- 05 Jun, 2015 2 commits
-
-
Tute Costa committed
-
Thanks to MORI Shingo of DeNA Co., Ltd. for reporting this. There is an issue where if an HTML file is uploaded with a .html extension, but the content type is listed as being `image/jpeg`, this will bypass a validation checking for images. But it will also pass the spoof check, because a file named .html and containing actual HTML passes the spoof check. This change makes it so that we also check the supplied content type. So even if the file contains HTML and ends with .html, it doesn't match the content type of `image/jpeg` and so it fails.
Jon Yurek committed
-
- 09 Dec, 2014 1 commit
-
-
Jon Yurek committed
-
- 08 Dec, 2014 3 commits
-
-
Jon Yurek committed
-
Added manual installation instructions for `file.exe` on Windows
Richard Peck committed -
Ahmad Sherif committed
-
- 05 Dec, 2014 8 commits
-
-
Turns out that between fog 1.22.0 and fog 1.25.0, there was a change to how fog builds S3 expiring URLs. This changes to test to be the common point between the two versions. All we need to do here is make sure that the expiring URL is being constructed. In the process, this also updates all the appraisal-generated Gemfiles. Also, in the process, this meant I had to take away the builder version restriction. This was put in so that `bundle`ing wouldn't take forever, but I'm unsire whether this needed to happen with this version or if builder just needed to be separate from the Gemfile. I'm commimtting this and asking the people who reported the problem. If you don't see a revet commit, everything was fine.
Jon Yurek committed -
During the fixing of the previous commit, the tests broken. Turns out that between fog 1.22.0 and fog 1.25.0, there was a change to how fog builds S3 expiring URLs. This changes to test to be the common point between the two versions. All we need to do here is make sure that the expiring URL is being constructed. In the process, this also updates all the appraisal-generated Gemfiles. Also, in the process, this meant I had to take away the builder version restriction. This was put in so that `bundle`ing wouldn't take forever, but I'm unsire whether this needed to happen with this version or if builder just needed to be separate from the Gemfile. I'm commimtting this and asking the people who reported the problem. If you don't see a revet commit, everything was fine.
Jon Yurek committed -
soramugi committed
-
``` paperclip $ rspec spec/paperclip/integration_spec.rb --profile 1 Testing against version 4.1.7 .........................[deprecated] I18n.enforce_available_locales will default to true in the future. If you really want to skip validation of your locale you can set I18n.enforce_available_locales = false to avoid this message. ......... Finished in 15.19 seconds (files took 0.60155 seconds to load) 34 examples, 0 failures Top 1 slowest examples (9.54 seconds, 62.8% of total time): Paperclip Many models at once does not exceed the open file limit 9.54 seconds ./spec/paperclip/integration_spec.rb:18 ``` to ``` paperclip $ rspec spec/paperclip/integration_spec.rb --profile 1 Testing against version 4.1.7 .........................[deprecated] I18n.enforce_available_locales will default to true in the future. If you really want to skip validation of your locale you can set I18n.enforce_available_locales = false to avoid this message. ......... Finished in 10.95 seconds (files took 0.59585 seconds to load) 34 examples, 0 failures Top 1 slowest examples (5.33 seconds, 48.7% of total time): Paperclip Many models at once does not exceed the open file limit 5.33 seconds ./spec/paperclip/integration_spec.rb:18 ``` at trim indent
soramugi committed -
Jon Yurek committed
-
- 14 Nov, 2014 1 commit
-
- 07 Nov, 2014 1 commit
-
-
Including + now.
Jon Yurek committed
-
- 24 Oct, 2014 2 commits
-
-
Jon Yurek committed
-
Many people have complained that the Media Type Spoof Detection does not work properly for their files. While whitelisting is available for some files, it's not a general solution. This option leaves the "secure by default" of the media checker in place, but allows people to turn it off completely if they so choose.
Jon Yurek and Nathan Walls committed
-
- 25 Sep, 2014 4 commits
-
-
Jon Yurek committed
-
Column-specific options can be specified by using its name, for example: ``` t.attachment :avatar, created_at: { index: true } ```
Keitaroh Kobayashi committed -
Fix: Typo in README
Jon Yurek committed -
Update README.md
Jon Yurek committed
-
- 22 Sep, 2014 1 commit
-
-
Added a security shield from Hakiri. It shows how secure gem dependencies are.
Vasily Vasinov committed
-
- 18 Sep, 2014 1 commit
-
-
Maxime Garcia committed
-
- 15 Sep, 2014 6 commits
- 13 Sep, 2014 3 commits
- 12 Sep, 2014 4 commits
-
-
Add Simplified Chinese (zh-CN) translation.
Jon Yurek committed -
Add Traditional Chinese (zh-TW) translation.
Jon Yurek committed -
Strech (Sergey Fedorov) committed
-
Add explicit unlink to intermediate files from processors.
lister committed
-
- 04 Sep, 2014 2 commits
-
-
Juanito Fatas committed
-
Juanito Fatas committed
-
- 30 Aug, 2014 1 commit
-
-
Po Chen committed
-