mirror of
https://github.com/discourse/discourse.git
synced 2024-11-22 09:42:02 +08:00
SECURITY: ensures timeouts are correctly used on connect (#13455)
This commit is contained in:
parent
515fd8a4c3
commit
e50b7e9111
|
@ -196,6 +196,7 @@ class FinalDestination
|
|||
response = Excon.public_send(@http_verb,
|
||||
@uri.to_s,
|
||||
read_timeout: timeout,
|
||||
connect_timeout: timeout,
|
||||
headers: headers,
|
||||
middlewares: middlewares
|
||||
)
|
||||
|
|
|
@ -63,8 +63,7 @@ module Onebox
|
|||
end
|
||||
|
||||
result = StringIO.new
|
||||
Net::HTTP.start(uri.host, uri.port, use_ssl: uri.normalized_scheme == 'https') do |http|
|
||||
http.open_timeout = Onebox.options.connect_timeout
|
||||
Net::HTTP.start(uri.host, uri.port, open_timeout: Onebox.options.connect_timeout, use_ssl: uri.normalized_scheme == 'https') do |http|
|
||||
http.read_timeout = Onebox.options.timeout
|
||||
http.verify_mode = OpenSSL::SSL::VERIFY_NONE # Work around path building bugs
|
||||
|
||||
|
@ -118,8 +117,7 @@ module Onebox
|
|||
def self.fetch_content_length(location)
|
||||
uri = URI(location)
|
||||
|
||||
Net::HTTP.start(uri.host, uri.port, use_ssl: uri.is_a?(URI::HTTPS)) do |http|
|
||||
http.open_timeout = Onebox.options.connect_timeout
|
||||
Net::HTTP.start(uri.host, uri.port, open_timeout: Onebox.options.connect_timeout, use_ssl: uri.is_a?(URI::HTTPS)) do |http|
|
||||
http.read_timeout = Onebox.options.timeout
|
||||
if uri.is_a?(URI::HTTPS)
|
||||
http.use_ssl = true
|
||||
|
|
|
@ -407,7 +407,8 @@ module Oneboxer
|
|||
ignore_hostnames: blocked_domains,
|
||||
force_get_hosts: force_get_hosts,
|
||||
force_custom_user_agent_hosts: force_custom_user_agent_hosts,
|
||||
preserve_fragment_url_hosts: preserve_fragment_url_hosts
|
||||
preserve_fragment_url_hosts: preserve_fragment_url_hosts,
|
||||
timeout: 5
|
||||
}
|
||||
|
||||
if strategy && Oneboxer.strategies[strategy][:force_get_host]
|
||||
|
|
Loading…
Reference in New Issue
Block a user