mirror of
https://github.com/discourse/discourse.git
synced 2024-12-19 08:53:46 +08:00
6ee6b1f1d1
- Adds a validator for the allowed iframes site setting
- Adds a migration to update any values that don't pass the validator
Follow up to: 188cb58daa
19 lines
462 B
Ruby
19 lines
462 B
Ruby
# frozen_string_literal: true
|
|
|
|
class AllowedIframesValidator
|
|
# Url starts with http:// or https:// and has at least one more additional '/'
|
|
VALID_ALLOWED_IFRAME_URL_REGEX = %r{\Ahttps?://([^/]*/)+[^/]*\z}x
|
|
|
|
def initialize(opts = {})
|
|
@opts = opts
|
|
end
|
|
|
|
def valid_value?(values)
|
|
values.split("|").all? { _1.match? VALID_ALLOWED_IFRAME_URL_REGEX }
|
|
end
|
|
|
|
def error_message
|
|
I18n.t("site_settings.errors.invalid_allowed_iframes_url")
|
|
end
|
|
end
|