Fix #2221 - Catch OpenSSL exceptions when loading remote avatars/headers/attachments Don't strip "rel" attribute from <a> tags when sanitizing (microformats)
This commit is contained in:
parent
60ecfb87ae
commit
58bcd50f7f
|
@ -302,6 +302,8 @@
|
|||
display: block;
|
||||
color: $ui-base-color;
|
||||
text-decoration: none;
|
||||
text-overflow: ellipsis;
|
||||
overflow: hidden;
|
||||
|
||||
&:hover {
|
||||
.display_name {
|
||||
|
|
|
@ -8,7 +8,7 @@ class Sanitize
|
|||
elements: %w(p br span a),
|
||||
|
||||
attributes: {
|
||||
'a' => %w(href),
|
||||
'a' => %w(href rel),
|
||||
'span' => %w(class),
|
||||
},
|
||||
|
||||
|
|
|
@ -34,7 +34,7 @@ module AccountAvatar
|
|||
|
||||
self.avatar = URI.parse(parsed_url.to_s)
|
||||
self[:avatar_remote_url] = url
|
||||
rescue OpenURI::HTTPError => e
|
||||
rescue OpenURI::HTTPError, OpenSSL::SSL::SSLError, Paperclip::Errors::NotIdentifiedByImageMagickError => e
|
||||
Rails.logger.debug "Error fetching remote avatar: #{e}"
|
||||
end
|
||||
end
|
||||
|
|
|
@ -34,7 +34,7 @@ module AccountHeader
|
|||
|
||||
self.header = URI.parse(parsed_url.to_s)
|
||||
self[:header_remote_url] = url
|
||||
rescue OpenURI::HTTPError => e
|
||||
rescue OpenURI::HTTPError, OpenSSL::SSL::SSLError, Paperclip::Errors::NotIdentifiedByImageMagickError => e
|
||||
Rails.logger.debug "Error fetching remote header: #{e}"
|
||||
end
|
||||
end
|
||||
|
|
|
@ -223,7 +223,7 @@ class ProcessFeedService < BaseService
|
|||
begin
|
||||
media.file_remote_url = link['href']
|
||||
media.save
|
||||
rescue OpenURI::HTTPError, Paperclip::Errors::NotIdentifiedByImageMagickError
|
||||
rescue OpenURI::HTTPError, OpenSSL::SSL::SSLError, Paperclip::Errors::NotIdentifiedByImageMagickError
|
||||
next
|
||||
end
|
||||
end
|
||||
|
|
Reference in a new issue