs.This PR allows
PIL.Image.MAX_IMAGE_PIXELSto beNone. If bothPIL.Image.MAX_IMAGE_PIXELSandsettings.FILER_MAX_IMAGE_PIXELSare not set, the checks framework will raise a warning.1474
...
Checklist
master