It is now a requirement for attachments to do one of three things: 1. Have a content_type validation (e.g. "image/*") 2. Have a filename validation (e.g. *.png, *.gif) 3. Explicitly *not* have one of those validations The intent is to make the default more secure, and you have to explicitly reject the security of a validation in order to not have one.
Name |
Last commit
|
Last Update |
---|---|---|
.. | ||
attachment_content_type_validator_test.rb | Loading commit data... | |
attachment_file_name_validator_test.rb | Loading commit data... | |
attachment_presence_validator_test.rb | Loading commit data... | |
attachment_size_validator_test.rb | Loading commit data... | |
media_type_spoof_detection_validator_test.rb | Loading commit data... |