diff options
author | Yannick Bungers | 2021-03-29 23:14:53 +0200 |
---|---|---|
committer | GitHub | 2021-03-29 23:14:53 +0200 |
commit | 1534d7029bf82c74d5b927e8b179a763ccb1cae4 (patch) | |
tree | bdec869173acdfabbb0afa603a6e3db9deae3465 /lib | |
parent | 3a60f069cb85f4a1ffbcd19f8ef33073b98994d9 (diff) | |
parent | 5dbe99b4c7b8e136ebc6f05b6b618f044bfd4358 (diff) |
Merge pull request #1079 from hedgedoc/fix/mimeTypes
Diffstat (limited to '')
-rw-r--r-- | lib/config/index.js | 2 | ||||
-rw-r--r-- | lib/web/imageRouter/index.js | 19 |
2 files changed, 17 insertions, 4 deletions
diff --git a/lib/config/index.js b/lib/config/index.js index 17c13f5f..48e61b6c 100644 --- a/lib/config/index.js +++ b/lib/config/index.js @@ -179,7 +179,6 @@ switch (config.imageUploadType) { config.allowedUploadMimeTypes = [ 'image/jpeg', 'image/png', - 'image/jpg', 'image/gif' ] break @@ -187,7 +186,6 @@ switch (config.imageUploadType) { config.allowedUploadMimeTypes = [ 'image/jpeg', 'image/png', - 'image/jpg', 'image/gif', 'image/svg+xml' ] diff --git a/lib/web/imageRouter/index.js b/lib/web/imageRouter/index.js index 0a72c65c..ee123867 100644 --- a/lib/web/imageRouter/index.js +++ b/lib/web/imageRouter/index.js @@ -7,6 +7,7 @@ const FileType = require('file-type') const fs = require('fs') const os = require('os') const rimraf = require('rimraf') +const isSvg = require('is-svg') const config = require('../../config') const logger = require('../../logger') @@ -15,12 +16,26 @@ const errors = require('../../errors') const imageRouter = (module.exports = Router()) async function checkUploadType (filePath) { - const typeFromMagic = await FileType.fromFile(filePath) + const extension = path.extname(filePath).toLowerCase() + let typeFromMagic = await FileType.fromFile(filePath) + if (extension === '.svg' && (typeFromMagic === undefined || typeFromMagic.mime === 'application/xml')) { + const fileContent = fs.readFileSync(filePath) + if (isSvg(fileContent)) { + typeFromMagic = { + ext: 'svg', + mime: 'image/svg+xml' + } + } + } if (typeFromMagic === undefined) { logger.error('Image upload error: Could not determine MIME-type') return false } - if (path.extname(filePath) !== '.' + typeFromMagic.ext) { + // .jpeg, .jfif, .jpe files are identified by FileType to have the extension jpg + if (['.jpeg', '.jfif', '.jpe'].includes(extension) && typeFromMagic.ext === 'jpg') { + typeFromMagic.ext = extension.substr(1) + } + if (extension !== '.' + typeFromMagic.ext) { logger.error( 'Image upload error: Provided file extension does not match MIME-type' ) |