Add gem Down, File size validation before and during download

Gemfile

@@ -62,6 +62,7 @@ gem 'bcrypt', '~> 3.1.10'
 gem 'caracal-rails' # Build docx report
 gem 'commit_param_routing' # Enables different submit actions in the same form
 gem 'deface', '~> 1.0'
+gem 'down', '~> 5.0'
 gem 'faker' # Generate fake data
 gem 'fastimage' # Light gem to get image resolution
 gem 'httparty', '~> 0.13.1'

Gemfile.lock

@@ -240,6 +240,8 @@ GEM
     docile (1.3.2)
     doorkeeper (5.1.0)
       railties (>= 5)
+    down (5.0.0)
+      addressable (~> 2.5)
     erubi (1.8.0)
     et-orbi (1.2.2)
       tzinfo
@@ -620,6 +622,7 @@ DEPENDENCIES
   devise_invitable
   discard (~> 1.0)
   doorkeeper (>= 4.6)
+  down (~> 5.0)
   factory_bot_rails
   faker
   fastimage

app/models/concerns/tiny_mce_images.rb

@@ -95,13 +95,16 @@ module TinyMceImages
           next if asset && (asset.object == self || asset_team_id != asset.team_id)
 
         else
-          # We need implement size and type checks here
           url = image['src']
           image_type = FastImage.type(url).to_s
           next unless image_type
 
-          new_image = URI.parse(url).open
+          begin
-          next if new_image.size > Rails.configuration.x.file_max_size_mb.megabytes
+            new_image = Down.download(url, max_size: Rails.configuration.x.file_max_size_mb.megabytes)
+          rescue Down::TooLarge => e
+            Rails.logger.error e.message
+            next
+          end
 
           new_image_filename = Asset.generate_unique_secure_token + '.' + image_type
         end