web/forgejo
10
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-06-04 17:34:49 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

Attachments: Add extension support, allow all types for releases (#12465)

Browse source 
* Attachments: Add extension support, allow all types for releases

- Add support for file extensions, matching the `accept` attribute of `<input type="file">`
- Add support for type wildcard mime types, e.g. `image/*`
- Create repository.release.ALLOWED_TYPES setting (default unrestricted)
- Change default for attachment.ALLOWED_TYPES to a list of extensions
- Split out POST /attachments into two endpoints for issue/pr and
  releases to prevent circumvention of allowed types check

Fixes: https://github.com/go-gitea/gitea/pull/10172
Fixes: https://github.com/go-gitea/gitea/issues/7266
Fixes: https://github.com/go-gitea/gitea/pull/12460
Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers

* rename function

* extract GET routes out of RepoMustNotBeArchived

Co-authored-by: Lauris BH <lauris@nix.lv>
This commit is contained in:
silverwind 2020-10-05 07:49:33 +02:00 committed by GitHub
parent 67a5573310
commit cda44750cb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
26 changed files with 497 additions and 226 deletions
Download patch file Download diff file Expand all files Collapse all files

2
integrations/attachment_test.go
View file

@ -43,7 +43,7 @@ func createAttachment(t *testing.T, session *TestSession, repoURL, filename stri
csrf := GetCSRF(t, session, repoURL)
req := NewRequestWithBody(t, "POST", "/attachments", body)
req := NewRequestWithBody(t, "POST", repoURL+"/issues/attachments", body)
req.Header.Add("X-Csrf-Token", csrf)
req.Header.Add("Content-Type", writer.FormDataContentType())
resp := session.MakeRequest(t, req, expectedStatus)