From 5603d4df8fcf1a7a5b85906dad0049d7e79cce6c Mon Sep 17 00:00:00 2001
From: Jakob Kramer <jakob.kramer@gmx.de>
Date: Thu, 2 Jun 2011 17:35:20 +0200
Subject: [PATCH] should fix #324

---
 mediagoblin/submit/security.py | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 mediagoblin/submit/security.py

diff --git a/mediagoblin/submit/security.py b/mediagoblin/submit/security.py
new file mode 100644
index 00000000..db4c860d
--- /dev/null
+++ b/mediagoblin/submit/security.py
@@ -0,0 +1,32 @@
+# GNU MediaGoblin -- federated, autonomous media hosting
+# Copyright (C) 2011 Free Software Foundation, Inc
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+from mimetypes import guess_type
+
+from Image import open as image_open
+
+ALLOWED = ['image/jpeg', 'image/png', 'image/tiff', 'image/gif']
+
+def check_filetype(posted_file):
+    if not guess_type(posted_file.filename) in ALLOWED:
+        return False
+
+    try:
+        image = image_open(posted_file.file)
+    except IOError:
+        return False
+
+    return True
-- 
2.25.1