FIX: Embedding was broken with non-english URLs and ports

This commit is contained in:
Robin Ward 2017-02-27 12:17:52 -05:00
parent 877957ae88
commit bf9626d031
2 changed files with 15 additions and 2 deletions

View File

@ -10,13 +10,17 @@ class EmbeddableHost < ActiveRecord::Base
def self.record_for_url(uri) def self.record_for_url(uri)
if uri.is_a?(String) if uri.is_a?(String)
uri = URI(uri) rescue nil uri = URI(URI.encode(uri)) rescue nil
end end
return false unless uri.present? return false unless uri.present?
host = uri.host host = uri.host
return false unless host.present? return false unless host.present?
if uri.port.present? && uri.port != 80 && uri.port != 443
host << ":#{uri.port}"
end
path = uri.path path = uri.path
path << "?" << uri.query if uri.query.present? path << "?" << uri.query if uri.query.present?
@ -28,7 +32,7 @@ class EmbeddableHost < ActiveRecord::Base
end end
def self.url_allowed?(url) def self.url_allowed?(url)
uri = URI(url) rescue nil uri = URI(URI.encode(url)) rescue nil
uri.present? && record_for_url(uri).present? uri.present? && record_for_url(uri).present?
end end

View File

@ -49,12 +49,21 @@ describe EmbeddableHost do
expect(eh).not_to be_valid expect(eh).not_to be_valid
end end
describe "it works with ports" do
let!(:host) { Fabricate(:embeddable_host, host: 'localhost:8000') }
it "works as expected" do
expect(EmbeddableHost.url_allowed?('http://localhost:8000/eviltrout')).to eq(true)
end
end
describe "url_allowed?" do describe "url_allowed?" do
let!(:host) { Fabricate(:embeddable_host) } let!(:host) { Fabricate(:embeddable_host) }
it 'works as expected' do it 'works as expected' do
expect(EmbeddableHost.url_allowed?('http://eviltrout.com')).to eq(true) expect(EmbeddableHost.url_allowed?('http://eviltrout.com')).to eq(true)
expect(EmbeddableHost.url_allowed?('https://eviltrout.com')).to eq(true) expect(EmbeddableHost.url_allowed?('https://eviltrout.com')).to eq(true)
expect(EmbeddableHost.url_allowed?('https://eviltrout.com/انگلیسی')).to eq(true)
expect(EmbeddableHost.url_allowed?('https://not-eviltrout.com')).to eq(false) expect(EmbeddableHost.url_allowed?('https://not-eviltrout.com')).to eq(false)
end end