Do not allow GIF previews #57

New Issue

Closed

opened 2024-03-19 12:08:27 +01:00 by Pablo Vazquez · 3 comments

Pablo Vazquez commented 2024-03-19 12:08:27 +01:00

Owner

Copy Link

Animated previews should be videos, which have better compression, playback controls.

• Disable GIF upload (2b4bd79a34)
• Write guidelines about animated GIF/PNG/WebP not supported

Animated previews should be videos, which have better compression, playback controls. - [x] Disable GIF upload (2b4bd79a34) - [ ] Write guidelines about animated GIF/PNG/WebP not supported

Pablo Vazquez added the

Type

Enhancement

Priority

High

labels 2024-03-19 12:08:27 +01:00

Anna Sirota commented 2024-04-04 12:19:35 +02:00

Owner

Copy Link

While looking into this noticed that TIFFs are allowed as well, so will assume for now that we only want to allow JPG and PNG for images, and MP4 for videos.

While looking into this noticed that TIFFs are allowed as well, so will assume for now that we only want to allow JPG and PNG for images, and MP4 for videos.

Anna Sirota self-assigned this 2024-04-04 12:19:44 +02:00

Greg Zaal commented 2024-04-04 13:24:48 +02:00

Copy Link

WEBP is my preferred format for web images, and what most image optimizers default to. The same or better compression as JPG, transparency supported, and works in all browsers.

WEBP is my preferred format for web images, and what most image optimizers default to. The same or better compression as JPG, transparency supported, and [works in all browsers](https://caniuse.com/webp).

👍 1

Anna Sirota commented 2024-04-04 16:28:05 +02:00

Owner

Copy Link

I mistyped the issue number in the commit >_<, so will reference it here: 2b4bd79a34

This commit changes the preview upload form to filter everything except JPEG, PNG, WebP and MP4, and adds server-side checks based on file extension and libmagic expecting the same formats.
This effectively disables GIF uploads, but not animated PNG or WebP, because libmagic doesn't distinguish between animated and single-image ones, from what I can tell. If this becomes a problem in the future, we could use something else (PIL? our own way to guess by magic bytes?) to identify them though, but for now I left it as is.

I mistyped the issue number in the commit >_<, so will reference it here: https://projects.blender.org/infrastructure/extensions-website/commit/2b4bd79a34e0edcc59ee04e69a3de4312e61613e This commit changes the preview upload form to filter everything except JPEG, PNG, WebP and MP4, and adds server-side checks based on file extension and `libmagic` expecting the same formats. This effectively disables GIF uploads, but not animated PNG or WebP, because `libmagic` doesn't distinguish between animated and single-image ones, from what I can tell. If this becomes a problem in the future, we could use something else (PIL? our own way to guess by magic bytes?) to identify them though, but for now I left it as is.

🎉 1

Pablo Vazquez closed this issue 2024-04-04 17:19:04 +02:00

Dalai Felinto referenced this issue 2024-04-08 11:50:51 +02:00

Extensions Website - Backend Road to Beta #70

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

production

ui/web-assets-component-nav-pills

ui/notifications-refactor

hz

pr-error-messages-safe

filter-sort

ui/filter-dropdown

ui/web-assets-nav-global-upgrade

tos-flatpage

fix-thumbnails-edit

more-logging-context

20240826-100937

20240605-112418

20240604-112216

20240604-103837

20240603-091659

20240509-162312

20240509-160002

20240508-232058

20240508-221524

20240508-205611

20240425-132150

20240425-131144

20240425-102931

20240422-134616

20240422-084341

20240419-153008

20240419-150441

20240419-142636

20240419-103659

20240419-101459

20240419-091152

20240419-090459

20240418-155811

20240415-103440

20240411-125734

20240411-084629

20240405-171720

20240404-143833

20240404-073026

20240404-065215

20240402-155921

Labels

Clear labels   

Priority

Critical

The priority is critical

  

Priority

High

The priority is high

  

Priority

Low

The priority is low

  

Priority

Normal

The priority is medium

  

Reviewed

Confirmed

Issue has been confirmed

  

Reviewed

Duplicate

This issue or pull request already exists

  

Reviewed

Invalid

Invalid issue

  

Reviewed

Won't Fix

This issue won't be fixed

  

Status

Abandoned

Somebody has started to work on this but abandoned work

  

Status

Blocked

Something is blocking this issue or pull request

  

Status

Need More Info

Feedback is required to reproduce issue or to continue work

  

Type

Breaking

Breaking change that won't be backward compatible

  

Type

Documentation

Documentation changes

  

Type

Enhancement

Improve existing functionality

  

Type

Feature

New functionality

  

Type

Report

Something is not working

  

Type

Security

This is security issue

  

Type

Suggestion

New ideas and proposals

  

Type

Testing

Issue or pull request related to testing

No Label

Priority

Critical

Priority

High

Priority

Low

Priority

Normal

Reviewed

Confirmed

Reviewed

Duplicate

Reviewed

Invalid

Reviewed

Won't Fix

Status

Abandoned

Status

Blocked

Status

Need More Info

Type

Breaking

Type

Documentation

Type

Enhancement

Type

Feature

Type

Report

Type

Security

Type

Suggestion

Type

Testing

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

Anna Sirota

3 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: infrastructure/extensions-website#57

No description provided.