mirror of
https://github.com/discourse/discourse.git
synced 2024-11-22 16:02:46 +08:00
extract url escaping to a dedicated class method and improved tests
This commit is contained in:
Arpit Jalan
parent
1fe553873c
commit
b059a0f789
|
|
@ -10,9 +10,10 @@ class FinalDestination
|
||||||
attr_reader :cookie
|
attr_reader :cookie
|
||||||
|
|
||||||
def initialize(url, opts = nil)
|
def initialize(url, opts = nil)
|
||||||
|
@url = url
|
||||||
@uri =
|
@uri =
|
||||||
begin
|
begin
|
||||||
URI(URI.escape(CGI.unescapeHTML(url), Regexp.new("[^#{URI::PATTERN::UNRESERVED}#{URI::PATTERN::RESERVED}#]"))) if url
|
URI(escape_url) if @url
|
||||||
rescue URI::InvalidURIError
|
rescue URI::InvalidURIError
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
@ -176,6 +177,10 @@ class FinalDestination
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def escape_url
|
||||||
|
URI.escape(CGI.unescapeHTML(@url), Regexp.new("[^#{URI::PATTERN::UNRESERVED}#{URI::PATTERN::RESERVED}#]"))
|
||||||
|
end
|
||||||
|
|
||||||
def private_ranges
|
def private_ranges
|
||||||
FinalDestination.standard_private_ranges +
|
FinalDestination.standard_private_ranges +
|
||||||
SiteSetting.blacklist_ip_blocks.split('|').map { |r| IPAddr.new(r) rescue nil }.compact
|
SiteSetting.blacklist_ip_blocks.split('|').map { |r| IPAddr.new(r) rescue nil }.compact
|
||||||
|
|
|
||||||
|
|
@ -60,21 +60,6 @@ describe FinalDestination do
|
||||||
stub_request(:head, "https://eviltrout.com").to_return(doc_response)
|
stub_request(:head, "https://eviltrout.com").to_return(doc_response)
|
||||||
end
|
end
|
||||||
|
|
||||||
it "escapes url" do
|
|
||||||
url = 'https://eviltrout.com?s=180&d=mm&r=g'
|
|
||||||
escaped_url = URI.escape(CGI.unescapeHTML(url), Regexp.new("[^#{URI::PATTERN::UNRESERVED}#{URI::PATTERN::RESERVED}#]"))
|
|
||||||
stub_request(:head, escaped_url).to_return(doc_response)
|
|
||||||
|
|
||||||
expect(fd(url).resolve.to_s).to eq(escaped_url)
|
|
||||||
end
|
|
||||||
|
|
||||||
it "preserves url fragment identifier" do
|
|
||||||
url = 'https://eviltrout.com/2016/02/25/fixing-android-performance.html#discourse-comments'
|
|
||||||
stub_request(:head, 'https://eviltrout.com/2016/02/25/fixing-android-performance.html').to_return(doc_response)
|
|
||||||
|
|
||||||
expect(fd(url).resolve.to_s).to eq(url)
|
|
||||||
end
|
|
||||||
|
|
||||||
it "returns the final url" do
|
it "returns the final url" do
|
||||||
final = FinalDestination.new('https://eviltrout.com', opts)
|
final = FinalDestination.new('https://eviltrout.com', opts)
|
||||||
expect(final.resolve.to_s).to eq('https://eviltrout.com')
|
expect(final.resolve.to_s).to eq('https://eviltrout.com')
|
||||||
|
|
@ -288,4 +273,14 @@ describe FinalDestination do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe ".escape_url" do
|
||||||
|
it "correctly escapes url" do
|
||||||
|
fragment_url = "https://eviltrout.com/2016/02/25/fixing-android-performance.html#discourse-comments"
|
||||||
|
|
||||||
|
expect(fd(fragment_url).escape_url.to_s).to eq(fragment_url)
|
||||||
|
expect(fd("https://eviltrout.com?s=180&d=mm&r=g").escape_url.to_s).to eq("https://eviltrout.com?s=180&d=mm&r=g")
|
||||||
|
expect(fd("http://example.com/?a=\11\15").escape_url.to_s).to eq("http://example.com/?a=%09%0D")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user