github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 16:11:08 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse""

Browse Source 
This reverts commit 20780a1eeed56b321daf18ee6bbfe681a51d1bf4.

* SECURITY: re-adds accidentally reverted commit:
  03d26cd6: ensure embed_url contains valid http(s) uri
* when the merge commit e62a85cf was reverted, git chose the 2660c2e2 parent to land on
  instead of the 03d26cd6 parent (which contains security fixes)
This commit is contained in:
Michael Brown
2020-05-23 00:56:13 -04:00
parent 20780a1eee
commit d9a02d1336
236 changed files with 1031 additions and 715 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
spec/models/topic_embed_spec.rb
View File

@ -308,6 +308,14 @@ describe TopicEmbed do
end
end
context "non-http URL" do
let(:url) { '/test.txt' }
it "throws an error" do
expect { TopicEmbed.find_remote(url) }.to raise_error(URI::InvalidURIError)
end
end
context "emails" do
let(:url) { 'http://example.com/foo' }
let(:contents) { '<p><a href="mailto:foo%40example.com">URL encoded @ symbol</a></p><p><a href="mailto:bar@example.com">normal mailto link</a></p>' }