Jump to content

Community

Enforcing Signature Image Limits


Feld0
 Share

Recommended Posts

A member brought an issue to my attention today which allows users to easily bypass their group's signature image size restrictions.

When a member sets up their signature, IP.Board will check the dimensions of any embedded images to ensure they fit within the restrictions. However, if an image is embedded into a signature and is subsequently replaced by a larger one at the same URL which breaks the size restrictions, IP.Board will not react to it in any way, and will happily let the new image stay. Re-checking the image on every pageview would create some pretty bad resource issues, but... fortunately, there's a way to work around it. :smile:

Avatars used to be prone to the same issue, but they were neatly fixed when the option for a "remote" avatar was modified to download the remote image to local storage after a one-time size check, where users can't touch it anymore. The same could be done for signatures - copy images to local storage after checking they fit the restrictions. Even better would be an option to upload signature images to the forum directly, if they're going to be copied to the server anyway. :smile:

Link to comment
Share on other sites

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy