Commit Graph

57 Commits

Author SHA1 Message Date
Sam
15b5fddd49 SECURITY: protect upload params, only allow very strict filenames 2016-12-19 10:16:18 +11:00
Robin Ward
af83c8dc14 Upload Logos Step 2016-09-22 09:52:19 -04:00
Régis Hanol
6dac9075dc new 'convert_pasted_images_quality' site setting 2016-07-27 19:59:44 +02:00
Régis Hanol
be099bb637 only convert pasted images to HQ jpg when it's at least 5% smaller 2016-07-27 19:55:13 +02:00
Régis Hanol
749b981759 FEATURE: new 'convert_pasted_images_to_hq_jpg' site setting 2016-07-25 23:01:28 +02:00
Régis Hanol
7fca6f502f fix and improve image downsizing algorithm 2016-06-20 12:35:07 +02:00
Régis Hanol
a5d8dfb07e FIX: don't hardcode maximum file size 2016-04-06 22:51:28 +02:00
Régis Hanol
4d981cec53 FIX: don't try to optimize large PNGs (takes too much time) 2016-02-22 12:57:24 +01:00
Jeff Atwood
e1f90d12f1 formally remove IE9 support 2016-01-02 23:49:52 -08:00
Régis Hanol
09bfe49254 FIX: don't automagically downsize uploaded images that are larger than 10MB
FIX: don't optimize GIFs since ImageOption was disabled for GIFs (too slow)
2015-11-26 18:16:47 +01:00
Régis Hanol
16f509afb9 FIX: enforce 'allow_uploaded_avatars' & 'sso_overrides_avatar' server-side 2015-11-12 10:26:45 +01:00
Régis Hanol
d541018bb2 FIX: automagic image downsizing wasn't working for GIFs... 2015-11-09 15:09:08 +01:00
Régis Hanol
a3831a7003 FIX: uploading an animated user card/profile background was converted to a still image 2015-09-20 22:01:03 +02:00
Régis Hanol
4c2df814de FIX: ensure a file is present when creating an upload 2015-08-18 11:39:51 +02:00
Régis Hanol
827ea641b0 FIX: Use File.size instead of IO.size 2015-08-17 18:57:28 +02:00
Régis Hanol
ffbaf8c542 FEATURE: automatically downsize large images 2015-08-12 18:33:13 +02:00
Sam
0c267e5952 maintain exact old behavior 2015-07-24 09:44:16 +10:00
Sam
719f558746 multisite fix, allow show through (security is handled in the controller) 2015-07-24 09:41:46 +10:00
Régis Hanol
b0802abae2 FIX: crop & optimize user background profile/card images 2015-07-15 17:15:43 +02:00
Konstantin Ilchenko
131cf643ce FIX: Allow api to send uploads with :url 2015-06-21 14:54:59 +03:00
Régis Hanol
1ac3941130 FEATURE: allow API to upload files synchronously 2015-06-15 16:12:15 +02:00
Régis Hanol
0483f05154 make sure we pass in the user_id when creating avatar thumbnails 2015-05-29 18:11:19 +02:00
Sam
bb3fb37650 FIX: when uploading same file was pasted into multiple composers 2015-05-28 15:08:54 +10:00
Régis Hanol
992154533f remove debugging letfovers 2015-05-26 20:08:19 +02:00
Régis Hanol
85d4d3223c FIX: crop avatars on the server instead of the client
FIX: support for dots in S3 bucket names
2015-05-26 15:54:25 +02:00
Régis Hanol
bb0c2813ac FEATURE: generate (avatar) thumbnails in a background task
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar

PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Régis Hanol
bcd98c8f0f FIX: API can provide a URL to create an upload 2015-05-20 17:38:06 +02:00
Régis Hanol
8d967d9065 FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread 2015-05-20 16:45:48 +02:00
Régis Hanol
7d3b7a5657 fix the build 2015-05-20 15:32:31 +02:00
Régis Hanol
b44488b618 FIX: keep to old attachment route 2015-05-20 14:55:42 +02:00
Sam
e5888cf090 PERF: avoid preloading json in cases where it is not needed
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Régis Hanol
9ded21e4c6 FIX: consistent and future-proof upload storage pattern 2015-05-19 12:31:12 +02:00
Régis Hanol
0e5c9b2590 small upload code refactor 2015-02-03 18:44:18 +01:00
Régis Hanol
cd2c9edb46 FIX: 🐛 upload on IE9 wasn't working :'(
- FIX: make sure we set a default name to a pasted image only on Chrome (the only browser that supports it)
- FIX: use ".json" extension to uploads endpoints since IE9 doesn't pass the correct header
- FIX: pass the CSRF token in a query parameter since IE9 doesn't pass it in the headers
- FIX: display error messages comming from the server when there is one over the default error message
- FIX: HACK around IE9 security issue when clicking a file input via JavaScript (use a label and set `visibility:hidden` on the input)
- FIX: hide the "cancel" upload on IE9 since it's not supported
- FIX: return "text/plain" content-type when uploading a file for IE9 in order to prevent it from displaying the save dialog
- FIX: check the maximum file size on the server 💥
- update jQuery File Upload Plugin to v. 5.42.2
- update JQuery IFram Transport Plugin to v. 1.8.5
- update jQuery UI Widget to v. 1.11.1
2015-01-28 19:43:20 +01:00
Sam
4fc3834dd6 FEATURE: allow inline disposition on uploads
when linking an upload allow ?inline=1 to display upload inline
2014-11-13 08:50:55 +11:00
Sam
58eabb03e5 FEATURE: api support for arbitrary unlinked assets
admins can set retain periods for assets
2014-09-23 16:50:17 +10:00
Régis Hanol
eb34ecfc0c FEATURE: new 'prevent anons from download files' site setting 2014-09-09 18:41:13 +02:00
Sam
03c8f09be8 PERF: finalize porting to new incoming links structure 2014-08-04 16:43:57 +10:00
Sam
40af9ce612 FIX: do not store incoming links on avatars or uploads 2014-07-25 15:10:06 +10:00
Sam
ca4c72e648 BUGFIX: 500 error on some invalid uploads 2014-05-14 10:51:09 +10:00
Louis Rose
1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol
9cd8476453 REFACTOR: use an options hash instead of multiple nil-able parameters 2014-04-15 17:17:10 +02:00
Régis Hanol
542d54e6bf BUGFIX: uploads to S3 2014-04-15 13:04:14 +02:00
Régis Hanol
2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
Sam
3830f41e5f BUGFIX: attachments bust under multisite 2014-03-25 10:37:31 +11:00
Régis Hanol
7e7d951152 do not pull hotlinked images when max_image_size_kb == 0 2013-11-13 17:30:48 +01:00
Régis Hanol
45b838009c proper content-disposition header when downloading attachments 2013-09-06 19:23:56 +02:00
Régis Hanol
be9217d4c8 add server-side filesize check on uploads 2013-07-24 00:54:41 +02:00
Régis Hanol
5ce05ff5cb adds the max_attachment_size_kb setting
so that we can specify a different max upload size for attachments and images.
2013-07-16 02:01:36 +02:00
Régis Hanol
27ab5f471c support arbitrary attachments 2013-07-10 22:59:53 +02:00