Add changelog entry for 5c96b4c and a test for desired logging behaviour to prevent regressions.

Excessive logging can fill up disk space and become a denial of service attack, see https://cwe.mitre.org/data/definitions/779.html

NEWS

@@ -12,6 +12,7 @@ master:
 
 5.0.0.beta1 (2015-03-13):
 
+* Bug Fix: megabytes of mime-types info in logs when a spoofed media type is detected.
 * Drop support to end-of-life'd ruby 2.0.
 * Drop support for end-of-life'd Rails 3.2 and 4.1
 * Drop support for AWS v1

spec/paperclip/media_type_spoof_detector_spec.rb

@@ -44,9 +44,18 @@ describe Paperclip::MediaTypeSpoofDetector do
     end
   end
 
-  it "rejects a file if named .html and is as HTML, but we're told JPG" do
-    file = File.open(fixture_file("empty.html"))
-    assert Paperclip::MediaTypeSpoofDetector.using(file, "empty.html", "image/jpg").spoofed?
+  context "file named .html and is as HTML, but we're told JPG" do
+    let(:file) { File.open(fixture_file("empty.html")) }
+    let(:spoofed?) { Paperclip::MediaTypeSpoofDetector.using(file, "empty.html", "image/jpg").spoofed? }
+
+    it "rejects the file" do
+      assert spoofed?
+    end
+
+    it "logs info about the detected spoof" do
+      Paperclip.expects(:log).with('Content Type Spoof: Filename empty.html (image/jpg from Headers, ["text/html"] from Extension), content type discovered from file command: text/html. See documentation to allow this combination.')
+      spoofed?
+    end
   end
 
   it "does not reject if content_type is empty but otherwise checks out" do