2019-05-03 06:17:27 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2015-06-12 18:02:36 +08:00
|
|
|
class UrlHelper
|
2013-11-20 20:10:08 +08:00
|
|
|
|
2018-12-11 15:03:13 +08:00
|
|
|
# At the moment this handles invalid URLs that browser address bar accepts
|
|
|
|
# where second # is not encoded
|
|
|
|
#
|
|
|
|
# Longer term we can add support of simpleidn and encode unicode domains
|
|
|
|
def self.relaxed_parse(url)
|
|
|
|
url, fragment = url.split("#", 2)
|
|
|
|
uri = URI.parse(url)
|
|
|
|
if uri
|
2019-12-12 10:49:21 +08:00
|
|
|
# Addressable::URI::CharacterClasses::UNRESERVED is used here because without it
|
|
|
|
# the # in the fragment is not encoded
|
|
|
|
fragment = Addressable::URI.encode_component(fragment, Addressable::URI::CharacterClasses::UNRESERVED) if fragment&.include?('#')
|
2018-12-11 15:03:13 +08:00
|
|
|
uri.fragment = fragment
|
|
|
|
uri
|
|
|
|
end
|
|
|
|
rescue URI::Error
|
|
|
|
end
|
|
|
|
|
2019-12-12 10:49:21 +08:00
|
|
|
def self.encode_and_parse(url)
|
|
|
|
URI.parse(Addressable::URI.encode(url))
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.encode(url)
|
|
|
|
Addressable::URI.encode(url)
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.unencode(url)
|
|
|
|
Addressable::URI.unencode(url)
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.encode_component(url_component)
|
|
|
|
Addressable::URI.encode_component(url_component)
|
|
|
|
end
|
|
|
|
|
2015-06-12 18:02:36 +08:00
|
|
|
def self.is_local(url)
|
2014-07-18 23:54:18 +08:00
|
|
|
url.present? && (
|
|
|
|
Discourse.store.has_been_uploaded?(url) ||
|
2019-04-14 01:35:23 +08:00
|
|
|
!!(url =~ Regexp.new("^#{Discourse.base_uri}/(assets|plugins|images)/")) ||
|
2014-07-18 23:54:18 +08:00
|
|
|
url.start_with?(Discourse.asset_host || Discourse.base_url_no_prefix)
|
|
|
|
)
|
2013-11-20 20:10:08 +08:00
|
|
|
end
|
|
|
|
|
2015-06-12 18:02:36 +08:00
|
|
|
def self.absolute(url, cdn = Discourse.asset_host)
|
2019-05-03 06:17:27 +08:00
|
|
|
cdn = "https:#{cdn}" if cdn && cdn =~ /^\/\//
|
2013-12-17 07:35:34 +08:00
|
|
|
url =~ /^\/[^\/]/ ? (cdn || Discourse.base_url_no_prefix) + url : url
|
|
|
|
end
|
|
|
|
|
2015-06-12 18:02:36 +08:00
|
|
|
def self.absolute_without_cdn(url)
|
|
|
|
self.absolute(url, nil)
|
2013-11-20 20:10:08 +08:00
|
|
|
end
|
|
|
|
|
2015-06-12 18:02:36 +08:00
|
|
|
def self.schemaless(url)
|
2016-06-30 22:55:01 +08:00
|
|
|
url.sub(/^http:/i, "")
|
2013-11-20 20:10:08 +08:00
|
|
|
end
|
|
|
|
|
2019-11-18 09:25:42 +08:00
|
|
|
def self.secure_proxy_without_cdn(url)
|
2020-01-24 09:59:30 +08:00
|
|
|
self.absolute(Upload.secure_media_url_from_upload_url(url), nil)
|
2019-11-18 09:25:42 +08:00
|
|
|
end
|
|
|
|
|
2017-12-13 00:50:39 +08:00
|
|
|
# Prevents double URL encode
|
|
|
|
# https://stackoverflow.com/a/37599235
|
2019-12-12 10:49:21 +08:00
|
|
|
def self.escape_uri(uri)
|
2020-01-31 07:09:34 +08:00
|
|
|
return uri if s3_presigned_url?(uri)
|
2019-12-12 10:49:21 +08:00
|
|
|
UrlHelper.encode_component(CGI.unescapeHTML(UrlHelper.unencode(uri)))
|
2020-01-31 07:09:34 +08:00
|
|
|
end
|
|
|
|
|
2020-08-28 09:28:11 +08:00
|
|
|
def self.rails_route_from_url(url)
|
2020-08-29 03:10:10 +08:00
|
|
|
path = URI.parse(encode(url)).path
|
2020-08-28 09:28:11 +08:00
|
|
|
Rails.application.routes.recognize_path(path)
|
2020-09-30 13:20:00 +08:00
|
|
|
rescue Addressable::URI::InvalidURIError
|
|
|
|
nil
|
2020-08-28 09:28:11 +08:00
|
|
|
end
|
|
|
|
|
2020-01-31 07:09:34 +08:00
|
|
|
def self.s3_presigned_url?(url)
|
2020-02-03 12:22:35 +08:00
|
|
|
url[/x-amz-(algorithm|credential)/i].present?
|
2017-12-13 00:50:39 +08:00
|
|
|
end
|
|
|
|
|
2019-11-18 09:25:42 +08:00
|
|
|
def self.cook_url(url, secure: false)
|
2018-08-14 18:23:32 +08:00
|
|
|
return url unless is_local(url)
|
|
|
|
|
|
|
|
uri = URI.parse(url)
|
|
|
|
filename = File.basename(uri.path)
|
2019-11-18 09:25:42 +08:00
|
|
|
is_attachment = !FileHelper.is_supported_media?(filename)
|
2018-08-14 18:23:32 +08:00
|
|
|
|
|
|
|
no_cdn = SiteSetting.login_required || SiteSetting.prevent_anons_from_downloading_files
|
|
|
|
|
2019-11-18 09:25:42 +08:00
|
|
|
url = secure ? secure_proxy_without_cdn(url) : absolute_without_cdn(url)
|
2019-02-21 02:24:38 +08:00
|
|
|
|
2019-11-22 13:29:31 +08:00
|
|
|
# we always want secure media to come from
|
|
|
|
# Discourse.base_url_no_prefix/secure-media-uploads
|
|
|
|
# to avoid asset_host mixups
|
|
|
|
return schemaless(url) if secure
|
|
|
|
|
2019-02-21 02:24:38 +08:00
|
|
|
unless is_attachment && no_cdn
|
|
|
|
url = Discourse.store.cdn_url(url)
|
|
|
|
url = local_cdn_url(url) if Discourse.store.external?
|
|
|
|
end
|
2018-08-14 18:23:32 +08:00
|
|
|
|
|
|
|
schemaless(url)
|
|
|
|
rescue URI::Error
|
|
|
|
url
|
|
|
|
end
|
|
|
|
|
2019-02-21 02:24:38 +08:00
|
|
|
def self.local_cdn_url(url)
|
|
|
|
return url if Discourse.asset_host.blank?
|
2019-10-14 14:09:16 +08:00
|
|
|
if url.start_with?("/#{Discourse.store.upload_path}/")
|
|
|
|
"#{Discourse.asset_host}#{url}"
|
|
|
|
else
|
|
|
|
url.sub(Discourse.base_url_no_prefix, Discourse.asset_host)
|
|
|
|
end
|
2019-02-21 02:24:38 +08:00
|
|
|
end
|
|
|
|
|
2013-11-20 20:10:08 +08:00
|
|
|
end
|