Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Unconditionally re-encode locally-uploaded images to strip metadata #8714
1) this means that https://github.com/tootsuite/mastodon/blob/master/lib/paperclip/lazy_thumbnail.rb is now dead code, and we should remove it. 2) I'm not convinced this PR is the best solution. is it possible to strip metadata without reencoding the file? what are the benchmarks on each?…
On Mon, Sep 17, 2018, 9:56 AM ThibG ***@***.***> wrote: This strips metadata on file upload by re-encoding the files, at the cost of image quality and processing resources. ------------------------------ You can view, comment on, or merge this pull request online at: #8714 Commit Summary - Unconditionally re-encode images to strip metadata File Changes - *M* app/models/media_attachment.rb <https://github.com/tootsuite/mastodon/pull/8714/files#diff-0> (2) Patch Links: - https://github.com/tootsuite/mastodon/pull/8714.patch - https://github.com/tootsuite/mastodon/pull/8714.diff — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#8714>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAORVxfyvyme2DA6KoKboyN9EutZ6qOHks5ub6oSgaJpZM4Wr-S_> .
Keep in mind that lazy thumbnail is a result of #6515, which fixed all sorts of visual glitches with GIF avatars from remote users. We don't really care about EXIF metadata in remote images because presumably they already stripped it themselves when the image was turned into the dimensions we expect.
Reverting that fix means not only more computational overhead for ImageMagick stuff (which I consider acceptable because we already dealt with that pre-optimization, not the end of the world), but unfortunately it means the return of something like #3199 (I am not sure if all glitches had corresponding bug reports), which itself is an ImageMagick bug as far as I understand.
The fix in question became a problem specifically in #8083, when the lazy thumbnail processor was hooked up to media attachments. EXIF data in avatars and headers is unlikely to contain sensitive information, but media attachments may obviously come straight from a camera. This is my bad, I had not connected the dots between the different patches.
I suggest that we keep the behaviour for remote images (through some kinda option passed to the processor?) but unconditionally re-encode locally uploaded images.