Skip to content
This repository has been archived by the owner on Jul 13, 2023. It is now read-only.

Backport fix for excessive logging from media type spoof detector #2126

Merged
merged 2 commits into from Mar 11, 2016
Merged

Backport fix for excessive logging from media type spoof detector #2126

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5c96b4c
Output shorter but still useful error message
ajh Sep 30, 2015
ebeccb1
Add changelog entry for 5c96b4c and a test for desired logging behavi…
bdewater Mar 9, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 2 additions & 0 deletions NEWS
View file
Open in desktop
@@ -1,3 +1,5 @@
* Bug Fix: megabytes of mime-types info in logs when a spoofed media type is detected.

4.3.5 (2/8/2016):
* Bug Fix: Remove deprecation warnings for v5.0 for now. Will re-add once the version has landed.

Expand Down
2 changes: 1 addition & 1 deletion lib/paperclip/media_type_spoof_detector.rb
View file
Open in desktop
Expand Up @@ -12,7 +12,7 @@ def initialize(file, name, content_type)

def spoofed?
if has_name? && has_extension? && media_type_mismatch? && mapping_override_mismatch?
Paperclip.log("Content Type Spoof: Filename #{File.basename(@name)} (#{supplied_content_type} from Headers, #{content_types_from_name} from Extension), content type discovered from file command: #{calculated_content_type}. See documentation to allow this combination.")
Paperclip.log("Content Type Spoof: Filename #{File.basename(@name)} (#{supplied_content_type} from Headers, #{content_types_from_name.map(&:to_s)} from Extension), content type discovered from file command: #{calculated_content_type}. See documentation to allow this combination.")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Line is too long. [289/80]

true
else
false
Expand Down
15 changes: 12 additions & 3 deletions spec/paperclip/media_type_spoof_detector_spec.rb
View file
Open in desktop
Expand Up @@ -44,9 +44,18 @@
end
end

it "rejects a file if named .html and is as HTML, but we're told JPG" do
file = File.open(fixture_file("empty.html"))
assert Paperclip::MediaTypeSpoofDetector.using(file, "empty.html", "image/jpg").spoofed?
context "file named .html and is as HTML, but we're told JPG" do
let(:file) { File.open(fixture_file("empty.html")) }
let(:spoofed?) { Paperclip::MediaTypeSpoofDetector.using(file, "empty.html", "image/jpg").spoofed? }
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Line is too long. [104/80]


it "rejects the file" do
assert spoofed?
end

it "logs info about the detected spoof" do
Paperclip.expects(:log).with('Content Type Spoof: Filename empty.html (image/jpg from Headers, ["text/html"] from Extension), content type discovered from file command: text/html. See documentation to allow this combination.')
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Line is too long. [232/80]

spoofed?
end
end

it "does not reject if content_type is empty but otherwise checks out" do
Expand Down