mirror/outline
1
0
Fork 0
mirror of https://github.com/outline/outline.git synced 2026-04-24 11:20:11 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add video and audio as safe inline content-disposition

Browse Source
This commit is contained in:
Tom Moor
2024-08-23 08:53:18 -04:00
parent 23ad780672
commit a59215d27c
1 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/storage/files/BaseStorage.ts
+15 -1
View File
@@ -234,12 +234,21 @@ export default abstract class BaseStorage {
if (contentType && this.safeInlineContentTypes.includes(contentType)) {
return "inline";
}
if (
contentType &&
this.safeInlineContentPrefixes.some((prefix) =>
contentType.startsWith(prefix)
)
) {
return "inline";
}
return "attachment";
}
/**
* A list of content types considered safe to display inline in the browser.
* A list of content types considered safe to display inline in the browser. Note that
* SVGs are purposefully not included here as they can contain JavaScript.
*/
protected safeInlineContentTypes = [
"application/pdf",
@@ -248,4 +257,9 @@ export default abstract class BaseStorage {
"image/gif",
"image/webp",
];
/**
* A list of content type prefixes considered safe to display inline in the browser.
*/
protected safeInlineContentPrefixes = ["video/", "audio/"];
}