回形针 + RSpec:content_type 验证 [英] Paperclip + RSpec: content_type validation
问题描述
我在 Rails 应用程序中使用 Paperclip 来附加 图像.我将模型中 content_type 的验证声明为
I am using Paperclip in my Rails application for attaching images.
I declared validation for content_type in my model as
validates_attachment :image,
:content_type => { :content_type => ["image/jpg", "image/gif", "image/png"] }
我有两个例子,一个是有效图片,另一个是无效图片
对于无效图像,我只是将 .txt 文件重命名为 .png
I have two examples, one with a valid image and other with an invalid image
For an invalid image, i just renamed a .txt file to a .png
it "Image is valid" do
image = File.new("#{Rails.root}/spec/support/right.png")
expect(FactoryGirl.build(:pin, image: image)).to be_valid
end
it "Image is invalid" do
image = File.new("#{Rails.root}/spec/support/wrong.png")
expect(FactoryGirl.build(:pin, image: image)).to have(1).errors_on(:image_content_type)
end
我希望我的两个示例都能成功运行.但是,我的第二个例子失败了.wrong.png 的 content_type 没有任何错误.
I expected that both my examples should run successfully. BUT, my second example fails.
I don't get any error for content_type of wrong.png.
我认为 Paperclip 的 content_type 验证实际上会检查上传文件的文件格式(二进制数据编码).但似乎在这里,它只是检查文件扩展名.此验证是否仅检查上传文件的扩展名?
I thought that Paperclip's content_type validation would actually check file format(binary data encoding) of an uploaded file. BUT it seems that here, its just checking for the file extension. Does this validation only check extension of an uploaded file?
我可能在这里遗漏了一些东西(配置?).Paperclip 中是否还有其他可用的验证来实现这一点?还是在这种情况下我应该选择自定义验证器?
I maybe missing something here(configuration?). Is there any other validation available in Paperclip to achieve this? Or should I opt for a Custom Validator in this case?
推荐答案
此问题已在 2014 年 2 月 21 日 发布的 Paperclip 最新版本 4.1.1 中得到解决.
This issue is resolved in Paperclip's latest version 4.1.1 released on February 21, 2014.
it "Image is valid" do
image = File.new("#{Rails.root}/spec/support/right.png")
expect(FactoryGirl.build(:pin, image: image)).to be_valid
end
it "Image is invalid" do
image = File.new("#{Rails.root}/spec/support/wrong.png")
expect(FactoryGirl.build(:pin, image: image)).to have(1).errors_on(:image_content_type)
end
经过一番研究发现,当我上传无效图片时,
After a little bit of research found out that,
When I upload an invalid image,
例如:spoof(renamed) wrong.txt 文件为 wrong.png 并上传.
For example: spoof(renamed) wrong.txt file as wrong.png and upload.
在之前的 Paperclip 版本中,wrong.png 通过了 content_type 验证并没有给出任何错误,因为 Paperclip 只用于 <代码>检查上传文件的扩展名,而不是其中的内容.
In prior release of Paperclip, wrong.png passes the content_type validation with flying colors without giving any error because Paperclip only used to check the extensions of the uploaded file and not content within.
然而,在 Paperclip 4.1.1 的当前版本中,相同的欺骗 wrong.png 未通过验证并在视图中抛出以下错误:
Whereas, In the current release of Paperclip 4.1.1, same spoofed wrong.png fails the validation and throws the following error in view:
Image has an extension that does not match its contents
在调查服务器日志条目后,我发现了以下内容:
Upon investigating server log entries, I found the following:
命令 :: file -b --mime-type'/var/folders/tg/8sxl1vss4fb0sqtcrv3lzcfm0000gn/T/a7f21d0002b0d9d91eb158d702cd930320140317-531-swkmb8'[回形针] 内容类型欺骗:文件名错误.png (["image/png"]),从文件命令发现的内容类型:text/plain.看允许这种组合的文档.
Command :: file -b --mime-type '/var/folders/tg/8sxl1vss4fb0sqtcrv3lzcfm0000gn/T/a7f21d0002b0d9d91eb158d702cd930320140317-531-swkmb8' [paperclip] Content Type Spoof: Filename wrong.png (["image/png"]), content type discovered from file command: text/plain. See documentation to allow this combination.
在这里,您可以看到 Paperclip 实际上检查了上传文件的内容,说明 text/plain 并且还错误地指出了 Content Type Spoof.
Here, you can see that Paperclip actually checked the content of the uploaded file stating text/plain and also erred out saying Content Type Spoof.
希望我的发现能帮助其他人了解 Paperclip 的内容类型验证是如何随着时间的推移而改进的.
Hope my findings will help others to understand how Paperclip's content-type validation has improved over the time.
这篇关于回形针 + RSpec:content_type 验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
