search

kreeti / kt-paperclip

Easy file attachment management for ActiveRecord
Other
276 stars 94 forks source link

spoofed_media_type error when the file name is broken #131

Open sobrinho opened 12 months ago

sobrinho commented 12 months ago

Describe the bug Using a file named original. breaks the spoof validation.

To Reproduce Attach a file on a URL that returns the content type header as image/png but the file name is broken such as original..

Expected behavior Ignore the spoof validation against file extension.

Screenshots N/A

Desktop (please complete the following information): N/A

Smartphone (please complete the following information): N/A

Additional context Probably broken because of:

File.extname("original.")
#=> "."
sobrinho commented 12 months ago

Our monkey patch so far:

Paperclip::MediaTypeSpoofDetector.class_eval do
  def has_extension?
    filename_extension.present?
  end
end

Trying to validate if that's okay.