Commit Graph

193 Commits

Author SHA1 Message Date
Régis Hanol
5169bcdb6e FIX: httpshttps ultra secure URLs 2016-06-30 16:55:01 +02:00
Régis Hanol
5e2545a578 FEATURE: improve support for (whitelisted) SVGs as images 2016-06-20 10:22:13 +02:00
Régis Hanol
32d253d484 remove 'crop_tall_images' site setting but keep the behavior 2016-05-23 16:42:19 +02:00
Régis Hanol
667dd54a23 FEATURE: new 'crop_tall_images' site setting 2016-05-23 16:18:30 +02:00
Guo Xiang Tan
0634834009 Some fixes related to optimized images (#4233)
* FIX: No need to manually include relation.

* FIX: OR instead of chaining relation.
2016-05-20 09:12:25 +02:00
Régis Hanol
df14926e42 SECURITY: check magic bytes before using ImageMagick tools 2016-05-03 21:54:07 +02:00
Régis Hanol
be5a54d67d FEATURE: new 'allow_all_attachments_for_group_messages' site setting 2016-02-29 22:39:24 +01:00
Sam
32c681c96b annotate models 2016-02-23 10:33:53 +11:00
Régis Hanol
4d981cec53 FIX: don't try to optimize large PNGs (takes too much time) 2016-02-22 12:57:24 +01:00
Régis Hanol
a9099f9e23 SECURITY: ensure we never accept fake images 2015-12-21 16:08:14 +01:00
Régis Hanol
09bfe49254 FIX: don't automagically downsize uploaded images that are larger than 10MB
FIX: don't optimize GIFs since ImageOption was disabled for GIFs (too slow)
2015-11-26 18:16:47 +01:00
Régis Hanol
fb62a7c0c3 FIX: only downsize user card & profile backgrounds 2015-09-24 21:04:06 +02:00
Régis Hanol
a3831a7003 FIX: uploading an animated user card/profile background was converted to a still image 2015-09-20 22:01:03 +02:00
Régis Hanol
93f9dcfcec FIX: don't overwrite custom uploaded avatar when selecting gravatar
FIX: remove unecessary serialized fields
2015-09-11 15:10:56 +02:00
Sam
cd8d82aa31 correct file size and add note about impending breakage of image_optim 2015-09-10 14:37:46 +10:00
Régis Hanol
d456460d33 FIX: don't butcher GIFs
Use 'gifsicle' instead of 'convert' to resize & optimize GIFs

FIX: don't even try to fix GIFs orientation
FIX: use 'allow_animated_thumbnails' site setting for user profile backgrounds & user cards
2015-07-22 17:10:42 +02:00
Régis Hanol
b0802abae2 FIX: crop & optimize user background profile/card images 2015-07-15 17:15:43 +02:00
Gerhard Schlager
2e8838a0cd FIX: Disable validation during thumbnail creation 2015-06-27 01:26:16 +02:00
Régis Hanol
bc9fd2c46d don't silence these errors 2015-06-12 20:11:23 +02:00
Régis Hanol
189cb3ff12 FEATURE: move migrate_to_new_scheme into a background job
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Régis Hanol
64e73e98fb FIX: allow the cooked_post_processor to download external uploads 2015-06-01 20:08:41 +02:00
Régis Hanol
61d85206ee FIX: optimize uploaded images using lossy but very fast compression 2015-05-29 15:57:24 +02:00
Régis Hanol
e101396ea1 FEATURE: add support for device pixel ratio = 3 2015-05-28 01:48:07 +02:00
Régis Hanol
033c2e7140 FIX: respect the allow_animated_avatars site setting 2015-05-26 12:22:02 +02:00
Régis Hanol
a797f7c664 FIX: properly handle images when using 's3_cdn_url' 2015-05-26 11:47:33 +02:00
Régis Hanol
6ae9bcab56 add DistributedMutex around uploads/optimized_images creation 2015-05-12 16:45:33 +02:00
Régis Hanol
0e5c9b2590 small upload code refactor 2015-02-03 18:44:18 +01:00
Jeff Atwood
e45b3c15c3 Revert "FIX: auto orientation code causing grey images to appear blackish"
This reverts commit f680374820.
2015-02-02 01:27:52 -08:00
Sam
f680374820 FIX: auto orientation code causing grey images to appear blackish 2015-01-31 18:05:50 +11:00
Régis Hanol
cd2c9edb46 FIX: 🐛 upload on IE9 wasn't working :'(
- FIX: make sure we set a default name to a pasted image only on Chrome (the only browser that supports it)
- FIX: use ".json" extension to uploads endpoints since IE9 doesn't pass the correct header
- FIX: pass the CSRF token in a query parameter since IE9 doesn't pass it in the headers
- FIX: display error messages comming from the server when there is one over the default error message
- FIX: HACK around IE9 security issue when clicking a file input via JavaScript (use a label and set `visibility:hidden` on the input)
- FIX: hide the "cancel" upload on IE9 since it's not supported
- FIX: return "text/plain" content-type when uploading a file for IE9 in order to prevent it from displaying the save dialog
- FIX: check the maximum file size on the server 💥
- update jQuery File Upload Plugin to v. 5.42.2
- update JQuery IFram Transport Plugin to v. 1.8.5
- update jQuery UI Widget to v. 1.11.1
2015-01-28 19:43:20 +01:00
Sam
6bed4e1bf0 add allowed_ips to api_keys
update annotations
2014-11-20 14:53:15 +11:00
Régis Hanol
bf666f8553 FEATURE: allow animated thumbnails 2014-11-13 23:30:34 +01:00
Régis Hanol
bdb78ce76a FEATURE: consider SVG as an image when authorized 2014-11-03 19:54:10 +01:00
Sam
414c6d191f FIX: remove nullable dates post upgrade to Rails 4 2014-08-27 15:19:25 +10:00
Régis Hanol
c7330ed73f BUGFIX: errors when post-processing 'data images' 2014-07-18 17:54:18 +02:00
Régis Hanol
a52c80e2a8 FEATURE: automatic image orientation fix 2014-07-09 23:59:57 +02:00
Sam
b1d5f4440b Annotate models 2014-05-28 12:30:57 +10:00
Louis Rose
1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol
9cd8476453 REFACTOR: use an options hash instead of multiple nil-able parameters 2014-04-15 17:17:10 +02:00
Régis Hanol
542d54e6bf BUGFIX: uploads to S3 2014-04-15 13:04:14 +02:00
Sam
862a6696c0 Correct annotations
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
Régis Hanol
2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
Régis Hanol
6373de550f update annotations 2014-04-08 17:35:44 +02:00
Sam
2db3cfb16b annotate models 2013-12-05 17:40:35 +11:00
Régis Hanol
37fd7ab574 pull hotlinked images 2013-11-05 19:07:29 +01:00
Sam
5bf26ec34e large refactor, ship a few columns from the user table into user_stats 2013-10-07 15:04:59 +11:00
Régis Hanol
cd4cda5b4c allow users to specify thumbnail size 2013-09-27 10:57:31 +02:00
Régis Hanol
c867b67a0b custom avatar support 2013-08-13 22:08:29 +02:00
Régis Hanol
ed9417fa3b enable thumbnailing on S3
- added url to optimized image model
- refactored s3_store & local_store
2013-07-31 23:26:34 +02:00
Régis Hanol
be9217d4c8 add server-side filesize check on uploads 2013-07-24 00:54:41 +02:00
Robin Ward
ed745c3fdd Merge pull request #1222 from ZogStriP/fix-s3-related-issues
Fix s3 related issues
2013-07-22 07:30:41 -07:00
Régis Hanol
649ab85740 FIX: thumbnailing wasn't working with CDN enabled 2013-07-22 00:37:23 +02:00
Régis Hanol
33977252c9 rollback to previous s3 syntax (ie. subdomains) 2013-07-20 11:30:36 +02:00
Régis Hanol
8406a4230c FIX: click tracking on attachments wasn't working 2013-07-19 01:27:09 +02:00
Régis Hanol
5c27dd175a make sure we handle both s3 url formats 2013-07-17 00:32:09 +02:00
Régis Hanol
7ae2fe304d renamed s3 to s3_store 2013-07-17 00:27:52 +02:00
Régis Hanol
6f2ce93ab2 FIX: create an upload when FastImage throws an exception
FastImage might throw an exception when it isn't able to recognize a
file as being an image (ie. happens when users changes the extension
manually)

Also improved upload specs a lot
2013-07-13 23:42:19 +02:00
Régis Hanol
27ab5f471c support arbitrary attachments 2013-07-10 22:59:53 +02:00
Régis Hanol
ac7253a938 refactor CookedPostProcessor & specs 2013-07-08 01:39:08 +02:00
Régis Hanol
6251935b1e removed auto_link_images_wider_than setting 2013-07-06 22:19:16 +02:00
Robin Ward
1c18490141 Revert "cheat to fix duplicate key on thumbnails"
This reverts commit 0c702522c4.
2013-07-05 16:09:43 -04:00
Sam
0c702522c4 cheat to fix duplicate key on thumbnails 2013-07-05 15:01:31 +10:00
Régis Hanol
6723ba6014 Add a list of for file uploads 2013-07-01 02:19:03 +02:00
Régis Hanol
08aa23f0ca FIX: lightbox wasn't working when using s3 upload 2013-06-22 13:38:42 +02:00
Régis Hanol
8a751e6e44 make sure we also delete optimized images 2013-06-21 09:34:02 +02:00
Régis Hanol
4a17d6dca6 added a rake task to clean orphan uploaded files 2013-06-19 21:51:41 +02:00
Régis Hanol
ae3543872c renamed the sha column to the proper sha1 2013-06-17 22:16:14 +02:00
Régis Hanol
454636abf1 annotate models 2013-06-17 02:49:34 +02:00
Régis Hanol
510bac4b27 refactored a bit & tested thumbnails creation 2013-06-17 02:49:34 +02:00
Régis Hanol
cc9e0ec80a create thumbnails when needed 2013-06-17 02:49:34 +02:00
Régis Hanol
5de03814fb created optimized_image model 2013-06-17 02:49:34 +02:00
Régis Hanol
2c3f757951 moved has_been_uploaded and uploaded_regex to the Upload model 2013-06-17 02:49:34 +02:00
Régis Hanol
8a98310cf9 make sure we only do the work once 2013-06-17 02:49:34 +02:00
Régis Hanol
6c4554b941 identifies all uploads with the SHA1 hash of the file content 2013-06-17 02:49:33 +02:00
Régis Hanol
6ea91b4416 remove useless upload topic direct association 2013-06-17 02:49:33 +02:00
Régis Hanol
037f62928b add proper post_uploads reverse index 2013-06-13 23:44:24 +02:00
Régis Hanol
770c1faeb1 added a reverse index of user uploads + rake task 2013-06-13 01:43:50 +02:00
Régis Hanol
8a2d635e62 removed imgur support 2013-06-11 21:51:41 +02:00
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Ian Christian Myers
41528f5d11 Implemented strong_parameters for Upload/UploadsController.
The topic_id param is now required using strong_parameters' #require method. If the parameter is missing ActionController::ParameterMissing will be raised instead of Discourse::InvalidParameters.
2013-06-05 00:55:55 -07:00
Régis Hanol
e3e55d4dad fix image uploads on s3/imgur 2013-06-05 00:35:42 +02:00
Régis Hanol
6cc0f8f2d4 added more file uploads test for better coverage 2013-05-31 03:13:37 +02:00
Sam
ca2dee52db moved comments to the bottom, they are way less intrusive there 2013-05-24 12:48:32 +10:00
Sam
2cd95bc649 lets try out annotations 2013-05-24 12:35:14 +10:00
Régis Hanol
dca2fbcefc add meaningful error message on upload [fixes #773] 2013-04-27 20:26:17 +02:00
Shane Liesegang
42fdbe2fb6 Fixing Amazon uploads to not be hardcoded to https
Amazon S3 uploads are currently hardcoded to use https, where they should probably use whatever protocol the rest of the site is using. Removing the protocol and just using "//" links should accomplish that.
2013-04-19 22:05:51 -03:00
Régis Hanol
1692350336 added some tests for uploads 2013-04-07 17:52:46 +02:00
Wojciech Kocjan
0481fbae8c Fix for reply to user avatar and picture uploading not working when editing post with discourse running in a prefix 2013-04-05 12:46:14 +02:00
Régis Hanol
0aff5042e5 FIX: S3 image upload 2013-03-30 17:56:25 +01:00
Gosha Arinich
6e5399d544 minor cleanup, using AR querying DSL over raw SQL in some places 2013-02-28 21:54:12 +03:00
Neil Lalonde
68f32af240 User hashed name for local uploads instead of 'blob' 2013-02-14 12:08:37 -05:00
Jakub Arnold
61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00