Created
May 6, 2015 12:00
-
-
Save tofuseng/d8c32d82ef93dc813a5b to your computer and use it in GitHub Desktop.
create an initializer to override Paperclip's classes file_command_content_type_detector.rb and media_type_spoof_detector.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module Paperclip | |
| class MediaTypeSpoofDetector | |
| def self.using(file, name) | |
| new(file, name) | |
| end | |
| def initialize(file, name) | |
| @file = file | |
| @name = name | |
| end | |
| def spoofed? | |
| if ! @name.blank? | |
| ! supplied_file_media_type.include?(calculated_media_type) | |
| end | |
| end | |
| private | |
| def supplied_file_media_type | |
| MIME::Types.type_for(@name).collect(&:media_type) | |
| end | |
| def calculated_media_type | |
| type_from_file_command.split("/").first | |
| end | |
| def type_from_file_command | |
| begin | |
| MIME::Types.type_for(@file.path).first.content_type | |
| rescue Cocaine::CommandLineError | |
| "" | |
| end | |
| end | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment