Merge pull request #6591 from uhoreg/use_mimetype_from_info

Use the mimetype from the info property rather than the EncryptedFile
This commit is contained in:
Hubert Chathi 2021-08-10 19:43:39 -04:00 committed by GitHub
commit 7415aa45d2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 26 additions and 13 deletions

View file

@ -31,18 +31,26 @@ export interface IEncryptedFile {
v: string;
}
export interface IMediaEventContent {
body?: string;
url?: string; // required on unencrypted media
file?: IEncryptedFile; // required for *encrypted* media
info?: {
thumbnail_url?: string; // eslint-disable-line camelcase
thumbnail_file?: IEncryptedFile; // eslint-disable-line camelcase
export interface IMediaEventInfo {
thumbnail_url?: string; // eslint-disable-line camelcase
thumbnail_file?: IEncryptedFile; // eslint-disable-line camelcase
thumbnail_info?: { // eslint-disable-line camelcase
mimetype: string;
w?: number;
h?: number;
size?: number;
};
mimetype: string;
w?: number;
h?: number;
size?: number;
}
export interface IMediaEventContent {
body?: string;
url?: string; // required on unencrypted media
file?: IEncryptedFile; // required for *encrypted* media
info?: IMediaEventInfo;
}
export interface IPreparedMedia extends IMediaObject {

View file

@ -17,18 +17,22 @@ limitations under the License.
// Pull in the encryption lib so that we can decrypt attachments.
import encrypt from 'browser-encrypt-attachment';
import { mediaFromContent } from "../customisations/Media";
import { IEncryptedFile } from "../customisations/models/IMediaEventContent";
import { IEncryptedFile, IMediaEventInfo } from "../customisations/models/IMediaEventContent";
import { getBlobSafeMimeType } from "./blobs";
/**
* Decrypt a file attached to a matrix event.
* @param {IEncryptedFile} file The json taken from the matrix event.
* @param {IEncryptedFile} file The encrypted file information taken from the matrix event.
* This passed to [link]{@link https://github.com/matrix-org/browser-encrypt-attachments}
* as the encryption info object, so will also have the those keys in addition to
* the keys below.
* @param {IMediaEventInfo} info The info parameter taken from the matrix event.
* @returns {Promise<Blob>} Resolves to a Blob of the file.
*/
export function decryptFile(file: IEncryptedFile): Promise<Blob> {
export function decryptFile(
file: IEncryptedFile,
info?: IMediaEventInfo,
): Promise<Blob> {
const media = mediaFromContent({ file });
// Download the encrypted file as an array buffer.
return media.downloadSource().then((response) => {
@ -44,7 +48,7 @@ export function decryptFile(file: IEncryptedFile): Promise<Blob> {
// they introduce XSS attacks if the Blob URI is viewed directly in the
// browser (e.g. by copying the URI into a new tab or window.)
// See warning at top of file.
let mimetype = file.mimetype ? file.mimetype.split(";")[0].trim() : '';
let mimetype = info?.mimetype ? info.mimetype.split(";")[0].trim() : '';
mimetype = getBlobSafeMimeType(mimetype);
return new Blob([dataArray], { type: mimetype });

View file

@ -76,7 +76,8 @@ export class MediaEventHelper implements IDestroyable {
private fetchSource = () => {
if (this.media.isEncrypted) {
return decryptFile(this.event.getContent<IMediaEventContent>().file);
const content = this.event.getContent<IMediaEventContent>();
return decryptFile(content.file, content.info);
}
return this.media.downloadSource().then(r => r.blob());
};
@ -87,7 +88,7 @@ export class MediaEventHelper implements IDestroyable {
if (this.media.isEncrypted) {
const content = this.event.getContent<IMediaEventContent>();
if (content.info?.thumbnail_file) {
return decryptFile(content.info.thumbnail_file);
return decryptFile(content.info.thumbnail_file, content.info.thumbnail_info);
} else {
// "Should never happen"
console.warn("Media claims to have thumbnail and is encrypted, but no thumbnail_file found");