github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-29 04:18:24 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
dee451605b
discourse/config
History
Martin Brennan dede942007
FEATURE: Allow email image embed with secure media (#10563) 
This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced:

* `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them.
* `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`.

`Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients.

All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`.

Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions.

![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-10 09:50:16 +10:00
..
cloud/cloud66 DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
environments DEV: Add DISABLE_MINI_PROFILER development ENV variable 2020-08-21 09:33:22 -04:00
initializers DEV: Use a special import to declare font faces (#10583) 2020-09-04 16:25:50 +03:00
locales FEATURE: Allow email image embed with secure media (#10563) 2020-09-10 09:50:16 +10:00
application.rb DEV: Use a special import to declare font faces (#10583) 2020-09-04 16:25:50 +03:00
boot.rb PERF: enable bootsnap globally 2020-06-10 12:20:17 +10:00
cdn.yml.sample
database.yml DEV: Disable migration advisory locks in dev and test environment. 2020-08-25 14:20:58 +08:00
deploy.rb.sample
discourse_defaults.conf FIX: use allowlist and blocklist terminology (#10209) 2020-07-27 10:23:54 +10:00
discourse.config.sample
discourse.pill.sample
environment.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
logrotate.conf
multisite.yml.production-sample DEV: Remove db_id from sample multisite config. 2020-05-29 10:48:29 +08:00
nginx.global.conf
nginx.sample.conf FIX: Allow fonts to be delivered via CDN 2020-09-02 10:19:19 +10:00
projections.json DEV: Use .hbr for raw template file extension (#8883) 2020-02-11 13:38:12 -06:00
puma.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
routes.rb FEATURE: User selectable color schemes (#10544) 2020-08-28 10:36:52 -04:00
sidekiq.yml FEATURE: introduce ultra_low priority queue 2019-01-17 14:53:19 +11:00
site_settings.yml FEATURE: Allow email image embed with secure media (#10563) 2020-09-10 09:50:16 +10:00
spring.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
thin.yml.sample
unicorn_launcher FIX: Increase timeout when trying to reload unicorn. 2018-12-04 13:43:14 +08:00
unicorn_upstart.conf
unicorn.conf.rb FEATURE: Allow the specification of an arbitrary unicorn listen address 2020-07-28 13:03:17 +10:00