misc: check uploaded image is valid before sending it back (#11276)
This commit is contained in:
parent
79215353eb
commit
0f4809b388
|
@ -1486,6 +1486,14 @@ def test_form_file_field_image_submit(pub):
|
|||
resp = app.get('/test/tempfile?t=%s&thumbnail=1' % tempfile_id)
|
||||
assert resp.content_type == 'image/png'
|
||||
|
||||
# check a fake image is not sent back
|
||||
upload = Upload('test.jpg', '<script>evil javascript</script>', 'image/jpeg')
|
||||
app = get_app(pub)
|
||||
resp = app.get('/test/')
|
||||
resp.forms[0]['f0$file'] = upload
|
||||
resp = resp.forms[0].submit('submit')
|
||||
assert not '<img alt="" src="tempfile?' in resp.body
|
||||
|
||||
def test_form_file_field_submit_wrong_mimetype(pub):
|
||||
formdef = create_formdef()
|
||||
formdef.fields = [fields.FileField(id='0', label='file')]
|
||||
|
|
|
@ -29,6 +29,11 @@ import itertools
|
|||
import hashlib
|
||||
import json
|
||||
|
||||
try:
|
||||
from PIL import Image
|
||||
except ImportError:
|
||||
Image = None
|
||||
|
||||
from storage import atomic_write
|
||||
|
||||
try:
|
||||
|
@ -690,7 +695,16 @@ class FileWithPreviewWidget(CompositeWidget):
|
|||
% (_('Remove this file'), _('remove')))
|
||||
elif temp:
|
||||
filetype = mimetypes.guess_type(temp.get('orig_filename', ''))
|
||||
include_image = False
|
||||
if filetype and filetype[0] and filetype[0].startswith('image'):
|
||||
include_image = True
|
||||
if Image:
|
||||
image_content = get_session().get_tempfile_content(self.get('token'))
|
||||
try:
|
||||
image = Image.open(image_content.fp)
|
||||
except Exception:
|
||||
include_image = False
|
||||
if include_image:
|
||||
r += htmltext('<img alt="" src="tempfile?t=%s&thumbnail=1" />' %
|
||||
self.get('token'))
|
||||
r += htmltext('</div>')
|
||||
|
|
Loading…
Reference in New Issue