Skip to content
Commits on Mar 11, 2014
  1. @jyurek

    Convert all of the tests from test/unit to RSpec

    jyurek committed Feb 27, 2014
    This is a big one.
    
    This change converts all of the existing tests from test/unit to RSpec.
    It's been a long time coming, and was specifically prompted by the
    inability of minitest to work with Appraisal across the various Rails
    versions. Instead of ironing out that headache, converting to RSpec was
    preferable (after initial probing).
    
    Many assertions are still assertions and are housed in the Assertions
    module, but they should be converted as they get touched. Similarly,
    since we're touching all the tests/specs, we convert all the hashes from
    1.8 syntax to 1.9 syntax.
Commits on Mar 4, 2014
  1. @jhnvz @jyurek
Commits on Feb 14, 2014
  1. @morgoth @jyurek

    Validate media type spoofing only when attachment changed.

    morgoth committed with jyurek Feb 10, 2014
    It resulted with downloading attachment (i.e. from S3) on each
    instance validation even when attachment didn't change at all.
  2. @jyurek
Commits on Feb 11, 2014
  1. @morgoth
Commits on Feb 7, 2014
  1. @ScotterC @jyurek

    Adding Default Format for styles

    ScotterC committed with jyurek Jan 21, 2014
    Allows a lambda to be passed to decide what format a style should
    be processed as
  2. @marcoow @jyurek
  3. @jyurek

    Add a way to allow content_types that file misses

    jyurek committed Feb 7, 2014
    There are some file types that the file command doesn't understand.
    Notably, files that have a format, but are ASCII-text based (like ruby,
    certificates, etc), show up as text/plain. This presents a problem,
    because the mime-types gem either doesn't report them at all (as for
    .pem files) or reports them differently (as for .rb files).
    
    This change allows a Paperclip.options[:content_type_mapping] hash,
    which allows for a mapping of { :pem => "text/plain" } which tells the
    spoof detector that this is an OK matchup and to allow it.
Commits on Jan 31, 2014
  1. @jyurek

    Raise unless content type or name validation

    jyurek committed Jan 31, 2014
    It is now a requirement for attachments to do one of three things:
      1. Have a content_type validation (e.g. "image/*")
      2. Have a filename validation (e.g. *.png, *.gif)
      3. Explicitly *not* have one of those validations
    
    The intent is to make the default more secure, and you have to
    explicitly reject the security of a validation in order to not have one.
Commits on Jan 29, 2014
  1. @jyurek
  2. @jyurek
  3. @jyurek
  4. @jyurek

    A missing content_type validator shows deprecation warning

    Dan Collis-Puro committed with jyurek Jan 25, 2014
  5. @jyurek

    Fix stringio name in tests

    Dan Collis-Puro committed with jyurek Jan 25, 2014
  6. @jyurek
  7. @jyurek
  8. @jyurek

    Calculate data-uri file names off the validated content-type

    Dan Collis-Puro committed with jyurek Jan 24, 2014
  9. @jyurek

    Add stub to fix HasAttachedFile tests

    Dan Collis-Puro committed with jyurek Jan 24, 2014
  10. @jyurek

    Add media-type spoof detection

    jyurek committed Jan 24, 2014
Commits on Jan 10, 2014
  1. @jyurek
Commits on Jan 3, 2014
  1. @fidothe @jyurek

    Delegate binmode and binmode? in AbstractAdapter

    fidothe committed with jyurek Nov 24, 2013
    AbstractAdapter wasn't delegating `binmode` or `binmode?` to the
    underlying @tempfile object. `binmode` is useful for cases where the
    Adapter object gets handed on to another library expecting an `IO`
    object holding image data. We ran into this with Prawn and people using
    `prawnto` in conjunction with Paperclip. Prawn wants to ensure the `IO`
    is in binmode for embedding the image data.
  2. @jyurek
  3. @jyurek
Commits on Jan 2, 2014
  1. @jyurek

    Use hexdigest to ensure that tempfile names will be a reasonable leng…

    Dan Dockery committed with jyurek Sep 20, 2013
    …th. Remove illegal filename characters check since it is no longer relevant when doing a hexdigest on the filename
  2. @jyurek
  3. @jyurek
Commits on Dec 20, 2013
  1. @jyurek
  2. @ScotterC @jyurek
Commits on Nov 15, 2013
  1. @jyurek

    Refactoring of previous commit

    jyurek committed Nov 15, 2013
  2. @ScotterC @jyurek
Commits on Nov 8, 2013
  1. @s-andringa @jyurek
Commits on Nov 1, 2013
  1. @krzychk @jyurek
  2. @jyurek

    Don't commit commented code.

    jyurek committed Nov 1, 2013
  3. @jyurek
Commits on Oct 25, 2013
  1. @jyurek

    WIP

    jyurek committed Oct 22, 2013
Something went wrong with that request. Please try again.