search

mixkorshun / django-safe-filefield

Secure file field, which allows you to restrict uploaded file extensions.
MIT License
53 stars 10 forks source link

Fail verify true content_type #5

Closed nsurbay closed 6 years ago

nsurbay commented 6 years ago

The file content verification can be bypassed if the file has an extension compatible with the "file.content_type" which is sent by the user.

codecov-io commented 6 years ago

Codecov Report

Merging #5 into master will increase coverage by 0.83%. The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master       #5      +/-   ##
==========================================
+ Coverage   92.88%   93.72%   +0.83%     
==========================================
  Files          11       11              
  Lines         225      255      +30     
==========================================
+ Hits          209      239      +30     
  Misses         16       16
Impacted Files Coverage Δ
safe_filefield/tests/test_models.py 100% <100%> (ø) :arrow_up:
safe_filefield/tests/test_validators.py 94.02% <100%> (+2.36%) :arrow_up:
safe_filefield/validators.py 88.23% <100%> (+1%) :arrow_up:
safe_filefield/tests/utils.py 100% <100%> (ø) :arrow_up:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update d68b2c3...9a902a5. Read the comment docs.