github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-31 09:17:15 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Stop encoding presigned URLs with UrlHelper (#8818)

Browse Source 
When FinalDestination is given a URL it encodes it before doing anything else. however S3 presigned URLs should not be messed with in any way otherwise we can end up with 400 errors when downloading the URL e.g.

<Error><Code>InvalidToken</Code><Message>The provided token is malformed or otherwise invalid.</Message>

The signature of presigned URLs is very important and is automatically generated and should be preserved.
This commit is contained in:
Martin Brennan
2020-01-31 09:09:34 +10:00
committed by GitHub
parent a520012538
commit 8d77e99827
2 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/url_helper.rb
View File

@ -63,9 +63,14 @@ class UrlHelper
# Prevents double URL encode
# https://stackoverflow.com/a/37599235
def self.escape_uri(uri)
return uri if s3_presigned_url?(uri)
UrlHelper.encode_component(CGI.unescapeHTML(UrlHelper.unencode(uri)))
end
def self.s3_presigned_url?(url)
(url.downcase =~ /x-amz-algorithm|x-amz-credential/).present?
end
def self.cook_url(url, secure: false)
return url unless is_local(url)