github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 18:51:08 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

In development mode, relax restrictions on embedding.

Browse Source
This commit is contained in:
Robin Ward
2014-01-02 11:32:50 -05:00
parent abf910d210
commit 1478f08e4f
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/controllers/embed_controller.rb
View File

@ -22,8 +22,11 @@ class EmbedController < ApplicationController
private private
def ensure_embeddable def ensure_embeddable
if !(Rails.env.development? && current_user.try(:admin?))
raise Discourse::InvalidAccess.new('embeddable host not set') if SiteSetting.embeddable_host.blank? raise Discourse::InvalidAccess.new('embeddable host not set') if SiteSetting.embeddable_host.blank?
raise Discourse::InvalidAccess.new('invalid referer host') if URI(request.referer || '').host != SiteSetting.embeddable_host raise Discourse::InvalidAccess.new('invalid referer host') if uri.host != SiteSetting.embeddable_host
end
response.headers['X-Frame-Options'] = "ALLOWALL" response.headers['X-Frame-Options'] = "ALLOWALL"
rescue URI::InvalidURIError rescue URI::InvalidURIError

2
app/views/embed/best.html.erb
View File

@ -23,7 +23,7 @@
<footer> <footer>
<%= link_to(I18n.t('embed.continue'), @topic_view.topic.url, class: 'button', target: '_blank') %> <%= link_to(I18n.t('embed.continue'), @topic_view.topic.url, class: 'button', target: '_blank') %>
<%= link_to(image_tag(SiteSetting.logo_url, class: 'logo'), Discourse.base_url) %> <%= link_to(image_tag(SiteSetting.logo_url, class: 'logo'), Discourse.base_url, target: '_blank') %>
</footer> </footer>
<% end %> <% end %>