Bump icon dimension limits one more time

* Consolidate test into an inline function for reuse * Check detected types and reject the rest... may add to later NOTES: * This is as much as I prefer to go *(may change)*... otherwise the user experience on OUJS will be diminished by excessive bandwidth from client to whatever target. * Ideally these shouldn't be more than 48px by 48px if an author is being nice to their users as well as visitors but do understand some hosting sites kick it up a bit without scaling. Post OpenUserJS#1303
Martii · Dec 5, 2017 · 6ff6484 · 6ff6484
1 parent 5ab4308
commit 6ff6484
Showing 1 changed file with 25 additions and 6 deletions.
diff --git a/controllers/scriptStorage.js b/controllers/scriptStorage.js
@@ -1384,15 +1384,34 @@ exports.storeScript = function (aUser, aMeta, aBuf, aUpdate, aCallback) {
     function (aInnerCallback) {
       // `@icon` validations
       var icon = null;
-      var maxX = 128; // px
-      var maxY = 128; // px
       var buffer = null;
       var fn = null;
       var dimensions = null;
       var matches = null;
       var data = null;
       var rDataURIbase64 = /^data:image\/.+;base64,(.*)$/;
 
+      function acceptedImage(aDimensions) {
+        var maxX = 256; //px
+        var maxY = 256; //px
+
+        switch (aDimensions.type) {
+          case 'gif':
+            // fallthrough
+          case 'jpeg':
+            // fallthrough
+          case 'png':
+            // fallthrough
+          case 'svg':
+            // fallthrough
+          case 'ico':
+            if (dimensions.width <= maxX && dimensions.height <= maxY) {
+              return true;
+            }
+        }
+        return false;
+      }
+
       icon = findMeta(aMeta, 'UserScript.icon.0.value');
       if (icon) {
         if (!isFQUrl(icon, false, true)) {
@@ -1421,9 +1440,9 @@ exports.storeScript = function (aUser, aMeta, aBuf, aUpdate, aCallback) {
               return;
             }
 
-            if (dimensions.width > maxX || dimensions.height > maxY) {
+            if (!acceptedImage(dimensions)) {
               aInnerCallback(new statusError({
-                message: '`@icon` dimensions are too large.',
+                message: '`@icon` unsupported file type or dimensions are too large.',
                 code: 400
               }), null);
             } else {
@@ -1453,9 +1472,9 @@ exports.storeScript = function (aUser, aMeta, aBuf, aUpdate, aCallback) {
                 return;
               }
 
-              if (dimensions.width > maxX || dimensions.height > maxY) {
+              if (!acceptedImage(dimensions)) {
                 aInnerCallback(new statusError({
-                  message: '`@icon` dimensions are too large.',
+                  message: '`@icon` unsupported file type or dimensions are too large.',
                   code: 400
                 }), null);
               } else {