Gerhard Schlager
e30851e45a
Move escape_uri method to a more suitable place
2017-12-12 20:17:46 +01:00
Régis Hanol
de037da731
FIX: FinalDestination's small_get method wasn't using proper request headers
2017-11-17 17:24:35 +01:00
Régis Hanol
aebcd56300
FIX: try a GET for error code 406
2017-11-17 16:59:51 +01:00
Régis Hanol
221ff24418
SQL != Ruby
2017-11-17 16:12:20 +01:00
Régis Hanol
a0fc8bd924
don't log 404s to gravatar.com
2017-11-17 15:38:26 +01:00
Sam
3ac7d041ae
UX: generic onebox treats all square images as avatars and renders them smaller
2017-11-13 11:21:19 +11:00
Gerhard Schlager
d1f257d275
FinalDestination should only log when verbose is enabled
2017-10-31 17:16:59 +01:00
Gerhard Schlager
8c27f28dcb
add more logging to FinalDestination
2017-10-31 12:26:35 +01:00
Sam Saffron
8185b8cb06
FEATURE: cache https redirects per hostname
...
If a hostname does an https redirect we cache that so next
lookup does not incur it.
Also, only rate limit per ip once per final destination
Raise final destination protection to 1000 ip lookups an hour
2017-10-17 16:22:54 +11:00
Sam
70bb2aa426
FEATURE: allow specifying s3 config via globals
...
This refactors handling of s3 so it can be specified via GlobalSetting
This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3
It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
Sam
8ecf313a81
FIX: correctly raise errors when downloads fail
...
This corrects an issue where we are hitting Gravatar for 404 over and over
Also ensures file download properly reports errors
2017-09-28 16:35:43 +10:00
Guo Xiang Tan
5324c01209
FIX: Don't raise an error if reading from URL timeout.
2017-09-27 14:53:22 +08:00
Guo Xiang Tan
367fb1c524
FIX: Onebox fails on encoded URL.
...
https://meta.discourse.org/t/onebox-breaks-if-theres-chinese-text-in-url/67364
2017-09-26 18:34:54 +08:00
Joffrey JAFFEUX
6cd8203686
FIX: allows onebox to force GET hosts returning wrong headers on HEAD
2017-08-08 11:44:27 +02:00
Arpit Jalan
b059a0f789
extract url escaping to a dedicated class method and improved tests
2017-07-29 22:16:51 +05:30
Arpit Jalan
1fe553873c
FIX: preserve fragment identifier when escaping url
2017-07-29 17:22:45 +05:30
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Guo Xiang Tan
b534778f46
FIX: Escape URL before attempting to resolve it.
2017-07-18 10:04:24 +09:00
Guo Xiang Tan
089a1bd3be
Specify the error that we want to ignore instead of rescuing all errors.
2017-07-18 09:55:52 +09:00
Robin Ward
db485ae0da
FIX: Support for skipping redirects on certain domains (like steam)
2017-06-26 15:38:43 -04:00
Robin Ward
7366f334b0
FIX: Try a GET for error code 409 too -- (Medium posts)
2017-06-15 15:09:59 -04:00
Robin Ward
009f0921dc
FEATURE: Whitelist hosts for internal crawling
2017-06-13 12:59:54 -04:00
Robin Ward
a3729b51eb
FIX: Always allow the host the forum is hosted on
2017-06-12 13:22:51 -04:00
Robin Ward
53b95f009f
FIX: If HEAD is not supported, try GET. Also set cookies
2017-06-06 13:53:49 -04:00
Robin Ward
0a08c18a14
FIX: Don't rate limit gravatar downloads
2017-05-24 13:54:26 -04:00
Robin Ward
3b0cbf7013
FIX: Always allow downloads from CDN
2017-05-23 16:32:54 -04:00
Robin Ward
b81e7be9a1
FEATURE: Rate limit how often we'll crawl a destination IP
2017-05-23 15:03:04 -04:00
Robin Ward
36e477750c
FIX: Use same code path for downloading images
2017-05-23 14:51:30 -04:00
Robin Ward
e5e7a15a85
SECURITY: Never crawl by IP
2017-05-23 13:07:18 -04:00
Robin Ward
93a5fc62bf
FEATURE: A site setting to prevent crawling on private IP blocks
2017-05-23 11:56:06 -04:00
Robin Ward
b8d78b33c6
FIX: Other content types like images are fine
2017-05-22 16:51:37 -04:00
Robin Ward
b23fc2bf84
Helper to find the final destination for a URL
2017-05-22 15:52:41 -04:00