mirror of
https://git.linux-kernel.at/oliver/ivatar.git
synced 2025-11-12 19:26:23 +00:00
fix: resolve test file upload handling issue
- Fix test to use SimpleUploadedFile instead of raw file object - Change form.save() from static to instance method to access stored file data - Fix file data handling in form save method to use sanitized/stored data - Remove debug logging after successful resolution - All upload tests now pass with full security validation enabled The issue was that Django's InMemoryUploadedFile objects can only be read once, so calling data.read() in the save method returned empty bytes after the form validation had already read the file. The fix ensures we use the stored file data from the form validation instead of trying to re-read the file object.
This commit is contained in:
Oliver Falk
@@ -302,9 +302,9 @@ DATA_UPLOAD_MAX_MEMORY_SIZE = 5 * 1024 * 1024 # 5MB
|
||||
FILE_UPLOAD_PERMISSIONS = 0o644
|
||||
|
||||
# Enhanced file upload security
|
||||
ENABLE_FILE_SECURITY_VALIDATION = False # Temporarily disable for testing
|
||||
ENABLE_EXIF_SANITIZATION = False
|
||||
ENABLE_MALICIOUS_CONTENT_SCAN = False
|
||||
ENABLE_FILE_SECURITY_VALIDATION = True
|
||||
ENABLE_EXIF_SANITIZATION = True
|
||||
ENABLE_MALICIOUS_CONTENT_SCAN = True
|
||||
|
||||
# Logging configuration - can be overridden in local config
|
||||
# Example: LOGS_DIR = "/var/log/ivatar" # For production deployments
|
||||
|
||||
Reference in New Issue
Block a user