mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2025-03-19 03:51:04 +00:00
MediaService: Only allow upload of common image formats and PDFs
Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
parent
ed142815e3
commit
ffef4425f5
1 changed files with 16 additions and 2 deletions
|
@ -26,8 +26,22 @@ export class MediaService {
|
|||
}
|
||||
|
||||
private static isAllowedMimeType(mimeType: string): boolean {
|
||||
//TODO: Which mimetypes are allowed?
|
||||
return true;
|
||||
const allowedTypes = [
|
||||
'application/pdf',
|
||||
'image/apng',
|
||||
'image/bmp',
|
||||
'image/gif',
|
||||
'image/heif',
|
||||
'image/heic',
|
||||
'image/heif-sequence',
|
||||
'image/heic-sequence',
|
||||
'image/jpeg',
|
||||
'image/png',
|
||||
'image/svg+xml',
|
||||
'image/tiff',
|
||||
'image/webp',
|
||||
];
|
||||
return allowedTypes.includes(mimeType);
|
||||
}
|
||||
|
||||
public async saveFile(file: MulterFile, username: string, noteId: string) {
|
||||
|
|
Loading…
Reference in a new issue