Régis Hanol
13e489b4ca
replace the upload type whitelist with a sanitizer
2017-05-18 12:13:13 +02:00
Arpit Jalan
8e5b0c79ae
FIX: allow images to be uploaded in wizard
2017-05-18 13:53:23 +05:30
Arpit Jalan
8c337ecf82
FIX: allow uploading of category logo and background
2017-05-11 12:48:54 +05:30
Régis Hanol
214939bb87
freeze array constants
2017-05-11 09:08:59 +02:00
Régis Hanol
9641d2413d
REFACTOR: upload workflow creation into UploadCreator
...
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Sam
bc0b9af576
FEATURE: support uploads for themes
...
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Guo Xiang Tan
2af1b9e93c
Add time out when optimizing images.
2017-04-20 15:21:43 +08:00
Guo Xiang Tan
60f1169077
REFACTOR: Reduce repetition in code.
2017-04-18 17:03:49 +08:00
Guo Xiang Tan
e7c972ac89
FIX: Don't use backticks that take in inputs.
2017-03-17 15:33:51 +08:00
Guo Xiang Tan
1a7e954e09
FIX: Store custom emojis as uploads.
...
* Depending on a hardcoded directory was a flawed design
which made it impossible to debug when custom emojis go
missing.
2017-03-14 13:07:18 +08:00
Régis Hanol
887e9af84f
FEATURE: new 'max_image_megapixels' site setting
2017-01-11 23:37:12 +01:00
Régis Hanol
8d48779b5c
FIX: don't 💥 with an invalid URI
2016-10-20 12:34:42 +02:00
Guo Xiang Tan
7db33cc512
FIX: Videos and audio files were not associated to the post.
2016-10-18 16:13:39 +08:00
Guo Xiang Tan
e4b75f604c
FIX: Make clean up upload script a safer task to run.
2016-09-05 10:06:02 +08:00
Guo Xiang Tan
1a4a0d7e89
FIX: Don't fail silently.
2016-09-02 11:59:03 +08:00
Guo Xiang Tan
692ecff3eb
Revert "FIX: Don't fail silently."
...
This reverts commit baa6af93a2
.
2016-09-02 11:58:56 +08:00
Guo Xiang Tan
baa6af93a2
FIX: Don't fail silently.
2016-09-02 11:53:53 +08:00
Guo Xiang Tan
efd7cbd887
Remove limit default.
...
Having the limit makes it harder to migrate all `Upload`/`OptimizedImage`
since the count has to be figured out and passed to the method.
2016-09-02 10:55:11 +08:00
Régis Hanol
5169bcdb6e
FIX: httpshttps ultra secure URLs
2016-06-30 16:55:01 +02:00
Régis Hanol
5e2545a578
FEATURE: improve support for (whitelisted) SVGs as images
2016-06-20 10:22:13 +02:00
Régis Hanol
32d253d484
remove 'crop_tall_images' site setting but keep the behavior
2016-05-23 16:42:19 +02:00
Régis Hanol
667dd54a23
FEATURE: new 'crop_tall_images' site setting
2016-05-23 16:18:30 +02:00
Guo Xiang Tan
0634834009
Some fixes related to optimized images ( #4233 )
...
* FIX: No need to manually include relation.
* FIX: OR instead of chaining relation.
2016-05-20 09:12:25 +02:00
Régis Hanol
df14926e42
SECURITY: check magic bytes before using ImageMagick tools
2016-05-03 21:54:07 +02:00
Régis Hanol
be5a54d67d
FEATURE: new 'allow_all_attachments_for_group_messages' site setting
2016-02-29 22:39:24 +01:00
Sam
32c681c96b
annotate models
2016-02-23 10:33:53 +11:00
Régis Hanol
4d981cec53
FIX: don't try to optimize large PNGs (takes too much time)
2016-02-22 12:57:24 +01:00
Régis Hanol
a9099f9e23
SECURITY: ensure we never accept fake images
2015-12-21 16:08:14 +01:00
Régis Hanol
09bfe49254
FIX: don't automagically downsize uploaded images that are larger than 10MB
...
FIX: don't optimize GIFs since ImageOption was disabled for GIFs (too slow)
2015-11-26 18:16:47 +01:00
Régis Hanol
fb62a7c0c3
FIX: only downsize user card & profile backgrounds
2015-09-24 21:04:06 +02:00
Régis Hanol
a3831a7003
FIX: uploading an animated user card/profile background was converted to a still image
2015-09-20 22:01:03 +02:00
Régis Hanol
93f9dcfcec
FIX: don't overwrite custom uploaded avatar when selecting gravatar
...
FIX: remove unecessary serialized fields
2015-09-11 15:10:56 +02:00
Sam
cd8d82aa31
correct file size and add note about impending breakage of image_optim
2015-09-10 14:37:46 +10:00
Régis Hanol
d456460d33
FIX: don't butcher GIFs
...
Use 'gifsicle' instead of 'convert' to resize & optimize GIFs
FIX: don't even try to fix GIFs orientation
FIX: use 'allow_animated_thumbnails' site setting for user profile backgrounds & user cards
2015-07-22 17:10:42 +02:00
Régis Hanol
b0802abae2
FIX: crop & optimize user background profile/card images
2015-07-15 17:15:43 +02:00
Gerhard Schlager
2e8838a0cd
FIX: Disable validation during thumbnail creation
2015-06-27 01:26:16 +02:00
Régis Hanol
bc9fd2c46d
don't silence these errors
2015-06-12 20:11:23 +02:00
Régis Hanol
189cb3ff12
FEATURE: move migrate_to_new_scheme into a background job
...
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Régis Hanol
64e73e98fb
FIX: allow the cooked_post_processor to download external uploads
2015-06-01 20:08:41 +02:00
Régis Hanol
61d85206ee
FIX: optimize uploaded images using lossy but very fast compression
2015-05-29 15:57:24 +02:00
Régis Hanol
e101396ea1
FEATURE: add support for device pixel ratio = 3
2015-05-28 01:48:07 +02:00
Régis Hanol
033c2e7140
FIX: respect the allow_animated_avatars site setting
2015-05-26 12:22:02 +02:00
Régis Hanol
a797f7c664
FIX: properly handle images when using 's3_cdn_url'
2015-05-26 11:47:33 +02:00
Régis Hanol
6ae9bcab56
add DistributedMutex around uploads/optimized_images creation
2015-05-12 16:45:33 +02:00
Régis Hanol
0e5c9b2590
small upload code refactor
2015-02-03 18:44:18 +01:00
Jeff Atwood
e45b3c15c3
Revert "FIX: auto orientation code causing grey images to appear blackish"
...
This reverts commit f680374820
.
2015-02-02 01:27:52 -08:00
Sam
f680374820
FIX: auto orientation code causing grey images to appear blackish
2015-01-31 18:05:50 +11:00
Régis Hanol
cd2c9edb46
FIX: 🐛 upload on IE9 wasn't working :'(
...
- FIX: make sure we set a default name to a pasted image only on Chrome (the only browser that supports it)
- FIX: use ".json" extension to uploads endpoints since IE9 doesn't pass the correct header
- FIX: pass the CSRF token in a query parameter since IE9 doesn't pass it in the headers
- FIX: display error messages comming from the server when there is one over the default error message
- FIX: HACK around IE9 security issue when clicking a file input via JavaScript (use a label and set `visibility:hidden` on the input)
- FIX: hide the "cancel" upload on IE9 since it's not supported
- FIX: return "text/plain" content-type when uploading a file for IE9 in order to prevent it from displaying the save dialog
- FIX: check the maximum file size on the server 💥
- update jQuery File Upload Plugin to v. 5.42.2
- update JQuery IFram Transport Plugin to v. 1.8.5
- update jQuery UI Widget to v. 1.11.1
2015-01-28 19:43:20 +01:00
Sam
6bed4e1bf0
add allowed_ips to api_keys
...
update annotations
2014-11-20 14:53:15 +11:00
Régis Hanol
bf666f8553
FEATURE: allow animated thumbnails
2014-11-13 23:30:34 +01:00
Régis Hanol
bdb78ce76a
FEATURE: consider SVG as an image when authorized
2014-11-03 19:54:10 +01:00
Sam
414c6d191f
FIX: remove nullable dates post upgrade to Rails 4
2014-08-27 15:19:25 +10:00
Régis Hanol
c7330ed73f
BUGFIX: errors when post-processing 'data images'
2014-07-18 17:54:18 +02:00
Régis Hanol
a52c80e2a8
FEATURE: automatic image orientation fix
2014-07-09 23:59:57 +02:00
Sam
b1d5f4440b
Annotate models
2014-05-28 12:30:57 +10:00
Louis Rose
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol
9cd8476453
REFACTOR: use an options hash instead of multiple nil-able parameters
2014-04-15 17:17:10 +02:00
Régis Hanol
542d54e6bf
BUGFIX: uploads to S3
2014-04-15 13:04:14 +02:00
Sam
862a6696c0
Correct annotations
...
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
Régis Hanol
2505d18aa9
FEATURE: support email attachments
2014-04-14 22:55:57 +02:00
Régis Hanol
6373de550f
update annotations
2014-04-08 17:35:44 +02:00
Sam
2db3cfb16b
annotate models
2013-12-05 17:40:35 +11:00
Régis Hanol
37fd7ab574
pull hotlinked images
2013-11-05 19:07:29 +01:00
Sam
5bf26ec34e
large refactor, ship a few columns from the user table into user_stats
2013-10-07 15:04:59 +11:00
Régis Hanol
cd4cda5b4c
allow users to specify thumbnail size
2013-09-27 10:57:31 +02:00
Régis Hanol
c867b67a0b
custom avatar support
2013-08-13 22:08:29 +02:00
Régis Hanol
ed9417fa3b
enable thumbnailing on S3
...
- added url to optimized image model
- refactored s3_store & local_store
2013-07-31 23:26:34 +02:00
Régis Hanol
be9217d4c8
add server-side filesize check on uploads
2013-07-24 00:54:41 +02:00
Robin Ward
ed745c3fdd
Merge pull request #1222 from ZogStriP/fix-s3-related-issues
...
Fix s3 related issues
2013-07-22 07:30:41 -07:00
Régis Hanol
649ab85740
FIX: thumbnailing wasn't working with CDN enabled
2013-07-22 00:37:23 +02:00
Régis Hanol
33977252c9
rollback to previous s3 syntax (ie. subdomains)
2013-07-20 11:30:36 +02:00
Régis Hanol
8406a4230c
FIX: click tracking on attachments wasn't working
2013-07-19 01:27:09 +02:00
Régis Hanol
5c27dd175a
make sure we handle both s3 url formats
2013-07-17 00:32:09 +02:00
Régis Hanol
7ae2fe304d
renamed s3 to s3_store
2013-07-17 00:27:52 +02:00
Régis Hanol
6f2ce93ab2
FIX: create an upload when FastImage throws an exception
...
FastImage might throw an exception when it isn't able to recognize a
file as being an image (ie. happens when users changes the extension
manually)
Also improved upload specs a lot
2013-07-13 23:42:19 +02:00
Régis Hanol
27ab5f471c
support arbitrary attachments
2013-07-10 22:59:53 +02:00
Régis Hanol
ac7253a938
refactor CookedPostProcessor & specs
2013-07-08 01:39:08 +02:00
Régis Hanol
6251935b1e
removed auto_link_images_wider_than setting
2013-07-06 22:19:16 +02:00
Robin Ward
1c18490141
Revert "cheat to fix duplicate key on thumbnails"
...
This reverts commit 0c702522c4
.
2013-07-05 16:09:43 -04:00
Sam
0c702522c4
cheat to fix duplicate key on thumbnails
2013-07-05 15:01:31 +10:00
Régis Hanol
6723ba6014
Add a list of for file uploads
2013-07-01 02:19:03 +02:00
Régis Hanol
08aa23f0ca
FIX: lightbox wasn't working when using s3 upload
2013-06-22 13:38:42 +02:00
Régis Hanol
8a751e6e44
make sure we also delete optimized images
2013-06-21 09:34:02 +02:00
Régis Hanol
4a17d6dca6
added a rake task to clean orphan uploaded files
2013-06-19 21:51:41 +02:00
Régis Hanol
ae3543872c
renamed the sha
column to the proper sha1
2013-06-17 22:16:14 +02:00
Régis Hanol
454636abf1
annotate models
2013-06-17 02:49:34 +02:00
Régis Hanol
510bac4b27
refactored a bit & tested thumbnails creation
2013-06-17 02:49:34 +02:00
Régis Hanol
cc9e0ec80a
create thumbnails when needed
2013-06-17 02:49:34 +02:00
Régis Hanol
5de03814fb
created optimized_image
model
2013-06-17 02:49:34 +02:00
Régis Hanol
2c3f757951
moved has_been_uploaded
and uploaded_regex
to the Upload
model
2013-06-17 02:49:34 +02:00
Régis Hanol
8a98310cf9
make sure we only do the work once
2013-06-17 02:49:34 +02:00
Régis Hanol
6c4554b941
identifies all uploads with the SHA1 hash of the file content
2013-06-17 02:49:33 +02:00
Régis Hanol
6ea91b4416
remove useless upload topic direct association
2013-06-17 02:49:33 +02:00
Régis Hanol
037f62928b
add proper post_uploads reverse index
2013-06-13 23:44:24 +02:00
Régis Hanol
770c1faeb1
added a reverse index of user uploads + rake task
2013-06-13 01:43:50 +02:00
Régis Hanol
8a2d635e62
removed imgur support
2013-06-11 21:51:41 +02:00
Ian Christian Myers
0d01c33482
Enabled strong_parameters across all models/controllers.
...
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.
The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.
It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Ian Christian Myers
41528f5d11
Implemented strong_parameters for Upload/UploadsController.
...
The topic_id param is now required using strong_parameters' #require method. If the parameter is missing ActionController::ParameterMissing will be raised instead of Discourse::InvalidParameters.
2013-06-05 00:55:55 -07:00
Régis Hanol
e3e55d4dad
fix image uploads on s3/imgur
2013-06-05 00:35:42 +02:00
Régis Hanol
6cc0f8f2d4
added more file uploads test for better coverage
2013-05-31 03:13:37 +02:00