diff options
author | Robert Speicher <robert@gitlab.com> | 2017-12-25 18:24:59 +0000 |
---|---|---|
committer | Robert Speicher <robert@gitlab.com> | 2017-12-25 18:24:59 +0000 |
commit | 29749f92b7f86d45af41509262601e47ee848d92 (patch) | |
tree | 3b01637c6c32ff6dde676918eb3db900084b5a99 | |
parent | 5e6dd15a996f57d7a8760f4c9c1dbd7beeeaadff (diff) | |
parent | 0faf772b6cfd691e16d529051a8901627a660a7a (diff) | |
download | gitlab-ce-29749f92b7f86d45af41509262601e47ee848d92.tar.gz |
Merge branch 'sh-catch-invalid-uri-markdown' into 'master'
Gracefully handle garbled URIs in Markdown
Closes #41442
See merge request gitlab-org/gitlab-ce!16123
-rw-r--r-- | changelogs/unreleased/sh-catch-invalid-uri-markdown.yml | 5 | ||||
-rw-r--r-- | lib/banzai/filter/relative_link_filter.rb | 2 | ||||
-rw-r--r-- | spec/lib/banzai/filter/relative_link_filter_spec.rb | 5 |
3 files changed, 11 insertions, 1 deletions
diff --git a/changelogs/unreleased/sh-catch-invalid-uri-markdown.yml b/changelogs/unreleased/sh-catch-invalid-uri-markdown.yml new file mode 100644 index 00000000000..9b0233fe988 --- /dev/null +++ b/changelogs/unreleased/sh-catch-invalid-uri-markdown.yml @@ -0,0 +1,5 @@ +--- +title: Gracefully handle garbled URIs in Markdown +merge_request: +author: +type: fixed diff --git a/lib/banzai/filter/relative_link_filter.rb b/lib/banzai/filter/relative_link_filter.rb index c1f933ec54b..5c197afd782 100644 --- a/lib/banzai/filter/relative_link_filter.rb +++ b/lib/banzai/filter/relative_link_filter.rb @@ -66,7 +66,7 @@ module Banzai if uri.relative? && uri.path.present? html_attr.value = rebuild_relative_uri(uri).to_s end - rescue URI::Error + rescue URI::Error, Addressable::URI::InvalidURIError # noop end diff --git a/spec/lib/banzai/filter/relative_link_filter_spec.rb b/spec/lib/banzai/filter/relative_link_filter_spec.rb index ef306f1cd4a..f38f0776303 100644 --- a/spec/lib/banzai/filter/relative_link_filter_spec.rb +++ b/spec/lib/banzai/filter/relative_link_filter_spec.rb @@ -76,6 +76,11 @@ describe Banzai::Filter::RelativeLinkFilter do expect { filter(act) }.not_to raise_error end + it 'does not raise an exception with a garbled path' do + act = link("open(/var/tmp/):%20/location%0Afrom:%20/test") + expect { filter(act) }.not_to raise_error + end + it 'ignores ref if commit is passed' do doc = filter(link('non/existent.file'), commit: project.commit('empty-branch') ) expect(doc.at_css('a')['href']) |