Uploaded image for project: 'MusicBrainz Server'
  1. MusicBrainz Server
  2. MBS-6620

Don't accept unsupported images or files which aren't images



    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2013-08-05
    • Component/s: None
    • Labels:


      I realise that the images don't pass through MB's servers, so I assume this request will need forwarding to the IA.

      While we do check for JPEG file extensions, this has proven to be insufficient. See CAA-23 for a list of what I found in the first few weeks (PNGs, TIFFs, BMPs and HTML files so far).

      There are several reasons why it happens:

      • The image was taken from a site which served it with the wrong extension.
      • The user changed the file extension, thinking that that would convert the file.
      • The image was saved from a site which embedded it in a HTML page (or from web.archive.org and their bloody interstitial pages)
      • The user changed the file extension just to get around the filter.

      In the first two cases, the user has no reason to believe that the image is not a JPEG and in the last case, the user doesn't care, so I think a technical solution is the only option.

      The way I would expect it to work is that when someone uploads a file, if it's not acceptable, instead saving the image and printing the code that submits the edit, it wouldn't save the image and would instead print an error with a link to a help page.

      Once we add GIF/PNG support, this could also be used to automatically change the extension, so that if someone uploads a PNG as foo.jpg, it's accepted but changed to foo.png.


          Issue Links



              • Assignee:
                warp Kuno Woudt
                nikki nikki
              • Votes:
                1 Vote for this issue
                0 Start watching this issue


                • Due:


                  Version Package