diff --git a/activestorage/app/controllers/active_storage/disk_controller.rb b/activestorage/app/controllers/active_storage/disk_controller.rb index 7bd641ab9a..652084e822 100644 --- a/activestorage/app/controllers/active_storage/disk_controller.rb +++ b/activestorage/app/controllers/active_storage/disk_controller.rb @@ -61,6 +61,7 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController end def acceptable_content?(token) - token[:content_type] == request.content_type && token[:content_length] == request.content_length + Mime::Type.lookup(request.content_type) == token[:content_type] && + token[:content_length] == request.content_length end end diff --git a/activestorage/test/controllers/disk_controller_test.rb b/activestorage/test/controllers/disk_controller_test.rb index 4bc61d13f3..7b5e989699 100644 --- a/activestorage/test/controllers/disk_controller_test.rb +++ b/activestorage/test/controllers/disk_controller_test.rb @@ -67,6 +67,16 @@ class ActiveStorage::DiskControllerTest < ActionDispatch::IntegrationTest assert_not blob.service.exist?(blob.key) end + test "directly uploading blob with different but equivalent content type" do + data = "Something else entirely!" + blob = create_blob_before_direct_upload( + byte_size: data.size, checksum: Digest::MD5.base64digest(data), content_type: "application/x-gzip") + + put blob.service_url_for_direct_upload, params: data, headers: { "Content-Type" => "application/x-gzip" } + assert_response :no_content + assert_equal data, blob.download + end + test "directly uploading blob with mismatched content length" do data = "Something else entirely!" blob = create_blob_before_direct_upload byte_size: data.size - 1, checksum: Digest::MD5.base64digest(data)