FIX: Be able to handle long file extensions (#12375)

* FIX: Be able to handle long file extensions Some applications have really long file extensions, but if we truncate them weird behavior ensues. This commit changes the file extension size from 10 characters to 255 characters instead. See: https://meta.discourse.org/t/182824 * Keep truncation at 10, but allow uppercase and dashes
2021-03-17 12:01:29 -06:00 · 2021-03-17 12:01:29 -06:00 · 44153cde18
parent eb7f0ec766
commit 44153cde18
4 changed files with 23 additions and 2 deletions
--- a/config/routes.rb
+++ b/config/routes.rb
@ -528,7 +528,7 @@ Discourse::Application.routes.draw do

    # used to download original images
    get "uploads/:site/:sha(.:extension)" => "uploads#show", constraints: { site: /\w+/, sha: /\h{40}/, extension: /[a-z0-9\._]+/i }
-    get "uploads/short-url/:base62(.:extension)" => "uploads#show_short", constraints: { site: /\w+/, base62: /[a-zA-Z0-9]+/, extension: /[a-z0-9\._]+/i }, as: :upload_short
+    get "uploads/short-url/:base62(.:extension)" => "uploads#show_short", constraints: { site: /\w+/, base62: /[a-zA-Z0-9]+/, extension: /[a-zA-Z0-9\._-]+/i }, as: :upload_short
    # used to download attachments
    get "uploads/:site/original/:tree:sha(.:extension)" => "uploads#show", constraints: { site: /\w+/, tree: /([a-z0-9]+\/)+/i, sha: /\h{40}/, extension: /[a-z0-9\._]+/i }
    if Rails.env.test?
--- a/spec/fixtures/images/fake.long-FileExtension
+++ b/spec/fixtures/images/fake.long-FileExtension
@ -0,0 +1 @@
+https://meta.discourse.org/t/uploading-files-with-longer-file-extensions-gets-truncated/182824
--- a/spec/lib/upload_creator_spec.rb
+++ b/spec/lib/upload_creator_spec.rb
@ -9,7 +9,7 @@ RSpec.describe UploadCreator do
  describe '#create_for' do
    describe 'when upload is not an image' do
      before do
-        SiteSetting.authorized_extensions = 'txt'
+        SiteSetting.authorized_extensions = 'txt|long-FileExtension'
      end

      let(:filename) { "utf-8.txt" }
@ -38,6 +38,19 @@ RSpec.describe UploadCreator do
        expect(user2.user_uploads.count).to eq(1)
        expect(upload.user_uploads.count).to eq(2)
      end
+
+      let(:longextension) { "fake.long-FileExtension" }
+      let(:file2) { file_from_fixtures(longextension) }
+
+      it 'should truncate long extension names' do
+        expect do
+          UploadCreator.new(file2, "fake.long-FileExtension").create_for(user.id)
+        end.to change { Upload.count }.by(1)
+
+        upload = Upload.last
+
+        expect(upload.extension).to eq('long-FileE')
+      end
    end

    describe 'when image is not authorized' do
--- a/spec/requests/uploads_controller_spec.rb
+++ b/spec/requests/uploads_controller_spec.rb
@ -365,6 +365,13 @@ describe UploadsController do
        expect(response.status).to eq(200)
      end

+      it "returns uploads with a dash and uppercase in extension correctly" do
+        fake_upload = upload_file("fake.long-FileExtension")
+        get fake_upload.short_path
+
+        expect(response.status).to eq(200)
+      end
+
      it "returns the right response when anon tries to download a file " \
        "when prevent_anons_from_downloading_files is true" do
				`@ -0,0 +1 @@`
				`https://meta.discourse.org/t/uploading-files-with-longer-file-extensions-gets-truncated/182824`