Compare commits

..

4 commits

Author SHA1 Message Date
0dfaee9502 Merge remote-tracking branch 'origin/rails' into staging-cd
Some checks failed
continuous-integration/drone the build failed
2021-09-28 18:21:08 -03:00
65798b9c91 ci: usar contenedor nuevo y no crear ~/.ssh ya que ahora se crea solo 2021-09-28 18:20:14 -03:00
Maki
c1a9aaa037 Merge branch 'only-urls-allowed' into 'rails'
Solo permitir URLs web al sanitizar

Closes #2382

See merge request sutty/sutty!54
2021-08-16 15:36:30 +00:00
f
0bd8a2243e Solo permitir URLs web al sanitizar
fixes #2382
2021-08-11 10:25:05 -03:00
2 changed files with 2 additions and 6 deletions

View file

@ -1,18 +1,14 @@
pipeline: pipeline:
deploy: deploy:
image: registry.nulo.in/sutty/haini.sh@sha256:4bce5f8edecac49d10d1057950535d2f366509b75ee30f0d39daa42dec9f09c4 image: registry.nulo.in/sutty/haini.sh@sha256:e28a80228476f5d79e5095e4725ae23c887f9f29ccaa3878b89b619b966eb26b
environment: environment:
# ¡MOCK! # ¡MOCK!
- RAILS_MASTER_KEY=5d2d51406b25ff9c3465122d0732e72c - RAILS_MASTER_KEY=5d2d51406b25ff9c3465122d0732e72c
# Workaround porque Woodpecker a veces lo setea a /root :/ # Workaround porque Woodpecker a veces lo setea a /root :/
- HOME=/home/suttier - HOME=/home/suttier
commands: commands:
- sudo chown suttier:suttier -R .
- eval $(ssh-agent -s) - eval $(ssh-agent -s)
- echo "$${SSH_KEY}" | tr -d '\r' | ssh-add - - echo "$${SSH_KEY}" | tr -d '\r' | ssh-add -
- mkdir ~/.ssh/
- chmod 700 ~/.ssh
- echo athshe.sutty.nl ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOhlnG9AbfzYmq36vrIRViYTVf7llQtEW/SXlGRVyhqe > ~/.ssh/known_hosts
- make bundle hain="sh -c" - make bundle hain="sh -c"
- echo -n z8p4KI/XRbGPdxPsNux8ys1gvL4+97DrrvPyt7gugJog3o3x/UEIyedkKUq9FWHOS9ltrsUN6NpN5Dsme+iHbMC/FrRjDmDvOoHpP/pqy924l6IgU8OK3m2Y28AU7eqiYvf6kJd5s4KmPJDiH9AQRx4QRy4jG5DfMHBew6EumqedgvRRFtAc3++GPH2qPnO8SYapRM4FXXUTjP3fNdRVD1Fqm7chUra4Qng1JhnzdMlOUhCPfD1Rmeh+X2TltzYhdPMFH3U3fJV7xCkitxu5PQgWfxMhb9FVF68Uvykbt/rod4IE6ZmAmPyyGktYuQSI2t1kkpAV4MOG4ag9aC/RLmi23rt+fVoYJREHga+NQ0YjVSGbBlINIDACr1iL+abtNmHhtfY+o9unlD7xy3UP0EdqTx6WncVJn02D--pfdBRF+zxL1uqoWs--4OJ7axQaFf9git6zUtUGOA== > config/credentials.yml.enc - echo -n z8p4KI/XRbGPdxPsNux8ys1gvL4+97DrrvPyt7gugJog3o3x/UEIyedkKUq9FWHOS9ltrsUN6NpN5Dsme+iHbMC/FrRjDmDvOoHpP/pqy924l6IgU8OK3m2Y28AU7eqiYvf6kJd5s4KmPJDiH9AQRx4QRy4jG5DfMHBew6EumqedgvRRFtAc3++GPH2qPnO8SYapRM4FXXUTjP3fNdRVD1Fqm7chUra4Qng1JhnzdMlOUhCPfD1Rmeh+X2TltzYhdPMFH3U3fJV7xCkitxu5PQgWfxMhb9FVF68Uvykbt/rod4IE6ZmAmPyyGktYuQSI2t1kkpAV4MOG4ag9aC/RLmi23rt+fVoYJREHga+NQ0YjVSGbBlINIDACr1iL+abtNmHhtfY+o9unlD7xy3UP0EdqTx6WncVJn02D--pfdBRF+zxL1uqoWs--4OJ7axQaFf9git6zUtUGOA== > config/credentials.yml.enc

View file

@ -56,7 +56,7 @@ class MetadataContent < MetadataTemplate
uri = URI element['src'] uri = URI element['src']
# No permitimos recursos externos # No permitimos recursos externos
element.remove unless uri.hostname.end_with? Site.domain element.remove unless uri.scheme == 'https' && uri.hostname.end_with?(Site.domain)
rescue URI::Error rescue URI::Error
element.remove element.remove
end end