Removed allowedFileExtensions meta config

Now, when NodeBB needs to determine file compatibility, jimp
will attempt to open the file for reading. If it fails, file is
considered to be of an invalid type.

package.json

@@ -31,7 +31,7 @@
     "gravatar": "^1.1.0",
     "heapdump": "^0.3.0",
     "html-to-text": "1.3.2",
-    "jimp": "^0.2.5",
+    "jimp": "0.2.17",
     "less": "^2.0.0",
     "logrotate-stream": "^0.2.3",
     "lru-cache": "^2.6.1",

src/controllers/uploads.js

@@ -46,7 +46,7 @@ uploadsController.upload = function(req, res, filesIterator, next) {
 
 uploadsController.uploadPost = function(req, res, next) {
 	uploadsController.upload(req, res, function(uploadedFile, next) {
-		file.isFileTypeAllowed(uploadedFile.path, file.allowedExtensions(), function(err) {
+		file.isFileTypeAllowed(uploadedFile.path, function(err) {
 			if (err) {
 				return next(err);
 			}
@@ -67,7 +67,7 @@ uploadsController.uploadThumb = function(req, res, next) {
 	}
 
 	uploadsController.upload(req, res, function(uploadedFile, next) {
-		file.isFileTypeAllowed(uploadedFile.path, file.allowedExtensions(), function(err) {
+		file.isFileTypeAllowed(uploadedFile.path, function(err) {
 			if (err) {
 				return next(err);
 			}

src/file.js

@@ -7,6 +7,7 @@ var fs = require('fs'),
 	mmmagic = require('mmmagic'),
 	Magic = mmmagic.Magic,
 	mime = require('mime'),
+	jimp = require('jimp'),
 
 	utils = require('../public/src/utils');
 
@@ -40,46 +41,13 @@ file.saveFileToLocal = function(filename, folder, tempPath, callback) {
 	is.pipe(os);
 };
 
-file.isFileTypeAllowed = function(path, allowedExtensions, callback) {
-	if (!Array.isArray(allowedExtensions) || !allowedExtensions.length) {
-		return callback();
-	}
-
-	var magic = new Magic(mmmagic.MAGIC_MIME_TYPE);
-	magic.detectFile(path, function(err, mimeType) {
-		if (err) {
-			return callback(err);
-		}
-
-		var uploadedFileExtension = mime.extension(mimeType);
-
-		if (allowedExtensions.indexOf(uploadedFileExtension) === -1) {
-			return callback(new Error('[[error:invalid-file-type, ' + allowedExtensions.join(', ') + ']]'));
-		}
-
-		callback();
+file.isFileTypeAllowed = function(path, callback) {
+	// Attempt to read the file, if it passes, file type is allowed
+	jimp.read(path, function(err) {
+		callback(err);
 	});
 };
 
-file.allowedExtensions = function() {
-	var meta = require('./meta');
-	var allowedExtensions = (meta.config.allowedFileExtensions || '').trim();
-	if (!allowedExtensions) {
-		return [];
-	}
-	allowedExtensions = allowedExtensions.split(',');
-	allowedExtensions = allowedExtensions.filter(Boolean).map(function(extension) {
-		extension = extension.trim();
-		return extension.replace(/\./g, '');
-	});
-
-	if (allowedExtensions.indexOf('jpg') !== -1 && allowedExtensions.indexOf('jpeg') === -1) {
-		allowedExtensions.push('jpeg');
-	}
-
-	return allowedExtensions;
-};
-
 file.exists = function(path, callback) {
 	fs.stat(path, function(err, stat) {
 		callback(!err && stat);

src/user/picture.js

@@ -36,7 +36,7 @@ module.exports = function(User) {
 				next(!extension ? new Error('[[error:invalid-image-extension]]') : null);
 			},
 			function(next) {
-				file.isFileTypeAllowed(picture.path, ['png', 'jpeg', 'jpg', 'gif'], next);
+				file.isFileTypeAllowed(picture.path, next);
 			},
 			function(next) {
 				image.resizeImage({

src/views/admin/settings/post.tpl

@@ -147,9 +147,6 @@
 				</label>
 			</div>
 			<strong>Topic Thumb Size</strong><br /> <input type="text" class="form-control" value="120" data-field="topicThumbSize"> <br />
-
-			<strong>Allowed file types, (ie png, jpg, pdf, zip). Leave empty to allow all.</strong><br /> <input type="text" class="form-control" value="" data-field="allowedFileExtensions"><br />
-
 		</form>
 	</div>
 </div>