Unconditionally re-encode locally-uploaded images to strip metadata #8714
Conversation
|
1) this means that
https://github.com/tootsuite/mastodon/blob/master/lib/paperclip/lazy_thumbnail.rb
is now dead code, and we should remove it.
2) I'm not convinced this PR is the best solution. is it possible to strip
metadata without reencoding the file? what are the benchmarks on each?
…On Mon, Sep 17, 2018, 9:56 AM ThibG ***@***.***> wrote:
This strips metadata on file upload by re-encoding the files, at the cost
of image quality and processing resources.
------------------------------
You can view, comment on, or merge this pull request online at:
#8714
Commit Summary
- Unconditionally re-encode images to strip metadata
File Changes
- *M* app/models/media_attachment.rb
<https://github.com/tootsuite/mastodon/pull/8714/files#diff-0> (2)
Patch Links:
- https://github.com/tootsuite/mastodon/pull/8714.patch
- https://github.com/tootsuite/mastodon/pull/8714.diff
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#8714>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAORVxfyvyme2DA6KoKboyN9EutZ6qOHks5ub6oSgaJpZM4Wr-S_>
.
|
|
ClearlyClaire
force-pushed
the
fixes/exif
branch
from
5cbc5da
to
0874b35
Compare
|
Updated to keep |
|
What about making it a two stage operation - strip metadata on everything, then encode if necessary? |
|
@bhtooefr not possible without extensive changes, nor ImageMagick nor Paperclip provide support for stripping metadata without re-encoding ( |
|
The only tool I have found to strip image metadata is |
|
ImageMagicks in-place component can strip metadata without reencoding, |
|
@elomatreb |
|
Mh, I could have sworn it was smart enough to not touch the image if it doesn't need to. Nevermind then. |
|
If you're looking for something that isn't perl, maybe http://www.exiv2.org/ ? Also, it may be a good idea to keep the color profile even after all other exif data is removed. |
|
Keep in mind that lazy thumbnail is a result of #6515, which fixed all sorts of visual glitches with GIF avatars from remote users. We don't really care about EXIF metadata in remote images because presumably they already stripped it themselves when the image was turned into the dimensions we expect. Reverting that fix means not only more computational overhead for ImageMagick stuff (which I consider acceptable because we already dealt with that pre-optimization, not the end of the world), but unfortunately it means the return of something like #3199 (I am not sure if all glitches had corresponding bug reports), which itself is an ImageMagick bug as far as I understand. The fix in question became a problem specifically in #8083, when the lazy thumbnail processor was hooked up to media attachments. EXIF data in avatars and headers is unlikely to contain sensitive information, but media attachments may obviously come straight from a camera. This is my bad, I had not connected the dots between the different patches. I suggest that we keep the behaviour for remote images (through some kinda option passed to the processor?) but unconditionally re-encode locally uploaded images. |
|
@kitlith thanks, exiv2 looks pretty much like what I want! I'm slightly concerned about security, though, that's yet another binary we're going to feed user-provided images to (the same can be said about exiftool or imagemagick, though) |
|
@Gargron yeah, that's one of the things I'm looking at, but so far I don't know how to process remote and local attachments differently |
|
@ThibG The processor can call methods on the model, so maybe something like |
ClearlyClaire
force-pushed
the
fixes/exif
branch
from
0874b35
to
8e7ed95
Compare
This strips metadata on file upload by re-encoding the files, at the cost of possible slight image quality decrease and processing resources.
ClearlyClaire
force-pushed
the
fixes/exif
branch
from
8e7ed95
to
5de558d
Compare
|
@Gargron updated to do just that! |
ClearlyClaire
changed the title
…8714) This strips metadata on file upload by re-encoding the files, at the cost of possible slight image quality decrease and processing resources.
…astodon#8714) This strips metadata on file upload by re-encoding the files, at the cost of possible slight image quality decrease and processing resources.
…tadata (mastodon#8714)" This reverts commit 39e84d1.
This strips metadata on file upload by re-encoding the files, at the cost of image quality and processing resources.