github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-01 17:40:43 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: Onebox canonical links bypassing FinalDestination checks (#13605)

Browse Source
This commit is contained in:
Arpit Jalan
2021-07-01 20:09:29 +05:30
committed by GitHub
parent 1c38b4abf1
commit 05bdbd9f97
6 changed files with 45 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
spec/lib/onebox/engine/twitter_status_onebox_spec.rb
View File

@ -59,7 +59,7 @@ describe Onebox::Engine::TwitterStatusOnebox do
shared_context "quoted tweet info" do
before do
@link = "https://twitter.com/Metallica/status/1128068672289890305"
@link = "https://twitter.com/metallica/status/1128068672289890305"
@onebox_fixture = "twitterstatus_quoted"
stub_request(:get, @link.downcase).to_return(status: 200, body: onebox_response(@onebox_fixture))