From 94e2dbc5ad5e467d0913337fbe6c5aa923bd011c Mon Sep 17 00:00:00 2001
From: Yuki <aaron.ahmed.eve@gmail.com>
Date: Sun, 10 May 2015 10:08:06 +0530
Subject: [PATCH] Only allow JPG, PNG and GIF for profile pictures, and only
 allow JPG and PNG for profile headers

---
 app/models/user.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 8a07e97a..46fc1c08 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -48,12 +48,12 @@ class User < ActiveRecord::Base
   has_attached_file :profile_picture, styles: { large: "500x500#", medium: "256x256#", small: "80x80#" },
                     default_url: "/images/:style/no_avatar.png", use_timestamp: false,
                     processors: [:cropper]
-  validates_attachment_content_type :profile_picture, :content_type => /\Aimage\/.*\Z/
+  validates_attachment_content_type :profile_picture, :content_type => /\Aimage\/(png|jpe?g|gif)\Z/
 
   has_attached_file :profile_header, styles: { web: "1500x350#", mobile: "450x105#", retina: "900x210#" },
                     default_url: '/images/header/:style/no_header.jpg', use_timestamp: false,
                     processors: [:cropper]
-  validates_attachment_content_type :profile_header, :content_type => /\Aimage\/.*\Z/
+  validates_attachment_content_type :profile_header, :content_type => /\Aimage\/(png|jpe?g)\Z/
 
   process_in_background :profile_picture
   process_in_background :profile_header