diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2017-07-22 09:38:16 -0500 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2017-07-22 09:38:16 -0500 |
| commit | 470ba694035f77d41603d2e8c791449cb181b7d9 (patch) | |
| tree | 42e777105243f42aca5c498ff6d14a7ce7a85428 | |
| parent | 5fcaa197a77e70fbc7e7c267b5f012124f52ea5f (diff) | |
| download | rails-470ba694035f77d41603d2e8c791449cb181b7d9.tar.gz rails-470ba694035f77d41603d2e8c791449cb181b7d9.tar.bz2 rails-470ba694035f77d41603d2e8c791449cb181b7d9.zip | |
Don't need to validate transformations actually
Since they're only ever generated in signed form. Users never have direct access to dictate transformations.
| -rw-r--r-- | lib/active_storage/variation.rb | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/lib/active_storage/variation.rb b/lib/active_storage/variation.rb index 7656d73469..f7c81bb99a 100644 --- a/lib/active_storage/variation.rb +++ b/lib/active_storage/variation.rb @@ -4,11 +4,6 @@ require "active_support/core_ext/object/inclusion" class ActiveStorage::Variation class_attribute :verifier - ALLOWED_TRANSFORMATIONS = %i( - resize rotate format flip fill monochrome orient quality roll scale sharpen shave shear size thumbnail - transparent transpose transverse trim background bordercolor compress crop - ) - attr_reader :transformations class << self @@ -27,8 +22,6 @@ class ActiveStorage::Variation def transform(image) transformations.each do |(method, argument)| - next unless eligible_transformation?(method) - if eligible_argument?(argument) image.public_send(method, argument) else @@ -42,11 +35,6 @@ class ActiveStorage::Variation end private - def eligible_transformation?(method) - method.to_sym.in?(ALLOWED_TRANSFORMATIONS) - end - - # FIXME: Consider whitelisting allowed arguments as well? def eligible_argument?(argument) argument.present? && argument != true end |