From 44153cde18e4f4f3d3c5719e3e7c96b5954f25c8 Mon Sep 17 00:00:00 2001 From: Blake Erickson Date: Wed, 17 Mar 2021 12:01:29 -0600 Subject: [PATCH] FIX: Be able to handle long file extensions (#12375) * FIX: Be able to handle long file extensions Some applications have really long file extensions, but if we truncate them weird behavior ensues. This commit changes the file extension size from 10 characters to 255 characters instead. See: https://meta.discourse.org/t/182824 * Keep truncation at 10, but allow uppercase and dashes --- config/routes.rb | 2 +- spec/fixtures/images/fake.long-FileExtension | 1 + spec/lib/upload_creator_spec.rb | 15 ++++++++++++++- spec/requests/uploads_controller_spec.rb | 7 +++++++ 4 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 spec/fixtures/images/fake.long-FileExtension diff --git a/config/routes.rb b/config/routes.rb index 615f1f6a88a..8e27a365b08 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -528,7 +528,7 @@ Discourse::Application.routes.draw do # used to download original images get "uploads/:site/:sha(.:extension)" => "uploads#show", constraints: { site: /\w+/, sha: /\h{40}/, extension: /[a-z0-9\._]+/i } - get "uploads/short-url/:base62(.:extension)" => "uploads#show_short", constraints: { site: /\w+/, base62: /[a-zA-Z0-9]+/, extension: /[a-z0-9\._]+/i }, as: :upload_short + get "uploads/short-url/:base62(.:extension)" => "uploads#show_short", constraints: { site: /\w+/, base62: /[a-zA-Z0-9]+/, extension: /[a-zA-Z0-9\._-]+/i }, as: :upload_short # used to download attachments get "uploads/:site/original/:tree:sha(.:extension)" => "uploads#show", constraints: { site: /\w+/, tree: /([a-z0-9]+\/)+/i, sha: /\h{40}/, extension: /[a-z0-9\._]+/i } if Rails.env.test? diff --git a/spec/fixtures/images/fake.long-FileExtension b/spec/fixtures/images/fake.long-FileExtension new file mode 100644 index 00000000000..a6a874af9ee --- /dev/null +++ b/spec/fixtures/images/fake.long-FileExtension @@ -0,0 +1 @@ +https://meta.discourse.org/t/uploading-files-with-longer-file-extensions-gets-truncated/182824 diff --git a/spec/lib/upload_creator_spec.rb b/spec/lib/upload_creator_spec.rb index fdf08347b4d..67e67dac490 100644 --- a/spec/lib/upload_creator_spec.rb +++ b/spec/lib/upload_creator_spec.rb @@ -9,7 +9,7 @@ RSpec.describe UploadCreator do describe '#create_for' do describe 'when upload is not an image' do before do - SiteSetting.authorized_extensions = 'txt' + SiteSetting.authorized_extensions = 'txt|long-FileExtension' end let(:filename) { "utf-8.txt" } @@ -38,6 +38,19 @@ RSpec.describe UploadCreator do expect(user2.user_uploads.count).to eq(1) expect(upload.user_uploads.count).to eq(2) end + + let(:longextension) { "fake.long-FileExtension" } + let(:file2) { file_from_fixtures(longextension) } + + it 'should truncate long extension names' do + expect do + UploadCreator.new(file2, "fake.long-FileExtension").create_for(user.id) + end.to change { Upload.count }.by(1) + + upload = Upload.last + + expect(upload.extension).to eq('long-FileE') + end end describe 'when image is not authorized' do diff --git a/spec/requests/uploads_controller_spec.rb b/spec/requests/uploads_controller_spec.rb index 1e7769c1c69..9b7201ad78c 100644 --- a/spec/requests/uploads_controller_spec.rb +++ b/spec/requests/uploads_controller_spec.rb @@ -365,6 +365,13 @@ describe UploadsController do expect(response.status).to eq(200) end + it "returns uploads with a dash and uppercase in extension correctly" do + fake_upload = upload_file("fake.long-FileExtension") + get fake_upload.short_path + + expect(response.status).to eq(200) + end + it "returns the right response when anon tries to download a file " \ "when prevent_anons_from_downloading_files is true" do