github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-21 18:12:32 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse""

Browse Source 
This reverts commit 20780a1eeed56b321daf18ee6bbfe681a51d1bf4.

* SECURITY: re-adds accidentally reverted commit:
  03d26cd6: ensure embed_url contains valid http(s) uri
* when the merge commit e62a85cf was reverted, git chose the 2660c2e2 parent to land on
  instead of the 03d26cd6 parent (which contains security fixes)
This commit is contained in:
Michael Brown
2020-05-23 00:56:13 -04:00
parent 20780a1eee
commit d9a02d1336
236 changed files with 1031 additions and 715 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/post_creator.rb
View File

@ -374,6 +374,10 @@ class PostCreator
# discourse post.
def create_embedded_topic
return unless @opts[:embed_url].present?
original_uri = URI.parse(@opts[:embed_url])
raise Discourse::InvalidParameters.new(:embed_url) unless original_uri.is_a?(URI::HTTP)
embed = TopicEmbed.new(topic_id: @post.topic_id, post_id: @post.id, embed_url: @opts[:embed_url])
rollback_from_errors!(embed) unless embed.save
end