Ignore invalid URLs for camo

When people only write `https://` as image URL, this would fail with
`Addressable::URI::InvalidURIError: Absolute URI missing hierarchical segment: 'https://'`.

closes #7922
parent b2712ebf
# 0.7.8.0
## Refactor
* Make setting up a development environment 9001% easier by adding a Docker-based setup [#7870](https://github.com/diaspora/diaspora/pull/7870)
* Improve `web+diaspora://` handler description [#7909](https://github.com/diaspora/diaspora/pull/7909)
* Move comment timestamp next to author name [#7905](https://github.com/diaspora/diaspora/pull/7905)
## Bug fixes
* Ignore invalid URLs for camo [#7922](https://github.com/diaspora/diaspora/pull/7922)
## Features
* Add the ability to assign roles in the admin panel [#7868](https://github.com/diaspora/diaspora/pull/7868)
* Improve memory usage with libjemalloc if available [#7919](https://github.com/diaspora/diaspora/pull/7919)
......
......@@ -17,7 +17,11 @@ module Diaspora
return unless url
return url unless self.url_eligible?(url)
url = Addressable::URI.encode(Addressable::URI.unencode(url))
begin
url = Addressable::URI.encode(Addressable::URI.unencode(url))
rescue Addressable::URI::InvalidURIError
return url
end
digest = OpenSSL::HMAC.hexdigest(
OpenSSL::Digest.new('sha1'),
......
......@@ -48,6 +48,10 @@ describe Diaspora::Camo do
expect(Diaspora::Camo.image_url("https://example.com/%C3%A1%C3%A9%C3%B3?foo=%C3%A4%C3%BC%C3%B6&bar=a%CC%80"))
.to eq(camo_image_url)
end
it "ignores invalid urls" do
expect(Diaspora::Camo.image_url("https://")).to eq("https://")
end
end
end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment