diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-22 00:08:57 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-22 00:08:57 +0300 |
commit | a6c2be7cd20a9515b347e72d63c5b47bb9b79457 (patch) | |
tree | 568212b4debeb2a35bb1133209b98e1468d9ee85 /lib/gitlab/file_type_detection.rb | |
parent | 74a2d57b337034cfdcd719615e4da06643b69114 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/file_type_detection.rb')
-rw-r--r-- | lib/gitlab/file_type_detection.rb | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/lib/gitlab/file_type_detection.rb b/lib/gitlab/file_type_detection.rb index e052792675a..475d50e37bf 100644 --- a/lib/gitlab/file_type_detection.rb +++ b/lib/gitlab/file_type_detection.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -# The method `filename` must be defined in classes that use this module. +# The method `filename` must be defined in classes that mix in this module. # # This module is intended to be used as a helper and not a security gate # to validate that a file is safe, as it identifies files only by the @@ -35,6 +35,13 @@ module Gitlab DANGEROUS_VIDEO_EXT = [].freeze # None, yet DANGEROUS_AUDIO_EXT = [].freeze # None, yet + def self.extension_match?(filename, extensions) + return false unless filename.present? + + extension = File.extname(filename).delete('.') + extensions.include?(extension.downcase) + end + def image? extension_match?(SAFE_IMAGE_EXT) end @@ -74,10 +81,7 @@ module Gitlab private def extension_match?(extensions) - return false unless filename - - extension = File.extname(filename).delete('.') - extensions.include?(extension.downcase) + ::Gitlab::FileTypeDetection.extension_match?(filename, extensions) end end end |