Skip to content
Snippets Groups Projects
Commit 9e391303 authored by Gabriel Engel's avatar Gabriel Engel
Browse files

Merge pull request #1893 from RocketChat/improvements/check-mime-for-assets 

Use 'mim-types' ty check content type and compare to extension
parents 0e846ab5 57b0e01e
No related merge requests found
Hide whitespace changes
Inline Side-by-side
packages/rocketchat-assets/.npm/package/npm-shrinkwrap.json
+ 8
0
View file @ 9e391303
......@@ -2,6 +2,14 @@
"dependencies": {
"image-size": {
"version": "0.4.0"
},
"mime-types": {
"version": "2.1.9",
"dependencies": {
"mime-db": {
"version": "1.21.0"
}
}
}
}
}
packages/rocketchat-assets/package.js
+ 2
1
View file @ 9e391303
......@@ -20,7 +20,8 @@ Package.onUse(function(api) {
});
Npm.depends({
"image-size": "0.4.0"
"image-size": "0.4.0",
"mime-types": "2.1.9"
});
Package.onTest(function(api) {
......
packages/rocketchat-assets/server/assets.coffee
+ 10
17
View file @ 9e391303
sizeOf = Npm.require 'image-size'
mime = Npm.require 'mime-types'
@RocketChatAssetsInstance = new RocketChatFile.GridFS
name: 'assets'
......@@ -11,8 +11,7 @@ assets =
defaultUrl: 'favicon.ico?v=3'
constraints:
type: 'image'
contentType: 'image/vnd.microsoft.icon'
extention: 'ico'
extension: 'ico'
width: undefined
height: undefined
'favicon.svg':
......@@ -20,8 +19,7 @@ assets =
defaultUrl: '/images/logo/icon.svg?v=3'
constraints:
type: 'image'
contentType: 'image/svg+xml'
extention: 'svg'
extension: 'svg'
width: undefined
height: undefined
'favicon_64.png':
......@@ -29,8 +27,7 @@ assets =
defaultUrl: 'images/logo/favicon-64x64.png?v=3'
constraints:
type: 'image'
contentType: 'image/png'
extention: 'png'
extension: 'png'
width: 64
height: 64
'favicon_96.png':
......@@ -38,8 +35,7 @@ assets =
defaultUrl: 'images/logo/favicon-96x96.png?v=3'
constraints:
type: 'image'
contentType: 'image/png'
extention: 'png'
extension: 'png'
width: 96
height: 96
'favicon_128.png':
......@@ -47,8 +43,7 @@ assets =
defaultUrl: 'images/logo/favicon-128x128.png?v=3'
constraints:
type: 'image'
contentType: 'image/png'
extention: 'png'
extension: 'png'
width: 128
height: 128
'favicon_192.png':
......@@ -56,8 +51,7 @@ assets =
defaultUrl: 'images/logo/android-chrome-192x192.png?v=3'
constraints:
type: 'image'
contentType: 'image/png'
extention: 'png'
extension: 'png'
width: 192
height: 192
'favicon_256.png':
......@@ -65,8 +59,7 @@ assets =
defaultUrl: 'images/logo/favicon-256x256.png?v=3'
constraints:
type: 'image'
contentType: 'image/png'
extention: 'png'
extension: 'png'
width: 256
height: 256
......@@ -104,8 +97,8 @@ Meteor.methods
if not assets[asset]?
throw new Meteor.Error "Invalid_asset"
if contentType isnt assets[asset].constraints.contentType
throw new Meteor.Error "Invalid_file_type"
if mime.extension(contentType) isnt assets[asset].constraints.extension
throw new Meteor.Error "Invalid_file_type", contentType
file = new Buffer(binaryContent, 'binary')
......
packages/rocketchat-ui-admin/admin/admin.coffee
+ 5
5
View file @ 9e391303
......@@ -186,17 +186,17 @@ Template.admin.events
for blob in files
toastr.info TAPi18n.__ 'Uploading_file'
if @fileConstraints.contentType isnt blob.type
toastr.error TAPi18n.__ 'Invalid_file_type'
return
# if @fileConstraints.contentType isnt blob.type
# toastr.error blob.type, TAPi18n.__ 'Invalid_file_type'
# return
reader = new FileReader()
reader.readAsBinaryString(blob)
reader.onloadend = =>
Meteor.call 'setAsset', reader.result, blob.type, @asset, (err, data) ->
if err?
toastr.error TAPi18n.__ err.error
console.log err.error
toastr.error err.reason, TAPi18n.__ err.error
console.log err
return
toastr.success TAPi18n.__ 'File_uploaded'
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment