LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

chore: Security Improvements to the API (#2893)

Browse Source 
- Devise auth tokens are reset on password update
- Avatar attachment file type is limited to jpeg,gif and png
- Avatar attachment file size is limited to 15 mb
- Widget Message attachments are limited to types ['image/png', 'image/jpeg', 'image/gif', 'image/bmp', 'image/tiff', 'application/pdf', 'audio/mpeg', 'video/mp4', 'audio/ogg', 'text/csv']
- Widget Message attachments are limited to 40Mb size limit.
This commit is contained in:
Sojan Jose
2021-09-01 15:08:05 +05:30
committed by GitHub
parent 06d8916341
commit 6fdd4a2996
9 changed files with 60 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/helpers/file_type_helper.rb
View File

@@ -3,12 +3,12 @@ module FileTypeHelper
return :image if [
'image/jpeg',
'image/png',
'image/svg+xml',
'image/gif',
'image/tiff',
'image/bmp'
].include?(content_type)
return :video if content_type.include?('video/')
return :audio if content_type.include?('audio/')
:file