From 9decd32cf86e9f05cae7065b662797d61f2409ca Mon Sep 17 00:00:00 2001 From: Miguel de Moura Date: Sun, 29 Apr 2018 21:36:12 +0100 Subject: [PATCH] Add screenshot MIME type setting --- README.md | 27 ++++++++++++++------------- server/config.php.example | 3 ++- server/upload.php | 5 +++-- 3 files changed, 19 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 2a09680..4a79225 100644 --- a/README.md +++ b/README.md @@ -58,25 +58,26 @@ If an external file is found, Myazo extends the default config with the provided * Example Config: `client/config.php.example` * Placement Path: `~/.config/myazo/config.ini` (`~` refers to the user directory) -| Key | Default | Description | -|-------------------|----------------------------------------|-----------------------------------------------------| -| upload_script | 'https://myazo.example.com/upload.php' | Full path to the upload.php file | -| secret | 'hunter2' | Secret token | -| clear_metadata | True | Controls clearing screenshot metadata before upload | -| open_browser | True | Controls open url in default browser after upload | -| copy_clipboard | True | Controls copy url to clipboard after upload | -| output_url | True | Controls print url to stdout after upload | +| Key | Default | Description | +|--------------------|----------------------------------------|-----------------------------------------------------| +| upload_script | 'https://myazo.example.com/upload.php' | Full path to the upload.php file | +| secret | 'hunter2' | Secret token | +| clear_metadata | True | Controls clearing screenshot metadata before upload | +| open_browser | True | Controls open url in default browser after upload | +| copy_clipboard | True | Controls copy url to clipboard after upload | +| output_url | True | Controls print url to stdout after upload | ### Server * Example Config: `server/config.php.example` * Placement Path: `config.php` (relative to `upload.php`) -| Key | Default | Description | -|-------------------|----------------------------------------|-----------------------------------------------------| -| secretBcrypt | '' | Bcrypt hashed secret | -| saveDirName | '/data/' | Writable directory where screenshots will be stored | -| maxScreenshotSize | 2 * 1048576 | Maximum size in bytes of uploaded screenshot | +| Key | Default | Description | +|--------------------|----------------------------------------|-----------------------------------------------------| +| secretBcrypt | '' | Bcrypt hashed secret | +| saveDirName | '/data/' | Writable directory where screenshots will be stored | +| maxScreenshotSize | 2 * 1048576 | Maximum size in bytes of uploaded screenshot | +| screenshotMimeType | 'image/png' | MIME type of uploaded screenshot | Please note that `maxScreenshotSize` may be capped externally by PHP and the web server. diff --git a/server/config.php.example b/server/config.php.example index aa3c0b1..05edb52 100644 --- a/server/config.php.example +++ b/server/config.php.example @@ -3,5 +3,6 @@ return [ 'secretBcrypt' => '', 'saveDirName' => '/data/', - 'maxScreenshotSize' => 2 * 1048576 + 'maxScreenshotSize' => 2 * 1048576, + 'screenshotMimeType' => 'image/png' ]; diff --git a/server/upload.php b/server/upload.php index ca27d4d..5c527d5 100644 --- a/server/upload.php +++ b/server/upload.php @@ -5,7 +5,8 @@ [ 'secretBcrypt' => '', 'saveDirName' => '/data/', - 'maxScreenshotSize' => 2 * 1048576 + 'maxScreenshotSize' => 2 * 1048576, + 'screenshotMimeType' => 'image/png' ], file_exists('./config.php') ? include_once('./config.php') : [] ); @@ -26,7 +27,7 @@ $screenshot['error'] !== UPLOAD_ERR_OK || // Verify size and mime type $screenshot['size'] > $config['maxScreenshotSize'] || - mime_content_type($screenshot['tmp_name']) !== 'image/png' + mime_content_type($screenshot['tmp_name']) !== $config['screenshotMimeType'] ) { http_response_code(422); exit();