mirror/ditto
mirror/ditto
1
0
Fork 0
mirror of https://gitlab.com/soapbox-pub/ditto.git synced 2025-12-06 03:19:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make media analyze optional (disabled by default)

Browse source
This commit is contained in:
Alex Gleason 2024-11-07 11:18:39 -06:00
parent 721fe52142
commit f987effc15
No known key found for this signature in database
GPG key ID: 7211D1F99744FBB7
2 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/config.ts
View file

@ -201,6 +201,13 @@ class Conf {
return value;
}
/**
* Whether to analyze media metadata with [blurhash](https://www.npmjs.com/package/blurhash) and [sharp](https://www.npmjs.com/package/sharp).
* This is prone to security vulnerabilities, which is why it's not enabled by default.
*/
static get mediaAnalyze(): boolean {
return optionalBooleanSchema.parse(Deno.env.get('MEDIA_ANALYZE')) ?? false;
}
/** Max upload size for files in number of bytes. Default 100MiB. */
static get maxUploadSize(): number {
return Number(Deno.env.get('MAX_UPLOAD_SIZE') || 100 * 1024 * 1024);

4
src/utils/upload.ts
View file

@ -57,7 +57,9 @@ export async function uploadFile(
tags.push(['m', file.type]);
}
if (!blurhash || !dim) {
// If the uploader didn't already, try to get a blurhash and media dimensions.
// This requires `MEDIA_ANALYZE=true` to be configured because it comes with security tradeoffs.
if (Conf.mediaAnalyze && (!blurhash || !dim)) {
try {
const bytes = await new Response(file.stream()).bytes();
const img = sharp(bytes);