discourse/lib/final_destination
Ted Johansson 59867cc091
DEV: Gracefully handle user avatar download SSRF errors (#21523)
### Background

When SSRF detection fails, the exception bubbles all the way up, causing a log alert. This isn't actionable, and should instead be ignored. The existing `rescue` does already ignore network errors, but fails to account for SSRF exceptions coming from `FinalDestination`.

### What is this change?

This PR does two things.

---

Firstly, it introduces a common root exception class, `FinalDestination::SSRFError` for SSRF errors. This serves two functions: 1) it makes it easier to rescue both errors at once, which is generally what one wants to do and 2) prevents having to dig deep into the class hierarchy for the constant.

This change is fully backwards compatible thanks to how inheritance and exception handling works.

---

Secondly, it rescues this new exception in `UserAvatar.import_url_for_user`, which is causing sporadic errors to be logged in production. After this SSRF errors are handled the same as network errors.
2023-05-12 15:32:02 +08:00
..
faraday_adapter.rb SECURITY: Expand and improve SSRF Protections (#18815) 2022-11-01 16:33:17 +00:00
fast_image.rb SECURITY: Add FinalDestination::FastImage that's SSRF safe 2023-03-16 15:27:09 -06:00
http.rb Revert "DEV: Allow webmock to intercept `FinalDestination::HTTP` requests (#20575)" (#20576) 2023-03-08 11:26:32 +08:00
resolver.rb FIX: allow changing default DNS query timeout of 2s via GlobalSetting (#20383) 2023-02-21 09:54:29 +11:00
ssrf_detector.rb DEV: Gracefully handle user avatar download SSRF errors (#21523) 2023-05-12 15:32:02 +08:00