nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make sure URLs are encoded before sending them to camo

Browse source 
Otherwise camo crashes with:
TypeError [ERR_UNESCAPED_CHARACTERS]: Request path contains unescaped characters

closes #7871
This commit is contained in:
Benjamin Neff 2018-09-30 03:53:16 +02:00 committed by Dennis Schubert
parent b6333e0b1b
commit d765b34018
No known key found for this signature in database
GPG key ID: 5A0304BEA7966D7E
3 changed files with 20 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Changelog.md
View file

@ -7,6 +7,7 @@
* Add compatibility with macOS to `script/configure_bundler` [#7830](https://github.com/diaspora/diaspora/pull/7830)
* Fix comment and like notifications on posts without text [#7857](https://github.com/diaspora/diaspora/pull/7857) [#7853](https://github.com/diaspora/diaspora/pull/7853)
* Fix issue with some language fallbacks not working correctly [#7861](https://github.com/diaspora/diaspora/pull/7861)
* Make sure URLs are encoded before sending them to camo [#7871](https://github.com/diaspora/diaspora/pull/7871)
## Features
* Add `web+diaspora://` link handler [#7826](https://github.com/diaspora/diaspora/pull/7826)

2
lib/diaspora/camo.rb
View file

@ -17,6 +17,8 @@ module Diaspora
return unless url
return url unless self.url_eligible?(url)
url = Addressable::URI.encode(Addressable::URI.unencode(url))
digest = OpenSSL::HMAC.hexdigest(
OpenSSL::Digest.new('sha1'),
AppConfig.privacy.camo.key,

17
spec/lib/diaspora/camo_spec.rb
View file

@ -32,6 +32,23 @@ describe Diaspora::Camo do
it 'should rewrite external URLs' do
expect(Diaspora::Camo.image_url(@raw_image_url)).to eq(@camo_image_url)
end
context "URL encoding" do
let(:camo_image_url) {
AppConfig.privacy.camo.root +
"bbafe590034b976852f9a46dbcc7709e1a8e7dfb/68747470733a2f2f6578616d706c652e636f6d2f2543332541312543332541392" \
"543332542333f666f6f3d254333254134254333254243254333254236266261723d61254343253830"
}
it "should encode URLs before sending to camo" do
expect(Diaspora::Camo.image_url("https://example.com/áéó?foo=äüö&bar=à")).to eq(camo_image_url)
end
it "should not double encode already encoded URLs" do
expect(Diaspora::Camo.image_url("https://example.com/%C3%A1%C3%A9%C3%B3?foo=%C3%A4%C3%BC%C3%B6&bar=a%CC%80"))
.to eq(camo_image_url)
end
end
end
describe '#from_markdown' do