65 lines
1.7 KiB
Ruby
65 lines
1.7 KiB
Ruby
class EmbeddableHost < ActiveRecord::Base
|
|
validate :host_must_be_valid
|
|
belongs_to :category
|
|
|
|
before_validation do
|
|
self.host.sub!(/^https?:\/\//, '')
|
|
self.host.sub!(/\/.*$/, '')
|
|
end
|
|
|
|
def self.record_for_url(uri)
|
|
|
|
if uri.is_a?(String)
|
|
uri = URI(URI.encode(uri)) rescue nil
|
|
end
|
|
return false unless uri.present?
|
|
|
|
host = uri.host
|
|
return false unless host.present?
|
|
|
|
if uri.port.present? && uri.port != 80 && uri.port != 443
|
|
host << ":#{uri.port}"
|
|
end
|
|
|
|
path = uri.path
|
|
path << "?" << uri.query if uri.query.present?
|
|
|
|
where("lower(host) = ?", host).each do |eh|
|
|
return eh if eh.path_whitelist.blank? || !Regexp.new(eh.path_whitelist).match(path).nil?
|
|
end
|
|
|
|
nil
|
|
end
|
|
|
|
def self.url_allowed?(url)
|
|
# Work around IFRAME reload on WebKit where the referer will be set to the Forum URL
|
|
return true if url&.starts_with?(Discourse.base_url)
|
|
|
|
uri = URI(URI.encode(url)) rescue nil
|
|
uri.present? && record_for_url(uri).present?
|
|
end
|
|
|
|
private
|
|
|
|
def host_must_be_valid
|
|
if host !~ /\A[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,10}(:[0-9]{1,5})?(\/.*)?\Z/i &&
|
|
host !~ /\A(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})(:[0-9]{1,5})?(\/.*)?\Z/ &&
|
|
host !~ /\A([a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.)?localhost(\:[0-9]{1,5})?(\/.*)?\Z/i
|
|
errors.add(:host, I18n.t('errors.messages.invalid'))
|
|
end
|
|
end
|
|
end
|
|
|
|
# == Schema Information
|
|
#
|
|
# Table name: embeddable_hosts
|
|
#
|
|
# id :integer not null, primary key
|
|
# host :string not null
|
|
# category_id :integer not null
|
|
# created_at :datetime not null
|
|
# updated_at :datetime not null
|
|
# path_whitelist :string
|
|
# class_name :string
|
|
#
|