diff options
author | Stan Hu <stanhu@gmail.com> | 2018-09-29 07:23:39 -0400 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2018-09-29 07:25:50 -0400 |
commit | c92372e896959d682dc70454a00f47672ca3bb9d (patch) | |
tree | 2d84d890e5b160b39c7887ba617bfe7f1db0ddfa | |
parent | d924176117f3cc73f539ed90b47e1912a3478cf0 (diff) | |
download | gitlab-ce-c92372e896959d682dc70454a00f47672ca3bb9d.tar.gz |
Prevent Error 500s with invalid relative links
https://gitlab.com/gitlab-org/gitlab-ce/issues/52009
-rw-r--r-- | changelogs/unreleased/sh-fix-issue-52009.yml | 5 | ||||
-rw-r--r-- | lib/banzai/filter/relative_link_filter.rb | 6 | ||||
-rw-r--r-- | spec/lib/banzai/filter/relative_link_filter_spec.rb | 5 |
3 files changed, 15 insertions, 1 deletions
diff --git a/changelogs/unreleased/sh-fix-issue-52009.yml b/changelogs/unreleased/sh-fix-issue-52009.yml new file mode 100644 index 00000000000..fc22a58a66a --- /dev/null +++ b/changelogs/unreleased/sh-fix-issue-52009.yml @@ -0,0 +1,5 @@ +--- +title: Prevent Error 500s with invalid relative links +merge_request: 22001 +author: +type: fixed diff --git a/lib/banzai/filter/relative_link_filter.rb b/lib/banzai/filter/relative_link_filter.rb index 8e838d04bad..7acbc933adc 100644 --- a/lib/banzai/filter/relative_link_filter.rb +++ b/lib/banzai/filter/relative_link_filter.rb @@ -60,7 +60,11 @@ module Banzai path_parts.unshift(relative_url_root, project.full_path) end - path = Addressable::URI.escape(File.join(*path_parts)) + begin + path = Addressable::URI.escape(File.join(*path_parts)) + rescue Addressable::URI::InvalidURIError + return + end html_attr.value = if context[:only_path] diff --git a/spec/lib/banzai/filter/relative_link_filter_spec.rb b/spec/lib/banzai/filter/relative_link_filter_spec.rb index ba8dc68ceda..ed1ebe9ebf6 100644 --- a/spec/lib/banzai/filter/relative_link_filter_spec.rb +++ b/spec/lib/banzai/filter/relative_link_filter_spec.rb @@ -83,6 +83,11 @@ describe Banzai::Filter::RelativeLinkFilter do expect { filter(act) }.not_to raise_error end + it 'does not raise an exception with a space in the path' do + act = link("/uploads/d18213acd3732630991986120e167e3d/Landscape_8.jpg \nBut here's some more unexpected text :smile:)") + expect { filter(act) }.not_to raise_error + end + it 'ignores ref if commit is passed' do doc = filter(link('non/existent.file'), commit: project.commit('empty-branch') ) expect(doc.at_css('a')['href']) |