Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: whitelist uploads before creating thumbnail variants (#25013) 

Only attempt to create thumbnails for whitelisted upload extensions.
This commit is contained in:
David Battersby 2023-12-22 17:59:53 +08:00 committed by GitHub
parent 9ebe21df82
commit 1010bbf2ce
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/chat/lib/chat/message_processor.rb
View File

@ -3,6 +3,7 @@
module Chat
class MessageProcessor
include ::CookedProcessorMixin
IMG_FILETYPES = %w[jpg jpeg gif png heic heif webp]
def initialize(chat_message, opts = {})
@model = chat_message
@ -22,7 +23,11 @@ module Chat
end
def process_thumbnails
return if !SiteSetting.create_thumbnails
@model.uploads.each do |upload|
next if upload.blank? || IMG_FILETYPES.exclude?(upload.extension.downcase)
if upload.width <= SiteSetting.max_image_width &&
upload.height <= SiteSetting.max_image_height
return false