You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi @markevans, I'm hoping you can help me figure out a plan to solve this thorny issue :)
I have a generic file store that uses plugin :imagemagick so that I can transform images if they're detected as such, but it's an open ended store, so users can upload any kind of file there. Unfortunately imagemagick chokes when you ask it to identify a mp4 file. A user uploaded a 200MB mp4 and imagemagick proceeded to use up 15GB of disk space and crash the machine.
I know there are ways to limit all of those side effects but I think the best thing would be to add a pre-check to ensure we're dealing only with real images before invoking identify. Imagemagick seems to be capable of processing video files but at great cost, so it's probably worth skipping in this case.
Initial thoughts were to run something like file --mime-type -b video.mp4 and check the type there, or perhaps there's a Ruby equivalent that's better suited and safer.
Hi @markevans, I'm hoping you can help me figure out a plan to solve this thorny issue :)
I have a generic file store that uses
plugin :imagemagickso that I can transform images if they're detected as such, but it's an open ended store, so users can upload any kind of file there. Unfortunately imagemagick chokes when you ask it to identify a mp4 file. A user uploaded a 200MB mp4 and imagemagick proceeded to use up 15GB of disk space and crash the machine.I know there are ways to limit all of those side effects but I think the best thing would be to add a pre-check to ensure we're dealing only with real images before invoking
identify. Imagemagick seems to be capable of processing video files but at great cost, so it's probably worth skipping in this case.Initial thoughts were to run something like
file --mime-type -b video.mp4and check the type there, or perhaps there's a Ruby equivalent that's better suited and safer.Would this be the best place for it?
dragonfly/lib/dragonfly/image_magick/plugin.rb
Lines 43 to 49 in 788e739
And finally, is this just something I can override myself by adding something like this to my dragonfly configuration?
The text was updated successfully, but these errors were encountered: