diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-18 15:09:15 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-18 15:09:15 +0300 |
commit | 0637ba1e6e9024f35b2cbf561d9002ec17350bb3 (patch) | |
tree | 960cebf0e892710c1b40f25e249d04aaf8f9b868 /lib/gitlab/email | |
parent | 4720b569f0fcbb47e9f1a60e95172ae63b6f065a (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/email')
-rw-r--r-- | lib/gitlab/email/attachment_uploader.rb | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/lib/gitlab/email/attachment_uploader.rb b/lib/gitlab/email/attachment_uploader.rb index 0a14a909e31..d8962ec0d20 100644 --- a/lib/gitlab/email/attachment_uploader.rb +++ b/lib/gitlab/email/attachment_uploader.rb @@ -12,7 +12,7 @@ module Gitlab def execute(upload_parent:, uploader_class:) attachments = [] - message.attachments.each do |attachment| + filter_signature_attachments(message).each do |attachment| tmp = Tempfile.new("gitlab-email-attachment") begin File.open(tmp.path, "w+b") { |f| f.write attachment.body.decoded } @@ -32,6 +32,22 @@ module Gitlab attachments end + + private + + # If this is a signed message (e.g. S/MIME or PGP), remove the signature + # from the uploaded attachments + def filter_signature_attachments(message) + attachments = message.attachments + + if message.content_type&.starts_with?('multipart/signed') + signature_protocol = message.content_type_parameters[:protocol] + + attachments.delete_if { |attachment| attachment.content_type.starts_with?(signature_protocol) } if signature_protocol.present? + end + + attachments + end end end end |