Base64 encode file attachments

By default ActionMailer tries to encode any file attachments in Base64.

We've seen a problem in production where this encoding fails with an
error 'invalid byte sequence in UTF-8'. We think this happens when a
binary file has been uploaded with a text file extension, so the
ActionMailer logic expects a text file but receives binary characters.

To fix this, we can encode the files in Base64 ourselves before passing
them to ActionMailer, which bypasses the failing logic. This allows us
to pass these disguised binary files to ActionMailer without errors.
Other files should be unaffected and the resulting emails should be
otherwise identical.

Author: DavidBiddle

app/mailers/aws_ses_form_submission_mailer.rb

@@ -11,7 +11,10 @@ def submission_email(answer_content_html:, answer_content_plain_text:, submissio
     @csv_filename = csv_filename
 
     files.each do |name, file|
-      attachments[name] = file
+      attachments[name] = {
+        encoding: "base64",
+        content: Base64.encode64(file),
+      }
     end
 
     mail(to: submission_email_address, subject: @subject)

spec/features/fill_in_file_upload_question_spec.rb

@@ -84,6 +84,29 @@
     end
   end
 
+  context "when the file unexpectedly contains binary" do
+    # A PNG file which has been renamed to look like a TXT
+    let(:test_file_content) { File.read("spec/fixtures/disguised_binary_file.txt") }
+    let(:scan_status) { "NO_THREATS_FOUND" }
+
+    scenario "As a form filler" do
+      when_i_visit_the_form_start_page
+      then_i_should_see_the_first_question
+      then_i_see_the_file_upload_component
+      when_i_upload_a_file
+      and_i_click_on_continue
+      then_i_see_the_review_file_page
+      and_i_click_on_continue
+      then_i_should_see_the_check_your_answers_page
+
+      when_i_opt_out_of_email_confirmation
+      and_i_submit_my_form
+      then_my_form_should_be_submitted
+      and_i_should_receive_a_reference_number
+      and_an_email_submission_should_have_been_sent
+    end
+  end
+
   def when_i_visit_the_form_start_page
     visit form_path(mode: "form", form_id: 1, form_slug: "fill-in-this-form")
     expect_page_to_have_no_axe_errors(page)