From 4b9acd680632715fdab854a4d4cbf9471418dff8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9gis=20Hanol?= Date: Wed, 7 May 2014 19:49:16 +0200 Subject: [PATCH] BUGFIX: make sure we do not try to pull images from the CDN --- app/jobs/regular/pull_hotlinked_images.rb | 18 +++++++++++++++--- app/models/site_setting.rb | 2 +- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/app/jobs/regular/pull_hotlinked_images.rb b/app/jobs/regular/pull_hotlinked_images.rb index df0ebab2a66..885871ae30d 100644 --- a/app/jobs/regular/pull_hotlinked_images.rb +++ b/app/jobs/regular/pull_hotlinked_images.rb @@ -94,9 +94,21 @@ module Jobs end def is_valid_image_url(src) - src.present? && - !Discourse.store.has_been_uploaded?(src) && - !src.start_with?(Discourse.asset_host || Discourse.base_url_no_prefix) && + # make sure we actually have a url + return false unless src.present? + # we don't want to pull uploaded images + return false if Discourse.store.has_been_uploaded?(src) + # parse the src + begin + uri = URI.parse(src) + rescue URI::InvalidURIError + return false + end + # we don't want to pull images hosted on the CDN (if we use one) + return false if Discourse.asset_host.present? && URI.parse(Discourse.asset_host).hostname == uri.hostname + # we don't want to pull images hosted on the main domain + return false if URI.parse(Discourse.base_url_no_prefix).hostname == uri.hostname + # check the domains blacklist SiteSetting.should_download_images?(src) end diff --git a/app/models/site_setting.rb b/app/models/site_setting.rb index 252213e31cd..a1f03cca931 100644 --- a/app/models/site_setting.rb +++ b/app/models/site_setting.rb @@ -75,8 +75,8 @@ class SiteSetting < ActiveRecord::Base def self.should_download_images?(src) setting = disabled_image_download_domains return true unless setting.present? - host = URI.parse(src).host + host = URI.parse(src).host return !(setting.split('|').include?(host)) rescue URI::InvalidURIError return true