diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-05 09:12:06 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-05 09:12:06 +0000 |
commit | 0c5dab41b6baec548aaea06cb9b545c87b489678 (patch) | |
tree | 85703a98675f4bcf4fdcd145f6bf1891b58e9c8f /app/uploaders | |
parent | acda833a93d5372cdb11b50d01dc14620a451496 (diff) | |
download | gitlab-ce-0c5dab41b6baec548aaea06cb9b545c87b489678.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/uploaders')
-rw-r--r-- | app/uploaders/avatar_uploader.rb | 4 | ||||
-rw-r--r-- | app/uploaders/design_management/design_v432x230_uploader.rb | 4 | ||||
-rw-r--r-- | app/uploaders/favicon_uploader.rb | 8 |
3 files changed, 8 insertions, 8 deletions
diff --git a/app/uploaders/avatar_uploader.rb b/app/uploaders/avatar_uploader.rb index 73dafaefb41..ac7b05bc7ea 100644 --- a/app/uploaders/avatar_uploader.rb +++ b/app/uploaders/avatar_uploader.rb @@ -6,7 +6,7 @@ class AvatarUploader < GitlabUploader include ObjectStorage::Concern prepend ObjectStorage::Extension::RecordsUploads - MIME_WHITELIST = %w[image/png image/jpeg image/gif image/bmp image/tiff image/vnd.microsoft.icon].freeze + MIME_ALLOWLIST = %w[image/png image/jpeg image/gif image/bmp image/tiff image/vnd.microsoft.icon].freeze def exists? model.avatar.file && model.avatar.file.present? @@ -29,7 +29,7 @@ class AvatarUploader < GitlabUploader end def content_type_whitelist - MIME_WHITELIST + MIME_ALLOWLIST end private diff --git a/app/uploaders/design_management/design_v432x230_uploader.rb b/app/uploaders/design_management/design_v432x230_uploader.rb index ba48f381bbd..975050c26e4 100644 --- a/app/uploaders/design_management/design_v432x230_uploader.rb +++ b/app/uploaders/design_management/design_v432x230_uploader.rb @@ -20,13 +20,13 @@ module DesignManagement # # We currently choose not to resize `image/svg+xml` for security reasons. # See https://gitlab.com/gitlab-org/gitlab/issues/207740#note_302766171 - MIME_TYPE_WHITELIST = %w(image/png image/jpeg image/bmp image/gif).freeze + MIME_TYPE_ALLOWLIST = %w(image/png image/jpeg image/bmp image/gif).freeze process resize_to_fit: [432, 230] # Allow CarrierWave to reject files without correct mimetypes. def content_type_whitelist - MIME_TYPE_WHITELIST + MIME_TYPE_ALLOWLIST end # Override `GitlabUploader` and always return false, otherwise local diff --git a/app/uploaders/favicon_uploader.rb b/app/uploaders/favicon_uploader.rb index c9be55e001c..a21b21de101 100644 --- a/app/uploaders/favicon_uploader.rb +++ b/app/uploaders/favicon_uploader.rb @@ -1,15 +1,15 @@ # frozen_string_literal: true class FaviconUploader < AttachmentUploader - EXTENSION_WHITELIST = %w[png ico].freeze - MIME_WHITELIST = %w[image/png image/vnd.microsoft.icon].freeze + EXTENSION_ALLOWLIST = %w[png ico].freeze + MIME_ALLOWLIST = %w[image/png image/vnd.microsoft.icon].freeze def extension_whitelist - EXTENSION_WHITELIST + EXTENSION_ALLOWLIST end def content_type_whitelist - MIME_WHITELIST + MIME_ALLOWLIST end private |