5
0
Fork 0
mirror of https://0xacab.org/sutty/sutty synced 2024-11-17 10:36:21 +00:00

feat: convertir urls del panel en urls internas sutty/editor#59

This commit is contained in:
f 2023-02-01 17:10:47 -03:00
parent ecff604c8e
commit 1adfc91a7f

View file

@ -54,6 +54,10 @@ class MetadataContent < MetadataTemplate
# No permitimos recursos externos # No permitimos recursos externos
raise URI::Error unless Rails.application.config.hosts.include?(uri.hostname) raise URI::Error unless Rails.application.config.hosts.include?(uri.hostname)
element['src'] = convert_src_to_internal_path uri
raise URI::Error if element['src'].blank?
rescue URI::Error rescue URI::Error
element.remove element.remove
end end
@ -71,4 +75,27 @@ class MetadataContent < MetadataTemplate
html.to_s.html_safe html.to_s.html_safe
end end
# Convierte una URI en una ruta interna del sitio actual
#
# XXX: No verifica si el archivo existe o no. Se supone que existe
# porque ya fue subido antes.
#
# @param uri [URI]
# @return [String,nil]
def convert_src_to_internal_path(uri)
signed_id = uri.path.split('/').fifth
blob = ActiveStorage::Blob.find_signed(signed_id)
return unless blob
return unless blob.service_name == site.name
blob_path = Pathname.new(blob.service.path_for(blob.key)).realpath
site_path = Pathname.new(site.path).realpath
blob_path.relative_path_from(site_path).to_s
rescue ActiveSupport::MessageVerifier::InvalidSignature => e
ExceptionNotifier.notify_exception(e, data: { site: site.name })
nil
end
end end