View Source Dropkick.File (dropkick v0.0.1)
A custom type that maps a upload-like structure to a file.
:key- The location of the the uploaded file:content_type- The content type of the uploaded file:filename- The filename of the uploaded file given in the request:status- The status of the uploaded file. It can be:cached(when the file was just casted from aPlug.Uploadand the key points to a temporary directory),:deleted(when the file was deleted from the storage and the key points to its old location) and:stored(when the file was persisted to its final destination and the key points to its current location).:metadata- This field is meant to be used by users to store metadata about the file.:__cache__- This field is used to store internal in-memmory information about the file that might be relevant during processing (this field is currently not used internally and its not casted to the database).
security
Security
Like Plug.Upload, the :content_type and :filename fields are client-controlled.
Because of this, you should inspect and validate these values before trusting the upload content.
You can check the file's magic number signature
by passing the option infer: true to your fields:
field :avatar, Dropkick.File, infer: true