mirror of
https://github.com/codeninjasllc/discourse.git
synced 2024-11-23 15:48:43 -05:00
FEATURE: new email attachment blacklists site settings
This commit is contained in:
parent
cb809784df
commit
e92f5e4fbf
5 changed files with 24 additions and 5 deletions
|
@ -109,6 +109,14 @@ class SiteSetting < ActiveRecord::Base
|
|||
def self.email_polling_enabled?
|
||||
SiteSetting.manual_polling_enabled? || SiteSetting.pop3_polling_enabled?
|
||||
end
|
||||
|
||||
def self.attachment_content_type_blacklist_regex
|
||||
@attachment_content_type_blacklist_regex ||= Regexp.union(SiteSetting.attachment_content_type_blacklist.split("|"))
|
||||
end
|
||||
|
||||
def self.attachment_filename_blacklist_regex
|
||||
@attachment_filename_blacklist_regex ||= Regexp.union(SiteSetting.attachment_filename_blacklist.split("|"))
|
||||
end
|
||||
end
|
||||
|
||||
# == Schema Information
|
||||
|
|
|
@ -1218,6 +1218,9 @@ en:
|
|||
bounce_score_threshold_deactivate: "Max bounce score before we will deactivate a user."
|
||||
reset_bounce_score_after_days: "Automatically reset bounce score after X days."
|
||||
|
||||
attachment_content_type_blacklist: "List of keywords used to blacklist attachments based on the content type."
|
||||
attachment_filename_blacklist: "List of keywords used to blacklist attachments based on the filename."
|
||||
|
||||
manual_polling_enabled: "Push emails using the API for email replies."
|
||||
pop3_polling_enabled: "Poll via POP3 for email replies."
|
||||
pop3_polling_ssl: "Use SSL while connecting to the POP3 server. (Recommended)"
|
||||
|
|
|
@ -630,6 +630,12 @@ email:
|
|||
default: 2
|
||||
min: 2
|
||||
reset_bounce_score_after_days: 30
|
||||
attachment_content_type_blacklist:
|
||||
type: list
|
||||
default: "pkcs7"
|
||||
attachment_filename_blacklist:
|
||||
type: list
|
||||
default: "smime.p7s|signature.asc"
|
||||
|
||||
|
||||
files:
|
||||
|
|
|
@ -436,11 +436,14 @@ module Email
|
|||
raise InvalidPostAction.new(e)
|
||||
end
|
||||
|
||||
|
||||
|
||||
def create_post_with_attachments(options={})
|
||||
# deal with attachments
|
||||
@mail.attachments.each do |attachment|
|
||||
# always strip S/MIME signatures
|
||||
next if attachment.content_type == "application/pkcs7-mime".freeze
|
||||
# strip blacklisted attachments (mostly signatures)
|
||||
next if attachment.content_type =~ SiteSetting.attachment_content_type_blacklist_regex
|
||||
next if attachment.filename =~ SiteSetting.attachment_filename_blacklist_regex
|
||||
|
||||
tmp = Tempfile.new("discourse-email-attachment")
|
||||
begin
|
||||
|
|
|
@ -5,10 +5,9 @@ module Validators; end
|
|||
class Validators::UploadValidator < ActiveModel::Validator
|
||||
|
||||
def validate(upload)
|
||||
# allow all attachments except S/MIME signatures
|
||||
# cf. https://meta.discourse.org/t/strip-s-mime-signatures/46371
|
||||
# check the attachment blacklist
|
||||
if upload.is_attachment_for_group_message && SiteSetting.allow_all_attachments_for_group_messages
|
||||
return upload.original_filename != "smime.p7s".freeze
|
||||
return upload.original_filename =~ SiteSetting.attachment_filename_blacklist_regex
|
||||
end
|
||||
|
||||
extension = File.extname(upload.original_filename)[1..-1] || ""
|
||||
|
|
Loading…
Reference in a new issue