Paperclip 4 has an enhancement to detect MediaType Spoofing.
I’m with them, security is good and it’s better something like this is integrated.
But it was a change that you cannot turn off and when it does not work, you’ve got to live with it.
In my case:
- Tests started failing, even when type was correctly set
- The command that was executed did not work / was not found (did not look deeper into it)
- SWFUpload and Paperclip and Spoofing Detection did not seem to work together.
So till it can be officially turned off (found an issue where it seems they want to integrate this) i came up with this as an solution:
module SpoofingFix
def self.included(base)
base.send :alias_method, :original_spoofed?, :spoofed?
base.send :alias_method, :spoofed?, :fixed_spoofed?
end
def fixed_spoofed?
false
end
end
Paperclip::MediaTypeSpoofDetector.send :include, SpoofingFix
We just say it is always unspoofed and so we can work like before 😉