Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ENS: Strip metadata from attachments #5256

Merged
merged 2 commits into from
Nov 22, 2023
Merged

ENS: Strip metadata from attachments #5256

merged 2 commits into from
Nov 22, 2023

Conversation

taitus
Copy link
Member

@taitus taitus commented Sep 27, 2023
edited
Loading

Objectives

Remove metadata from attachments related to ENS Limpieza de documentos [mp.info.5]

How

Add callback in attachable concern in order to strip all metadata included in attachables (documents)

Notes

Pending:

  • Is it necessary to add a secret to the application to enable or disable this functionality?

Sponsored

Functionality developed by

@javierm javierm added this to Doing in Consul Democracy Sep 27, 2023
@taitus taitus moved this from Doing to Reviewing in Consul Democracy Oct 9, 2023
@taitus taitus marked this pull request as ready for review October 9, 2023 09:19
Consul Democracy automation moved this from Reviewing to Testing Oct 19, 2023
@Senen Senen self-assigned this Oct 19, 2023
@javierm javierm added the security Pull requests that address a security vulnerability label Oct 24, 2023
@taitus
Remove pdf metadata
622f351 
In order to remove metadata from PDF documents we will use the
exiftool_vendored gem.

The following line:
  Exiftool.new(attachment_path, "-overwrite_original -all:all=")
Overwrites the original file with another file without metadata.

So far this is the best solution we have found to perform this
metadata deletion.

When using Exiftool an exception is thrown, so we added a rescue
to handle it. Here is a task created where this problem is discussed
in issue 28 in the https://github.com/exiftool-rb/exiftool.rb/ repository.
We'll wait to see if this will be fixed in future versions.
@taitus
Allow testing remove metadata from PDF
84b88c0 
In order to test that we remove metadata from PDF we need add
"pdf-reader" gem.

With this gem we can check the info from the PDF and ensure that
this info is removed.
@taitus taitus merged commit a9fa73b into master Nov 22, 2023
13 checks passed
@taitus taitus deleted the remove-pdf-metadata branch November 22, 2023 14:11
Consul Democracy automation moved this from Testing to Release 2.1.0 Nov 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions left review comments

@Senen Senen Senen approved these changes

Assignees

@Senen Senen

@taitus taitus

Labels
security Pull requests that address a security vulnerability
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@taitus @Senen @javierm