diff options
| author | Yorick Peterse <yorickpeterse@gmail.com> | 2016-08-12 17:19:17 +0200 |
|---|---|---|
| committer | Yorick Peterse <yorickpeterse@gmail.com> | 2016-08-15 13:42:52 +0200 |
| commit | 8171544b3d44df6ce810aa436bf87d137bc9b28f (patch) | |
| tree | afbc14ae86b9c002a4d58e6ad273b22711ab770d /app/models/blob.rb | |
| parent | 30f5b9a5b711b46f1065baf755e413ceced5646b (diff) | |
| download | gitlab-ce-8171544b3d44df6ce810aa436bf87d137bc9b28f.tar.gz | |
Limit the size of SVGs when viewing them as blobssvg-render-size-limit
This ensures that SVGs greater than 2 megabytes are not scrubbed and
rendered. This in turn prevents requests from timing out due to
reading/scrubbing large SVGs potentially taking a lot of time (and
memory). The use of 2 megabytes is completely arbitrary.
Fixes gitlab-org/gitlab-ce#1435
Diffstat (limited to 'app/models/blob.rb')
| -rw-r--r-- | app/models/blob.rb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/app/models/blob.rb b/app/models/blob.rb index 0df2805e448..12cc5aaafba 100644 --- a/app/models/blob.rb +++ b/app/models/blob.rb @@ -3,6 +3,9 @@ class Blob < SimpleDelegator CACHE_TIME = 60 # Cache raw blobs referred to by a (mutable) ref for 1 minute CACHE_TIME_IMMUTABLE = 3600 # Cache blobs referred to by an immutable reference for 1 hour + # The maximum size of an SVG that can be displayed. + MAXIMUM_SVG_SIZE = 2.megabytes + # Wrap a Gitlab::Git::Blob object, or return nil when given nil # # This method prevents the decorated object from evaluating to "truthy" when @@ -31,6 +34,10 @@ class Blob < SimpleDelegator text? && language && language.name == 'SVG' end + def size_within_svg_limits? + size <= MAXIMUM_SVG_SIZE + end + def video? UploaderHelper::VIDEO_EXT.include?(extname.downcase.delete('.')) end |