downcase pathname before whitelist check.

author: mo khan <mo@mokhan.ca> 2014-07-16 12:15:57 -0600
committer: mo khan <mo@mokhan.ca> 2014-07-16 12:15:57 -0600
commit: bb4a0279ab6b3482ec823375f539d22ebf83651e (patch)
tree: 056b7a6a827019503663c155ca7bf31e2489fd38
parent: 21f849302106a09b5c5f368f652bb1fd9a98174e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/app/services/infrastructure/image.rb b/app/services/infrastructure/image.rb
index 1358556b..180b2ecc 100644
--- a/app/services/infrastructure/image.rb
+++ b/app/services/infrastructure/image.rb
@@ -95,7 +95,7 @@ class Image
   end
 
   def ensure_in_whitelist!(path)
-    unless %w(.jpg .jpeg .gif .png .bmp .tif).include?(File.extname(path))
+    unless %w(.jpg .jpeg .gif .png .bmp .tif).include?(File.extname(path).downcase)
       raise StandardError.new("This file is not in the whitelist. #{path}")
     end
   end
author	mo khan <mo@mokhan.ca>	2014-07-16 12:15:57 -0600
committer	mo khan <mo@mokhan.ca>	2014-07-16 12:15:57 -0600
commit	bb4a0279ab6b3482ec823375f539d22ebf83651e (patch)
tree	056b7a6a827019503663c155ca7bf31e2489fd38
parent	21f849302106a09b5c5f368f652bb1fd9a98174e (diff)