[openstreetmap/openstreetmap-website] Upload profile picture with standard image formats (#3097)
notifications at github.com
Tue Feb 16 08:41:10 UTC 2021
Do you have any evidence that this is creating a security hole? That we're somehow handling those files in a way that is impacting security?
At the very least there are obvious extensions like BMP, TIFF and SVG missing, all of which I am pretty sure that people are using.
Better would be to ask the storage pipeline if it is able to handle the file as an image.
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the rails-dev