It is now a requirement for attachments to do one of three things: 1. Have a content_type validation (e.g. "image/*") 2. Have a filename validation (e.g. *.png, *.gif) 3. Explicitly *not* have one of those validations The intent is to make the default more secure, and you have to explicitly reject the security of a validation in order to not have one.
AbstractAdapter wasn't delegating `binmode` or `binmode?` to the underlying @tempfile object. `binmode` is useful for cases where the Adapter object gets handed on to another library expecting an `IO` object holding image data. We ran into this with Prawn and people using `prawnto` in conjunction with Paperclip. Prawn wants to ensure the `IO` is in binmode for embedding the image data.
…th. Remove illegal filename characters check since it is no longer relevant when doing a hexdigest on the filename
When using S3 for storage, their data consistency model makes the current behaviour of Attachment#reprocess! unreliable. Apparently, Amazon can not guarantee that PUT's called after DELETE's is actually executed in that order. Hence, I propose preserving files, when doing a reprocces.