Securing Changeblog Images

using git hooks

Exiftool in action

The issue

As I add more content to this site, I want to ensure the images are free of EXIF geolocation data. I prefer maintaining some level of privacy since a decent portion of these images are taken at my work/home.

I could turn off geotagging of my images during capture, but I ultimately like retaining the GPS data of where those moments occurred.

Luckily an open-source application, exiftool, provides an easy way to remove geolocation data by issuing the following command.

exiftool -geotag= <filename>

This manual step could become tedious/easily overlooked, especially if it must be applied to every image we want to be geotag free. Why not automate this process with git hooks?

A possible solution

Unfortunately, my research yielded no concrete examples/code of developers using git hooks intent on removing geotag data from images. Inspired by this example meant for removing trailing whitespace, I came up with the following pre-commit git hook.

#!/bin/bash

echo "Running pre-commit"
# Get added/modified file list
for FILE in `exec git diff --cached --name-only --diff-filter=AM` ; do
    EXT=$(echo "${FILE##*.}" | tr "[:lower:]" "[:upper:]")
    # Process JPG & PNG files. Can add additional filetypes below
    if [ "$EXT" = "JPG" ] || [ "$EXT" = "PNG" ]; then
        echo "Attempting to remove GPS data from $FILE"
        exiftool -geotag= -overwrite_original $FILE
        git add $FILE
    fi
done

The above script removes geotag info on any added/modified pre-committed files. Note, if you’re interested in trying this out yourself, make sure you have exiftool installed locally on your machine.

Occasionally we’ll want to retain the image geolocation data and can temporarily achieve this by using the --no-verify option when performing a git commit.

Alternative solutions/enhancements

  • Add a pre-receive git hook on the remote repository so geotag removal would be enforced for all developers. I would have to figure out how to install exiftool on the remote server and ideally would want an easy mechanism to turn it off when we want to preserve the image geolocation data. This seems like a lot of effort with little ROI considering I’ll likely be the only developer working on this blog.

  • Create temporary debug <figcaption> elements that display any existing geolocation data while running a local/development blog instance. Thus I would receive visual feedback of any undesirable geotags still present while developing the site.

  • Update the pre-commit git hook to reduce the image GPS resolution down to the city/neighborhood level instead of complete removal. This allows us to continue including geolocation data while providing an acceptable level of privacy.

Posted on May 25, 2021 / by Alan Solidum