diff options
| author | Bjørn Erik Pedersen <bjorn.erik.pedersen@gmail.com> | 2021-12-16 15:12:13 +0100 |
|---|---|---|
| committer | Bjørn Erik Pedersen <bjorn.erik.pedersen@gmail.com> | 2021-12-17 09:50:28 +0100 |
| commit | 44954497bcb2d6d589b9340a43323663061c7b42 (patch) | |
| tree | 0d0d06b11e462ccff1a908c2b1c4dfd039b82787 /resources/images/config.go | |
| parent | 22ef5da20d1685dfe6aff3bd9364c9b1f1d0d8f8 (diff) | |
Always use content to resolve content type in resources.GetRemote
This is a security hardening measure; don't trust the URL extension or any `Content-Type`/`Content-Disposition` header on its own, always look at the file content using Go's `http.DetectContentType`.
This commit also adds ttf and otf media type definitions to Hugo.
Fixes #9302
Fixes #9301
Diffstat (limited to 'resources/images/config.go')
| -rw-r--r-- | resources/images/config.go | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/resources/images/config.go b/resources/images/config.go index c8990d5ca..a8b5412d6 100644 --- a/resources/images/config.go +++ b/resources/images/config.go @@ -20,6 +20,7 @@ import ( "strings" "github.com/gohugoio/hugo/helpers" + "github.com/gohugoio/hugo/media" "github.com/pkg/errors" @@ -45,6 +46,15 @@ var ( ".webp": WEBP, } + imageFormatsBySubType = map[string]Format{ + media.JPEGType.SubType: JPEG, + media.PNGType.SubType: PNG, + media.TIFFType.SubType: TIFF, + media.BMPType.SubType: BMP, + media.GIFType.SubType: GIF, + media.WEBPType.SubType: WEBP, + } + // Add or increment if changes to an image format's processing requires // re-generation. imageFormatsVersions = map[Format]int{ @@ -102,6 +112,11 @@ func ImageFormatFromExt(ext string) (Format, bool) { return f, found } +func ImageFormatFromMediaSubType(sub string) (Format, bool) { + f, found := imageFormatsBySubType[sub] + return f, found +} + const ( defaultJPEGQuality = 75 defaultResampleFilter = "box" |