FIX: Be able to handle long file extensions (#12375)

* FIX: Be able to handle long file extensions

Some applications have really long file extensions, but if we truncate
them weird behavior ensues.

This commit changes the file extension size from 10 characters to 255
characters instead.

See:

https://meta.discourse.org/t/182824

* Keep truncation at 10, but allow uppercase and dashes
This commit is contained in:
Blake Erickson 2021-03-17 12:01:29 -06:00 committed by GitHub
parent eb7f0ec766
commit 44153cde18
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 23 additions and 2 deletions

View File

@ -528,7 +528,7 @@ Discourse::Application.routes.draw do
# used to download original images # used to download original images
get "uploads/:site/:sha(.:extension)" => "uploads#show", constraints: { site: /\w+/, sha: /\h{40}/, extension: /[a-z0-9\._]+/i } get "uploads/:site/:sha(.:extension)" => "uploads#show", constraints: { site: /\w+/, sha: /\h{40}/, extension: /[a-z0-9\._]+/i }
get "uploads/short-url/:base62(.:extension)" => "uploads#show_short", constraints: { site: /\w+/, base62: /[a-zA-Z0-9]+/, extension: /[a-z0-9\._]+/i }, as: :upload_short get "uploads/short-url/:base62(.:extension)" => "uploads#show_short", constraints: { site: /\w+/, base62: /[a-zA-Z0-9]+/, extension: /[a-zA-Z0-9\._-]+/i }, as: :upload_short
# used to download attachments # used to download attachments
get "uploads/:site/original/:tree:sha(.:extension)" => "uploads#show", constraints: { site: /\w+/, tree: /([a-z0-9]+\/)+/i, sha: /\h{40}/, extension: /[a-z0-9\._]+/i } get "uploads/:site/original/:tree:sha(.:extension)" => "uploads#show", constraints: { site: /\w+/, tree: /([a-z0-9]+\/)+/i, sha: /\h{40}/, extension: /[a-z0-9\._]+/i }
if Rails.env.test? if Rails.env.test?

View File

@ -0,0 +1 @@
https://meta.discourse.org/t/uploading-files-with-longer-file-extensions-gets-truncated/182824

View File

@ -9,7 +9,7 @@ RSpec.describe UploadCreator do
describe '#create_for' do describe '#create_for' do
describe 'when upload is not an image' do describe 'when upload is not an image' do
before do before do
SiteSetting.authorized_extensions = 'txt' SiteSetting.authorized_extensions = 'txt|long-FileExtension'
end end
let(:filename) { "utf-8.txt" } let(:filename) { "utf-8.txt" }
@ -38,6 +38,19 @@ RSpec.describe UploadCreator do
expect(user2.user_uploads.count).to eq(1) expect(user2.user_uploads.count).to eq(1)
expect(upload.user_uploads.count).to eq(2) expect(upload.user_uploads.count).to eq(2)
end end
let(:longextension) { "fake.long-FileExtension" }
let(:file2) { file_from_fixtures(longextension) }
it 'should truncate long extension names' do
expect do
UploadCreator.new(file2, "fake.long-FileExtension").create_for(user.id)
end.to change { Upload.count }.by(1)
upload = Upload.last
expect(upload.extension).to eq('long-FileE')
end
end end
describe 'when image is not authorized' do describe 'when image is not authorized' do

View File

@ -365,6 +365,13 @@ describe UploadsController do
expect(response.status).to eq(200) expect(response.status).to eq(200)
end end
it "returns uploads with a dash and uppercase in extension correctly" do
fake_upload = upload_file("fake.long-FileExtension")
get fake_upload.short_path
expect(response.status).to eq(200)
end
it "returns the right response when anon tries to download a file " \ it "returns the right response when anon tries to download a file " \
"when prevent_anons_from_downloading_files is true" do "when prevent_anons_from_downloading_files is true" do