From f098e6d3d2c8eaaec0a228c8a3ae01f770e15dd2 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Mon, 6 Apr 2020 03:09:23 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 lib/gitlab/email/attachment_uploader.rb | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'lib')

diff --git a/lib/gitlab/email/attachment_uploader.rb b/lib/gitlab/email/attachment_uploader.rb
index d8962ec0d20..70e281fd4a3 100644
--- a/lib/gitlab/email/attachment_uploader.rb
+++ b/lib/gitlab/email/attachment_uploader.rb
@@ -39,15 +39,22 @@ module Gitlab
       # from the uploaded attachments
       def filter_signature_attachments(message)
         attachments = message.attachments
+        content_type = normalize_mime(message.content_type)
+        protocol = normalize_mime(message.content_type_parameters[:protocol])
 
-        if message.content_type&.starts_with?('multipart/signed')
-          signature_protocol = message.content_type_parameters[:protocol]
-
-          attachments.delete_if { |attachment| attachment.content_type.starts_with?(signature_protocol) } if signature_protocol.present?
+        if content_type == 'multipart/signed' && protocol
+          attachments.delete_if { |attachment| protocol == normalize_mime(attachment.content_type) }
         end
 
         attachments
       end
+
+      # normalizes mime-type ignoring case and removing extra data
+      # also removes potential "x-" prefix from subtype, since some MUAs mix them
+      # e.g. "application/x-pkcs7-signature" with "application/pkcs7-signature"
+      def normalize_mime(content_type)
+        MIME::Type.simplified(content_type, remove_x_prefix: true)
+      end
     end
   end
 end
-- 
cgit v1.2.3