Commit f1ed0661 by Ben Pickles Committed by Tute Costa

Don't allow trailing newlines in various checks. (#2266)

There's a subtle difference between what `\Z` and `\z` consider the "end
of string" which is that the uppercase version allows a single trailing
newline:

```
/\Afoo\Z/.match("foo\n")

/\Afoo\Z/.match("foo\n\n")

/\Afoo\z/.match("foo\n")
```
parent 09d6bb78
...@@ -199,7 +199,7 @@ Quick Start ...@@ -199,7 +199,7 @@ Quick Start
```ruby ```ruby
class User < ActiveRecord::Base class User < ActiveRecord::Base
has_attached_file :avatar, styles: { medium: "300x300>", thumb: "100x100>" }, default_url: "/images/:style/missing.png" has_attached_file :avatar, styles: { medium: "300x300>", thumb: "100x100>" }, default_url: "/images/:style/missing.png"
validates_attachment_content_type :avatar, content_type: /\Aimage\/.*\Z/ validates_attachment_content_type :avatar, content_type: /\Aimage\/.*\z/
end end
``` ```
...@@ -417,7 +417,7 @@ class ActiveRecord::Base ...@@ -417,7 +417,7 @@ class ActiveRecord::Base
# Validate content type # Validate content type
validates_attachment_content_type :avatar, content_type: /\Aimage/ validates_attachment_content_type :avatar, content_type: /\Aimage/
# Validate filename # Validate filename
validates_attachment_file_name :avatar, matches: [/png\Z/, /jpe?g\Z/] validates_attachment_file_name :avatar, matches: [/png\z/, /jpe?g\z/]
# Explicitly do not validate # Explicitly do not validate
do_not_validate_attachment_file_type :avatar do_not_validate_attachment_file_type :avatar
end end
......
...@@ -141,7 +141,7 @@ module Paperclip ...@@ -141,7 +141,7 @@ module Paperclip
# It's possible, though unlikely, that the mime type is not in the # It's possible, though unlikely, that the mime type is not in the
# database, so just use the part after the '/' in the mime type as the # database, so just use the part after the '/' in the mime type as the
# extension. # extension.
%r{/([^/]*)\Z}.match(attachment.content_type)[1] %r{/([^/]*)\z}.match(attachment.content_type)[1]
end end
end end
......
...@@ -48,7 +48,7 @@ module Paperclip ...@@ -48,7 +48,7 @@ module Paperclip
end unless defined?(Fog) end unless defined?(Fog)
base.instance_eval do base.instance_eval do
unless @options[:url].to_s.match(/\A:fog.*url\Z/) unless @options[:url].to_s.match(/\A:fog.*url\z/)
@options[:path] = @options[:path].gsub(/:url/, @options[:url]).gsub(/\A:rails_root\/public\/system\//, '') @options[:path] = @options[:path].gsub(/:url/, @options[:url]).gsub(/\A:rails_root\/public\/system\//, '')
@options[:url] = ':fog_public_url' @options[:url] = ':fog_public_url'
end end
...@@ -58,7 +58,7 @@ module Paperclip ...@@ -58,7 +58,7 @@ module Paperclip
end end
end end
AWS_BUCKET_SUBDOMAIN_RESTRICTON_REGEX = /\A(?:[a-z]|\d(?!\d{0,2}(?:\.\d{1,3}){3}\Z))(?:[a-z0-9]|\.(?![\.\-])|\-(?![\.])){1,61}[a-z0-9]\Z/ AWS_BUCKET_SUBDOMAIN_RESTRICTON_REGEX = /\A(?:[a-z]|\d(?!\d{0,2}(?:\.\d{1,3}){3}\z))(?:[a-z0-9]|\.(?![\.\-])|\-(?![\.])){1,61}[a-z0-9]\z/
def exists?(style = default_style) def exists?(style = default_style)
if original_filename if original_filename
......
...@@ -147,7 +147,7 @@ module Paperclip ...@@ -147,7 +147,7 @@ module Paperclip
@s3_server_side_encryption = @options[:s3_server_side_encryption] @s3_server_side_encryption = @options[:s3_server_side_encryption]
end end
unless @options[:url].to_s.match(/\A:s3.*url\Z/) || @options[:url] == ":asset_host".freeze unless @options[:url].to_s.match(/\A:s3.*url\z/) || @options[:url] == ":asset_host".freeze
@options[:path] = path_option.gsub(/:url/, @options[:url]).sub(/\A:rails_root\/public\/system/, "".freeze) @options[:path] = path_option.gsub(/:url/, @options[:url]).sub(/\A:rails_root\/public\/system/, "".freeze)
@options[:url] = ":s3_path_url".freeze @options[:url] = ":s3_path_url".freeze
end end
......
...@@ -36,7 +36,7 @@ module Paperclip ...@@ -36,7 +36,7 @@ module Paperclip
options = attributes.extract_options!.dup options = attributes.extract_options!.dup
Paperclip::Validators.constants.each do |constant| Paperclip::Validators.constants.each do |constant|
if constant.to_s =~ /\AAttachment(.+)Validator\Z/ if constant.to_s =~ /\AAttachment(.+)Validator\z/
validator_kind = $1.underscore.to_sym validator_kind = $1.underscore.to_sym
if options.has_key?(validator_kind) if options.has_key?(validator_kind)
......
...@@ -31,8 +31,8 @@ describe Paperclip::Validators do ...@@ -31,8 +31,8 @@ describe Paperclip::Validators do
before do before do
rebuild_class rebuild_class
Dummy.validates_attachment :avatar, file_type_ignorance: true, file_name: [ Dummy.validates_attachment :avatar, file_type_ignorance: true, file_name: [
{ matches: /\A.*\.jpe?g\Z/i, message: :invalid_extension }, { matches: /\A.*\.jpe?g\z/i, message: :invalid_extension },
{ matches: /\A.{,8}\..+\Z/i, message: [:too_long, count: 8] }, { matches: /\A.{,8}\..+\z/i, message: [:too_long, count: 8] },
] ]
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment