From b4a0bff740b7b654bd405f27910c62a60ec58fc7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 6 Jul 2016 08:59:16 +0200 Subject: [PATCH] Some mimetype madness! --- classes/File.php | 11 +++++----- lib/default.php | 3 ++- lib/unknownmimeextensionexception.php | 30 +++++++++++++++++++++++++++ lib/util.php | 2 +- 4 files changed, 39 insertions(+), 7 deletions(-) create mode 100644 lib/unknownmimeextensionexception.php diff --git a/classes/File.php b/classes/File.php index b28f1373d6..6197539d94 100644 --- a/classes/File.php +++ b/classes/File.php @@ -304,13 +304,12 @@ class File extends Managed_DataObject $ext = common_supported_mime_to_ext($mimetype); // we do, so use it! return $ext; - } catch (Exception $e) { // FIXME: Make this exception more specific to "unknown mime=>ext relation" + } catch (UnknownMimeExtensionException $e) { // We don't know the extension for this mimetype, but let's guess. - // If we are very liberal with uploads ($config['attachments']['supported'] === true) - // then we try to do some guessing based on the filename, if it was supplied. - if (!is_null($filename) && common_config('attachments', 'supported')===true - && preg_match('/^.+\.([A-Za-z0-9]+)$/', $filename, $matches)) { + // If we can't recognize the extension from the MIME, we try + // to guess based on filename, if one was supplied. + if (!is_null($filename) && preg_match('/^.+\.([A-Za-z0-9]+)$/', $filename, $matches)) { // we matched on a file extension, so let's see if it means something. $ext = mb_strtolower($matches[1]); @@ -330,6 +329,8 @@ class File extends Managed_DataObject // the attachment extension based on its filename was not blacklisted so it's ok to use it return $ext; } + } catch (Exception $e) { + common_log(LOG_INFO, 'Problem when figuring out extension for mimetype: '._ve($e)); } // If nothing else has given us a result, try to extract it from diff --git a/lib/default.php b/lib/default.php index b3685a284c..5e711bb87c 100644 --- a/lib/default.php +++ b/lib/default.php @@ -249,6 +249,7 @@ $default = 'application/zip' => 'zip', 'application/x-go-sgf' => 'sgf', 'application/xml' => 'xml', + 'application/gpx+xml' => 'gpx', 'image/png' => 'png', 'image/jpeg' => 'jpg', 'image/gif' => 'gif', @@ -273,7 +274,7 @@ $default = 'show_thumbs' => true, // show thumbnails in notice lists for uploaded images, and photos and videos linked remotely that provide oEmbed info 'process_links' => true, // check linked resources for embeddable photos and videos; this will hit referenced external web sites when processing new messages. 'extblacklist' => [ - 'php' => 'phps', + 'php' => 'phps', // this turns .php into .phps 'exe' => false, // this would deny any uploads to keep the "exe" file extension ], ), diff --git a/lib/unknownmimeextensionexception.php b/lib/unknownmimeextensionexception.php new file mode 100644 index 0000000000..0937467d07 --- /dev/null +++ b/lib/unknownmimeextensionexception.php @@ -0,0 +1,30 @@ + + * @license https://www.gnu.org/licenses/agpl-3.0.html + * @link https://gnu.io/social + */ + +class UnknownMimeExtensionException extends ServerException +{ + public function __construct($msg=null) + { + if ($msg === null) { + // TRANS: We accept the file type (we probably just accept all files) + // TRANS: but don't know the file extension for it. + $msg = _('Supported mimetype but unknown extension relation.'); + } + + parent::__construct($msg); + } +} diff --git a/lib/util.php b/lib/util.php index a2415945f1..8d95ec2305 100644 --- a/lib/util.php +++ b/lib/util.php @@ -2016,7 +2016,7 @@ function common_supported_mime_to_ext($mimetype) { $supported = common_config('attachments', 'supported'); if ($supported === true) { - throw new ServerException('Supported mimetype but unknown extension relation.'); + throw new UnknownMimeExtensionException(); } foreach($supported as $type => $ext) { if ($mimetype === $type) {