-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
6 0 1 fog retries #2
base: master
Are you sure you want to change the base?
Conversation
Before the error message was sometimes millions of characters long. > [paperclip] Content Type Spoof: Filename a.csv > (application/octet-stream from Headers, > [#<MIME::Type::Columnar:0x007f9f90f89fa8 > @container=#<MIME::Types:0x007f9f90b09d98 ... snip millions of > characters of output here ...>], @content_type="text/csv", > @raw_media_type="text", @raw_sub_type="csv", @simplified="text/csv", > @i18n_key="text.csv", @media_type="text", @sub_type="csv", > @extensions=["csv"]>] from Extension), content type discovered from > file command: application/zip. See documentation to allow this > combination. Now becomes: > [paperclip] Content Type Spoof: Filename a.csv > (application/octet-stream from Headers, > ["text/comma-separated-values", "text/csv"] from Extension), content > type discovered from file command: application/zip. See documentation > to allow this combination. [fixes thoughtbot#2017]
Add context from: thoughtbot#2021 [ci skip]
added the comma in line 54
* Regression fix * Add specs for intermediate_files var in Paperclip::Attachment [fixes thoughtbot#1908]
by using the attachment name (symbol) and Class as keys we reduce the number of Strings created before hitting the cache
this commit primarily uses frozen strings to reduce object creation during interpolation. the :basename method now uses File.basename(file, ".*") rather than a Regexp. basename may be called multiple times.
the name string is used multiple times in interpolation so storing it reduces object creation
something in aruba 0.10.x is breaking the cucumber specs
Resolve broken CI tests due to upstream gem changes
Inspected by https://github.com/dkhamsing/frankenstein [ci skip]
something in aruba 0.10.x is breaking the cucumber specs
…g_v4.3 Cache interpolator methods and reduce memory allocations - rebased on v4.3
Includes memory usage adjustments. Conflicts: lib/paperclip/storage/s3.rb
Fix merge problem with S3 storage
Update README with version requirement for aws-sdk
…f 'ActiveRecord' solo
v4.3.2 is a different tree than `master`, which is now targeting v5. Thank you both for this commit and merge, but I'll revert it: paperclip v4.3.2 doesn't include AWS v2 support. This reverts commit 9b33fc0. [ci skip]
This cause to erease previous image when the id change to above `999_999_999`, for example: ``` 2.3.6 :010 > id => 1000602578 2.3.6 :011 > ("%09d".freeze % id).scan(/\d{3}/).join("/".freeze) => "100/060/257" ```
Since the support version is Ruby 2.0 or later, magic comment is unnecessary. > The UTF-8 default encoding, which make many magic comments omissible https://www.ruby-lang.org/en/news/2013/02/24/ruby-2-0-0-p0-is-released/
e.g., the way google stores its user profile photos (from their oauth2 API) https://lh3.googleusercontent.com/-aRHQV4YjnBM/AAAAAAAAAAI/AAAAAAAAAAo/ngSjy9-yR5c/photo.jpg
Encountered an issue where the URI was returning header with content-disposition where the filename value wasn't enclosed in the double quotes. Turns out that this is a valid grammar according to RFC6266. Also made the logic more robust to account for spaces and uppercase letters.
This validation was causing issue when there is no content_type column in the database, as the content type of the attachment would be empty. There should be no need to check attachment's validity because this `#reprocess!` method is running internally on the server. Fix thoughtbot#2078
While using the Paperclip gem, we noticed during some ad-hoc testing that if you do not supply an extension when uploading a file, Paperclip effectively skipped it's spoofing check, which allowed potentially dangerous files to slip through into your application. This addresses that by moving the checks around a little bit and only testing against the extension when there is one.
As described in thoughtbot#2118, `OpenURI::Meta#content_type` will return `application/octet-stream` when no `content-type` header is set. Using the original `meta` fixes this issue.
In an effort to avoid filling $TMPDIR with stray files, let's close all Tempfiles after we are done with them. Additionally, add an around-filter to each test in the integration suite to catch cases where we don't do this. This exposes issues around re-processing a subset of our attached files: it leaves Tempfiles around. Mark that test as skipped (with a detailed explanation) because we cannot figure out how to make it work. Related to thoughtbot#1326.
The 4 byte limit is starting to wrap around; some complaints are being seen online, e.g. https://stackoverflow.com/questions/34477248/rails-paperclip-rangeerror/47999887#47999887 . Use `#sql_type` instead of `#type` in the tests. The `#type` is the category -- string, integer, datetime -- but the `#sql_type` is the storage specifics -- `TEXT`, `VARCHAR`, `BIGINT`, `DATE. Switch to the `#sql_type` so we can be sure it's being stored correctly.
As before: use `#sql_type` instead of `#type` in the tests. The `#type` is the category -- string, integer, datetime -- but the `#sql_type` is the storage specifics -- `TEXT`, `VARCHAR`, `BIGINT`, `DATE. Switch to the `#sql_type` so we can be sure it's being stored correctly.
Just add fog_retries: 2 to your paperclip config.
Beware not to delete the corresponding branch as long as it is referenced as paperclip source in Teezily app gemfile |
@ehoffmann I suppose the TZ gemfile does not point anymore to that fog version ? |
@pimpin this branch is still referenced in TZ's Gemfile. Please check with @pinchtools. |
Thanks @ehoffmann . @pinchtools I'll keep it as it for now. |
This PR is not expected to be merged.
It's allows review process and is a kind of protection against accidental branch deletion.
Indeed, the 6_0_1_fog_retries branch is candidate to be sourced as a branch on Teezily all gemfile https://github.com/teezily/teezily/blob/staging/Gemfile#L137