Crop profile pictures server-side #73
Description
Technically since we do the profile picture cropping client-side anyone could send a request to our api with any arbitrary image. To prevent unpleasant pictures more reliably, we can change the api to only send the post ID and cropping bounds and the profile picture cropping is done server-side.
This is not an issue for the moment, but I will look into it if needed.