sam/foxnouns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

limit allowed content types for avatar input

Browse source
This commit is contained in:
sam 2024-03-29 17:12:50 +01:00
parent 0e54722eef
commit 437c93463d
Signed by: sam
GPG key ID: B4EF20DDE721CAA1
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
foxnouns/tasks.py
View file

@ -29,8 +29,9 @@ def convert_avatar(uri: str) -> bytes:
if not uri.startswith("data:image/"): if not uri.startswith("data:image/"):
raise ValueError("Not a data URI") raise ValueError("Not a data URI")
content_type, encoded = uri.removeprefix("data:").split("base64,", 1) content_type, encoded = uri.removeprefix("data:").split(";base64,", 1)
logger.info(f"{content_type=}") if content_type not in ["image/png", "image/webp", "image/jpeg"]:
raise ValueError("Invalid content type for image")
img = pyvips.Image.thumbnail_buffer( img = pyvips.Image.thumbnail_buffer(
base64.b64decode(encoded), base64.b64decode(encoded),