do not allow backup files

parterburn · Oct 28, 2024 · 188e9e1 · 188e9e1
1 parent f17214e
commit 188e9e1
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/app/lib/email_processor.rb b/app/lib/email_processor.rb
@@ -54,6 +54,8 @@ def process
           next if @user.id == 293 && attachment&.original_filename.to_s.downcase.include?("cropped-img-0719-300x86.jpeg")
           next if @user.id == 10836 && attachment&.original_filename.to_s.downcase.include?("b_logo.png")
           next if @user.id == 2541 && attachment&.original_filename.to_s.downcase.include?("image001.jpg")
+          next if @user.id == 20829 && attachment.content_type == "application/octet-stream"
+
           next if attachment&.original_filename.to_s.downcase.include?("linkedin_icon_circle.svg.png")
 
           if (attachment.content_type == "application/octet-stream" || attachment.content_type =~ /^image\/(png|jpe?g|webp|gif|heic|heif)$/i || attachment&.original_filename.to_s =~ /^(.+\.(heic|heif))$/i) && file_size > 20000

diff --git a/app/views/welcome/terms.html.haml b/app/views/welcome/terms.html.haml
@@ -50,6 +50,7 @@
     The Website may include forms for uploading entries and/or other interactive features that allow you to upload, post, submit, publish, display or transmit your User Content to the Dabble Me servers. You agree that all User Content must be lawful and be clear of virus or other malware. More specifically, but without limiting the foregoing, it must comply with the following Content Standards:
 
     %ul
+      %li Only image files are allowed to be attached to entries (JPEG, PNG, GIF, WEBP, HEIC, HEIF).
       %li Not send spam or otherwise distribute unsolicited messages in violation of applicable laws;
       %li Not send or store material containing software viruses, worms, Trojan horses or other harmful computer code, files, scripts, agents or programs;
       %li Not promote sexually explicit or pornographic material, violence, or discrimination based on race, sex, religion, nationality, disability, sexual orientation or age.
@@ -117,4 +118,4 @@
     %p
       We welcome any comment, question and communication at
       %span=mail_to("hello@#{ENV['MAIN_DOMAIN']}", "hello@#{ENV['MAIN_DOMAIN']}", :encode=>"hex") + "."
-    %p Last Updated: March 19th, 2017
+    %p Last Updated: March 19th, 2017