Restrict file uploads to images only
https://claude.ai/code/session_018Ym45siELMvsBQj4w9QAXf
diff --git a/lib/views/capture.rb b/lib/views/capture.rb
index c2ac6db..d6838f9 100644
--- a/lib/views/capture.rb
+++ b/lib/views/capture.rb
@@ -55,7 +55,7 @@ module Domus
input(
type: "file",
name: "file",
- accept: "image/*,application/pdf",
+ accept: "image/*",
capture: "environment",
class: "sr-only",
"x-ref": "cameraInput",
@@ -64,15 +64,15 @@ module Domus
input(
type: "file",
name: "file",
- accept: "image/*,application/pdf",
+ accept: "image/*",
class: "sr-only",
"x-ref": "fileInput",
"@change": "onFileInput($event)"
)
div("x-show": "state === 'capture'", class: "card-body") do
- h2(class: "card-title") { plain "Add a document" }
- p(class: "card-lead") { plain "Take a photo or pick a file to keep." }
+ h2(class: "card-title") { plain "Add an image" }
+ p(class: "card-lead") { plain "Take a photo or pick an image to keep." }
div(class: "btn-stack") do
button(
diff --git a/lib/web.rb b/lib/web.rb
index 68f0d43..7782fe2 100644
--- a/lib/web.rb
+++ b/lib/web.rb
@@ -40,6 +40,7 @@ module Domus
def save_file(params)
upload = params["file"]
raise ArgumentError, "missing file upload" unless upload.is_a?(Hash) && upload[:tempfile]
+ raise ArgumentError, "only images are accepted" unless upload[:type].to_s.start_with?("image/")
ext = ::File.extname(upload[:filename].to_s)
now = Time.now