[Bug]: Custom login page background image size increases x7

[jcjveraa]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

I have a jpg image that is 151 kB on my computer. When I upload this via the admin console under Theming -> Login Image, the resulting background image stored in /data/appdata_***/theming/images becomes about 1 MB.

When inspecting the file it looks like background is a png file with the same dimensions as my jpg. The same happens when uploading a webp file.

Manually replacing the file does not not work - then the server cannot find it anymore (it detects it's been modified?).

files.zip

It looks like this is the code that makes this change in the file, in function public function updateImage(string $key, string $tmpFile). I've tested this by uploading an SVG file, which goes through as-is with an identical file size - this code seems to pass through SVG files.
https://github.com/nextcloud/server/blob/master/apps/theming/lib/ImageManager.php#L234

Steps to reproduce

1. go to [server URL]/settings/admin/theming on version 23.0.5 (Docker 'Stable' release)
2. Select 'Upload new login image'
3. Upload the attached jpg file

Changing the image via the console as described here works with exactly the same result.
https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/theming.html#configure-theming-through-cli

Expected behavior

The file served is equal to the file uploaded, provided it's a "valid" file (OK resolution, normal image type like .jpg, .png or .webp). Do not agressively replace it with a very large png file.

Installation method

Official Docker image

Operating system

Other

PHP engine version

PHP 8.0

Web server

Apache (supported)

Database engine version

MySQL

Is this bug present after an update or on a fresh install?

Fresh Nextcloud Server install

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

{
    "system": {
        "htaccess.RewriteBase": "\/",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "apps_paths": [
            {
                "path": "\/var\/www\/html\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/html\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***",
            "***REMOVED SENSITIVE VALUE***"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "23.0.5.1",
        "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
        "overwritehost": "***REMOVED SENSITIVE VALUE***",
        "overwriteprotocol": "https",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "mail_smtpmode": "smtp",
        "mail_smtpsecure": "ssl",
        "mail_sendmailmode": "smtp",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpauth": 1,
        "mail_smtpport": "465",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "updater.secret": "***REMOVED SENSITIVE VALUE***"
    }
}

List of activated Apps

Enabled:
  - accessibility: 1.9.0
  - activity: 2.15.0
  - bruteforcesettings: 2.4.0
  - circles: 23.1.1
  - cloud_federation_api: 1.6.0
  - comments: 1.13.0
  - contactsinteraction: 1.4.0
  - dashboard: 7.3.0
  - dav: 1.21.0
  - federatedfilesharing: 1.13.0
  - federation: 1.13.0
  - files: 1.18.0
  - files_antivirus: 3.3.0
  - files_pdfviewer: 2.4.0
  - files_rightclick: 1.2.0
  - files_sharing: 1.15.0
  - files_trashbin: 1.13.0
  - files_versions: 1.16.0
  - files_videoplayer: 1.12.0
  - firstrunwizard: 2.12.0
  - logreader: 2.8.0
  - lookup_server_connector: 1.11.0
  - nextcloud_announcements: 1.12.0
  - notifications: 2.11.1
  - oauth2: 1.11.0
  - password_policy: 1.13.0
  - photos: 1.5.0
  - privacy: 1.7.0
  - provisioning_api: 1.13.0
  - recommendations: 1.2.0
  - serverinfo: 1.13.0
  - settings: 1.5.0
  - sharebymail: 1.13.0
  - support: 1.6.0
  - survey_client: 1.11.0
  - systemtags: 1.13.0
  - text: 3.4.1
  - theming: 1.14.0
  - twofactor_backupcodes: 1.12.0
  - twofactor_totp: 6.3.0
  - updatenotification: 1.13.0
  - user_status: 1.3.1
  - viewer: 1.7.0
  - weather_status: 1.3.0
  - workflowengine: 2.5.0
Disabled:
  - admin_audit
  - encryption
  - files_external
  - twofactor_nextcloud_notification: 3.4.0
  - user_ldap

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

Nothing is written to the log file when uploading the image.

Additional info

No response

[jcjveraa]

I'll start working on an enhancement for this, I think I know what to do...

[jcjveraa]

Made a fix for this, see #32787
(earlier pull request had some merging errors...)

[szaimen]

Hi, please update to 24.0.9 or better 25.0.3 and report back if it fixes the issue. Thank you!

My goal is to add a label like e.g. 25-feedback to this ticket of an up-to-date major Nextcloud version where the bug could be reproduced. However this is not going to work without your help. So thanks for all your effort!

If you don't manage to reproduce the issue in time and the issue gets closed but you can reproduce the issue afterwards, feel free to create a new bug report with up-to-date information by following this link: https://github.com/nextcloud/server/issues/new?assignees=&labels=bug%2C0.+Needs+triage&template=BUG_REPORT.yml&title=%5BBug%5D%3A+

[jcjveraa]

Hi there,

It seems my PR #32787 was not merged, so I expect the issue to persist.
edit On closer inspection I see that the Milestone was changed from 25 to 26 for this one, so that explains.

[brlarini]

I'm on 25.0.3 and this still happens.
The uploaded image is about 250 KB, 3840 x 2550 px, 72 dpi, 24 bit.
And then it grows to 2.6 MB, same resolution, same dpi, but now 32 bit colors.

[jcjveraa]

Yes my PR has been shifted to version 26, so not fixed yet. I realize now a few months later that my PR might need to be improved a little by adding some testing, but unfortunately I'm 1) busy preparing for my first child and 2) not a PHP-developer by trade so setting up a dev environment is a bit of a hassle. The tests could be: 1. Integration test: Verify uploaded background images are saved (probably/hopefully this test already exists) 2. Unit tests - for each accepted file format (webp, jpg, png,.. ?).: 1. Input 'small' image and check it is preserved as-is 2. input 'large' image and check it is resized to a 'smaller' version

…

On Fri, Feb 10, 2023 at 2:01 PM brlarini ***@***.***> wrote: I'm on 25.0.3 and this still happens. The uploaded image is about 250 KB, 3840 x 2550 px, 72 dpi, 24 bit. And then it grows to 2.6 MB, same resolution, same dpi, but now 32 bit colors. — Reply to this email directly, view it on GitHub <#32779 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AA6CPHPYRZURD6RERU6V6JDWWY3ZDANCNFSM5YJQQ5ZQ> . You are receiving this because you authored the thread.Message ID: ***@***.***>