Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/lib/url_helper.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

178 lines
5.0 KiB
Ruby
Raw Normal View History

DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging
2019-05-02 18:17:27 -04:00
# frozen_string_literal: true
FEATURE: move migrate_to_new_scheme into a background job - new hidden site setting 'migrate_to_new_scheme' (defaults to false) - new rake tasks to toggle migration to new scheme - FIX: migrate_to_new_scheme also works with CDN - PERF: improve perf of the DbHelper.remap method - REFACTOR: UrlHelper is now a class
2015-06-12 06:02:36 -04:00
class UrlHelper
FIX markdown hotlinked images were not properly pulled
2013-11-20 07:10:08 -05:00
FIX: URLs containing two # would fail to work Some URLs in browsers are non compliant and contain twos `#` this commit adds special handling for this edge case by auto encoding any fragments containing `#`
2018-12-11 02:03:13 -05:00
# At the moment this handles invalid URLs that browser address bar accepts
# where second # is not encoded
#
# Longer term we can add support of simpleidn and encode unicode domains
def self.relaxed_parse(url)
url, fragment = url.split("#", 2)
uri = URI.parse(url)
if uri
FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) The following methods have long been deprecated in ruby due to flaws in their implementation per http://blade.nagaokaut.ac.jp/cgi-bin/vframe.rb/ruby/ruby-core/29293?29179-31097: URI.escape URI.unescape URI.encode URI.unencode escape/encode are just aliases for one another. This PR uses the Addressable gem to replace these methods with its own encode, unencode, and encode_component methods where appropriate. I have put all references to Addressable::URI here into the UrlHelper to keep them corralled in one place to make changes to this implementation easier. Addressable is now also an explicit gem dependency.
2019-12-11 21:49:21 -05:00
# Addressable::URI::CharacterClasses::UNRESERVED is used here because without it
# the # in the fragment is not encoded
fragment = Addressable::URI.encode_component(fragment, Addressable::URI::CharacterClasses::UNRESERVED) if fragment&.include?('#')
FIX: URLs containing two # would fail to work Some URLs in browsers are non compliant and contain twos `#` this commit adds special handling for this edge case by auto encoding any fragments containing `#`
2018-12-11 02:03:13 -05:00
uri.fragment = fragment
uri
end
rescue URI::Error
end
FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) The following methods have long been deprecated in ruby due to flaws in their implementation per http://blade.nagaokaut.ac.jp/cgi-bin/vframe.rb/ruby/ruby-core/29293?29179-31097: URI.escape URI.unescape URI.encode URI.unencode escape/encode are just aliases for one another. This PR uses the Addressable gem to replace these methods with its own encode, unencode, and encode_component methods where appropriate. I have put all references to Addressable::URI here into the UrlHelper to keep them corralled in one place to make changes to this implementation easier. Addressable is now also an explicit gem dependency.
2019-12-11 21:49:21 -05:00
def self.encode_and_parse(url)
URI.parse(Addressable::URI.encode(url))
end
def self.encode(url)
Addressable::URI.encode(url)
end
def self.unencode(url)
Addressable::URI.unencode(url)
end
def self.encode_component(url_component)
Addressable::URI.encode_component(url_component)
end
FEATURE: move migrate_to_new_scheme into a background job - new hidden site setting 'migrate_to_new_scheme' (defaults to false) - new rake tasks to toggle migration to new scheme - FIX: migrate_to_new_scheme also works with CDN - PERF: improve perf of the DbHelper.remap method - REFACTOR: UrlHelper is now a class
2015-06-12 06:02:36 -04:00
def self.is_local(url)
BUGFIX: errors when post-processing 'data images'
2014-07-18 11:54:18 -04:00
url.present? && (
Discourse.store.has_been_uploaded?(url) ||
Replace `base_uri` with `base_path` (#10879) DEV: Replace instances of Discourse.base_uri with Discourse.base_path This is clearer because the base_uri is actually just a path prefix. This continues the work started in 555f467.
2020-10-09 07:51:24 -04:00
!!(url =~ Regexp.new("^#{Discourse.base_path}/(assets|plugins|images)/")) ||
BUGFIX: errors when post-processing 'data images'
2014-07-18 11:54:18 -04:00
url.start_with?(Discourse.asset_host || Discourse.base_url_no_prefix)
)
FIX markdown hotlinked images were not properly pulled
2013-11-20 07:10:08 -05:00
end
FEATURE: move migrate_to_new_scheme into a background job - new hidden site setting 'migrate_to_new_scheme' (defaults to false) - new rake tasks to toggle migration to new scheme - FIX: migrate_to_new_scheme also works with CDN - PERF: improve perf of the DbHelper.remap method - REFACTOR: UrlHelper is now a class
2015-06-12 06:02:36 -04:00
def self.absolute(url, cdn = Discourse.asset_host)
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging
2019-05-02 18:17:27 -04:00
cdn = "https:#{cdn}" if cdn && cdn =~ /^\/\//
FIX: canonical url should not use the CDN
2013-12-16 18:35:34 -05:00
url =~ /^\/[^\/]/ ? (cdn || Discourse.base_url_no_prefix) + url : url
end
FEATURE: move migrate_to_new_scheme into a background job - new hidden site setting 'migrate_to_new_scheme' (defaults to false) - new rake tasks to toggle migration to new scheme - FIX: migrate_to_new_scheme also works with CDN - PERF: improve perf of the DbHelper.remap method - REFACTOR: UrlHelper is now a class
2015-06-12 06:02:36 -04:00
def self.absolute_without_cdn(url)
self.absolute(url, nil)
FIX markdown hotlinked images were not properly pulled
2013-11-20 07:10:08 -05:00
end
FEATURE: move migrate_to_new_scheme into a background job - new hidden site setting 'migrate_to_new_scheme' (defaults to false) - new rake tasks to toggle migration to new scheme - FIX: migrate_to_new_scheme also works with CDN - PERF: improve perf of the DbHelper.remap method - REFACTOR: UrlHelper is now a class
2015-06-12 06:02:36 -04:00
def self.schemaless(url)
FIX: httpshttps ultra secure URLs
2016-06-30 10:55:01 -04:00
url.sub(/^http:/i, "")
FIX markdown hotlinked images were not properly pulled
2013-11-20 07:10:08 -05:00
end
FEATURE: Add support for secure media (#7888) This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. A few notes: - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-17 20:25:42 -05:00
def self.secure_proxy_without_cdn(url)
FIX: Resolve pull hotlinked image and broken link issues for secure media URLs (#8777) When pull_hotlinked_images tried to run on posts with secure media (which had already been downloaded from external sources) we were getting a 404 when trying to download the image because the secure endpoint doesn't allow anon downloads. Also, we were getting into an infinite loop of pull_hotlinked_images because the job didn't consider the secure media URLs as "downloaded" already so it kept trying to download them over and over. In this PR I have also refactored secure-media-upload URL checks and mutations into single source of truth in Upload, adding a SECURE_MEDIA_ROUTE constant to check URLs against too.
2020-01-23 20:59:30 -05:00
self.absolute(Upload.secure_media_url_from_upload_url(url), nil)
FEATURE: Add support for secure media (#7888) This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. A few notes: - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-17 20:25:42 -05:00
end
FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) The following methods have long been deprecated in ruby due to flaws in their implementation per http://blade.nagaokaut.ac.jp/cgi-bin/vframe.rb/ruby/ruby-core/29293?29179-31097: URI.escape URI.unescape URI.encode URI.unencode escape/encode are just aliases for one another. This PR uses the Addressable gem to replace these methods with its own encode, unencode, and encode_component methods where appropriate. I have put all references to Addressable::URI here into the UrlHelper to keep them corralled in one place to make changes to this implementation easier. Addressable is now also an explicit gem dependency.
2019-12-11 21:49:21 -05:00
def self.escape_uri(uri)
DEV: Rename `UriHelper.escape_uri` to `.normalized_encode` This is a much better description of its function. It performs idempotent normalization of a URL. If consumers truly need to `encode` a URL (including double-encoding of existing encoded entities), they can use the existing `.encode` method.
2022-08-09 06:28:29 -04:00
Discourse.deprecate(
"UrlHelper.escape_uri is deprecated. For normalization of user input use `.normalized_encode`. For true encoding, use `.encode`",
output_in_test: true,
drop_from: '3.0'
)
normalized_encode(uri)
end
def self.normalized_encode(uri)
FIX: broken onebox images due to url normalization bugs normalized_encode in addressable has a number of issues, including https://github.com/sporkmonger/addressable/issues/472 To temporaily work around those issues for the majority of cases, we try parsing with `::URI`. If that fails (e.g. due to non-ascii characters) then we will fall back to addressable. Hopefully we can simplify this back to `Addressable::URI.normalized_encode` in the future. This commit also adds support for unicode domain names and emoji domain names with escape_uri. This removes an unneeded hack checking for pre-signed urls, which are now handled by the general case due to starting off valid and only being minimally normalized. Previous test case continues to pass. UrlHelper.s3_presigned_url? which was somewhat wide was removed.
2022-08-09 00:42:23 -04:00
validated = nil
url = uri.to_s
# Ideally we will jump straight to `Addressable::URI.normalized_encode`. However,
# that implementation has some edge-case issues like https://github.com/sporkmonger/addressable/issues/472.
# To temporaily work around those issues for the majority of cases, we try parsing with `::URI`.
# If that fails (e.g. due to non-ascii characters) then we will fall back to addressable.
# Hopefully we can simplify this back to `Addressable::URI.normalized_encode` in the future.
# edge case where we expect mailto:test%40test.com to normalize to mailto:test@test.com
if url.match(/\Amailto:/)
return normalize_with_addressable(url)
end
# If it doesn't pass the regexp, it's definitely not gonna parse with URI.parse. Skip
# to addressable
if !url.match?(/\A#{URI::regexp}\z/)
return normalize_with_addressable(url)
end
begin
normalize_with_ruby_uri(url)
rescue URI::Error
normalize_with_addressable(url)
end
FIX: Stop encoding presigned URLs with UrlHelper (#8818) When FinalDestination is given a URL it encodes it before doing anything else. however S3 presigned URLs should not be messed with in any way otherwise we can end up with 400 errors when downloading the URL e.g. <Error><Code>InvalidToken</Code><Message>The provided token is malformed or otherwise invalid.</Message> The signature of presigned URLs is very important and is automatically generated and should be preserved.
2020-01-30 18:09:34 -05:00
end
DEV: Replace SECURE_MEDIA_ROUTE const with other methods (#10545) This is so if the route changes this const won't be around to bite us, use the Rails route methods instead.
2020-08-27 21:28:11 -04:00
def self.rails_route_from_url(url)
FIX - rails_route_from_url would fail if path contained unicode characters
2020-08-28 15:10:10 -04:00
path = URI.parse(encode(url)).path
DEV: Replace SECURE_MEDIA_ROUTE const with other methods (#10545) This is so if the route changes this const won't be around to bite us, use the Rails route methods instead.
2020-08-27 21:28:11 -04:00
Rails.application.routes.recognize_path(path)
FIX: Escaped `mailto` URLs would raise an exception This prevents exceptions from being raised if a URL has an invalid component.
2020-10-05 14:12:33 -04:00
rescue Addressable::URI::InvalidURIError, URI::InvalidComponentError
FIX: Invalid URLs could raise exceptions when calling UrlHelper.rails_route_from_url (#10782) Upload.secure_media_url? raised an exceptions when the URL was invalid, which was a issue in some situations where secure media URLs must be removed. For example, sending digests used PrettyText.strip_secure_media, which used Upload.secure_media_url? to replace secure media with placeholders. If the URL was invalid, then an exception would be raised and left unhandled. Now instead in UrlHelper.rails_route_from_url we return nil if there is something wrong with the URL. Co-authored-by: Bianca Nenciu <nenciu.bianca@gmail.com>
2020-09-30 01:20:00 -04:00
nil
DEV: Replace SECURE_MEDIA_ROUTE const with other methods (#10545) This is so if the route changes this const won't be around to bite us, use the Rails route methods instead.
2020-08-27 21:28:11 -04:00
end
PERF: Improve cook_url performance for topic thumbnails (#11609) - Only initialize the S3Helper when needed - Skip initializing the S3Helper for S3Store#cdn_url - Allow cook_url to be passed a `local` hint to skip unnecessary checks
2020-12-30 13:13:13 -05:00
def self.cook_url(url, secure: false, local: nil)
FIX: errors loading secure uploads when secure uploads is disabled (#13047)
2021-06-08 13:25:51 -04:00
is_secure = SiteSetting.secure_media && secure
PERF: Improve cook_url performance for topic thumbnails (#11609) - Only initialize the S3Helper when needed - Skip initializing the S3Helper for S3Store#cdn_url - Allow cook_url to be passed a `local` hint to skip unnecessary checks
2020-12-30 13:13:13 -05:00
local = is_local(url) if local.nil?
return url if !local
FIX: store the topic links using the cooked upload url
2018-08-14 06:23:32 -04:00
FIX: errors loading secure uploads when secure uploads is disabled (#13047)
2021-06-08 13:25:51 -04:00
url = is_secure ? secure_proxy_without_cdn(url) : absolute_without_cdn(url)
FIX: ensure local images use local CDN when uploads are stored on S3 When the S3 store was enabled, we were only applying the S3 CDN. So all images stored locally, like the emojis, were never put on the local CDN. Fixed a bunch of CookedPostProcessor test by adding a call to 'optimize_urls' in order to get final URLs. I also removed the unnecessary PrettyText.add_s3_cdn method since this is already handled in the CookedPostProcessor.
2019-02-20 13:24:38 -05:00
FIX: Always return secure_proxy_without_cdn url for secure media (#8394) There was an issue on dev where when uploading secure media, the href of the media was correctly being replaced in the CookedPostProcessor, but the srcset urls were not being replaced correctly. This is because UrlHelper.cook_url was returning the asset host URL for the media for secure media instead of returning early with the proxied secure proxy url.
2019-11-22 00:29:31 -05:00
# we always want secure media to come from
# Discourse.base_url_no_prefix/secure-media-uploads
# to avoid asset_host mixups
FIX: errors loading secure uploads when secure uploads is disabled (#13047)
2021-06-08 13:25:51 -04:00
return schemaless(url) if is_secure
FIX: Always return secure_proxy_without_cdn url for secure media (#8394) There was an issue on dev where when uploading secure media, the href of the media was correctly being replaced in the CookedPostProcessor, but the srcset urls were not being replaced correctly. This is because UrlHelper.cook_url was returning the asset host URL for the media for secure media instead of returning early with the proxied secure proxy url.
2019-11-22 00:29:31 -05:00
DEV: Correct typos and spelling mistakes (#12812) Over the years we accrued many spelling mistakes in the code base. This PR attempts to fix spelling mistakes and typos in all areas of the code that are extremely safe to change - comments - test descriptions - other low risk areas
2021-05-20 21:43:47 -04:00
# PERF: avoid parsing url except for extreme conditions
PERF: optimize homepage and topic performance (#11607) These are a few small tweaks that slightly improve performance. - we omitted 1 query from the post guardian which could cause an N+1 - cook_url has been sped up a bit - url helper avoids re-creating sets for no reason
2020-12-30 08:08:02 -05:00
# this is a hot path used on home page
filename = url
if url.include?("?")
uri = URI.parse(url)
filename = File.basename(uri.path)
end
# this technically requires a filename, but will work with a URL as long as it end with the
# extension and has no query params
is_attachment = !FileHelper.is_supported_media?(filename)
no_cdn = SiteSetting.login_required || SiteSetting.prevent_anons_from_downloading_files
FIX: ensure local images use local CDN when uploads are stored on S3 When the S3 store was enabled, we were only applying the S3 CDN. So all images stored locally, like the emojis, were never put on the local CDN. Fixed a bunch of CookedPostProcessor test by adding a call to 'optimize_urls' in order to get final URLs. I also removed the unnecessary PrettyText.add_s3_cdn method since this is already handled in the CookedPostProcessor.
2019-02-20 13:24:38 -05:00
unless is_attachment && no_cdn
url = Discourse.store.cdn_url(url)
url = local_cdn_url(url) if Discourse.store.external?
end
FIX: store the topic links using the cooked upload url
2018-08-14 06:23:32 -04:00
schemaless(url)
rescue URI::Error
url
end
FIX: ensure local images use local CDN when uploads are stored on S3 When the S3 store was enabled, we were only applying the S3 CDN. So all images stored locally, like the emojis, were never put on the local CDN. Fixed a bunch of CookedPostProcessor test by adding a call to 'optimize_urls' in order to get final URLs. I also removed the unnecessary PrettyText.add_s3_cdn method since this is already handled in the CookedPostProcessor.
2019-02-20 13:24:38 -05:00
def self.local_cdn_url(url)
return url if Discourse.asset_host.blank?
FIX: 'local_cdn_url' method should work for local relative urls too.
2019-10-14 02:09:16 -04:00
if url.start_with?("/#{Discourse.store.upload_path}/")
"#{Discourse.asset_host}#{url}"
else
url.sub(Discourse.base_url_no_prefix, Discourse.asset_host)
end
FIX: ensure local images use local CDN when uploads are stored on S3 When the S3 store was enabled, we were only applying the S3 CDN. So all images stored locally, like the emojis, were never put on the local CDN. Fixed a bunch of CookedPostProcessor test by adding a call to 'optimize_urls' in order to get final URLs. I also removed the unnecessary PrettyText.add_s3_cdn method since this is already handled in the CookedPostProcessor.
2019-02-20 13:24:38 -05:00
end
FIX: broken onebox images due to url normalization bugs normalized_encode in addressable has a number of issues, including https://github.com/sporkmonger/addressable/issues/472 To temporaily work around those issues for the majority of cases, we try parsing with `::URI`. If that fails (e.g. due to non-ascii characters) then we will fall back to addressable. Hopefully we can simplify this back to `Addressable::URI.normalized_encode` in the future. This commit also adds support for unicode domain names and emoji domain names with escape_uri. This removes an unneeded hack checking for pre-signed urls, which are now handled by the general case due to starting off valid and only being minimally normalized. Previous test case continues to pass. UrlHelper.s3_presigned_url? which was somewhat wide was removed.
2022-08-09 00:42:23 -04:00
private
def self.normalize_with_addressable(url)
u = Addressable::URI.normalized_encode(url, Addressable::URI)
if u.host && !u.host.ascii_only?
u.host = ::Addressable::IDNA.to_ascii(u.host)
end
u.to_s
end
def self.normalize_with_ruby_uri(url)
u = URI.parse(url)
if u.scheme && u.scheme != u.scheme.downcase
u.scheme = u.scheme.downcase
end
if u.host && u.host != u.host.downcase
u.host = u.host.downcase
end
u.to_s
end
FIX markdown hotlinked images were not properly pulled
2013-11-20 07:10:08 -05:00
end