diff options
author | George Claghorn <george.claghorn@gmail.com> | 2019-01-21 01:36:30 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-21 01:36:30 -0500 |
commit | 9f0953d320bbc06a77596a93b6fdbcbf315cb06a (patch) | |
tree | 44d70fc3462b40ba4eb21c8f89795e74f50c9355 | |
parent | 2a711ddbc84d40767e2c303f75be30cfd8d51d41 (diff) | |
parent | ee65ca46e589e14484c80b35c46c9aff26769d86 (diff) | |
download | rails-9f0953d320bbc06a77596a93b6fdbcbf315cb06a.tar.gz rails-9f0953d320bbc06a77596a93b6fdbcbf315cb06a.tar.bz2 rails-9f0953d320bbc06a77596a93b6fdbcbf315cb06a.zip |
Merge pull request #34982 from takeyuweb/fix_activestorage_allow_other_host
Fix ArgumentError when using S3Service
4 files changed, 57 insertions, 2 deletions
diff --git a/activestorage/app/controllers/active_storage/blobs_controller.rb b/activestorage/app/controllers/active_storage/blobs_controller.rb index 4fc3fbe824..a8e42d7356 100644 --- a/activestorage/app/controllers/active_storage/blobs_controller.rb +++ b/activestorage/app/controllers/active_storage/blobs_controller.rb @@ -9,6 +9,6 @@ class ActiveStorage::BlobsController < ActiveStorage::BaseController def show expires_in ActiveStorage.service_urls_expire_in - redirect_to @blob.service_url(disposition: params[:disposition]) + redirect_to @blob.service_url(disposition: params[:disposition]), allow_other_host: true end end diff --git a/activestorage/app/controllers/active_storage/representations_controller.rb b/activestorage/app/controllers/active_storage/representations_controller.rb index 98e11e5dbb..d01af5d939 100644 --- a/activestorage/app/controllers/active_storage/representations_controller.rb +++ b/activestorage/app/controllers/active_storage/representations_controller.rb @@ -9,6 +9,6 @@ class ActiveStorage::RepresentationsController < ActiveStorage::BaseController def show expires_in ActiveStorage.service_urls_expire_in - redirect_to @blob.representation(params[:variation_key]).processed.service_url(disposition: params[:disposition]) + redirect_to @blob.representation(params[:variation_key]).processed.service_url(disposition: params[:disposition]), allow_other_host: true end end diff --git a/activestorage/test/controllers/blobs_controller_test.rb b/activestorage/test/controllers/blobs_controller_test.rb index 9c811df895..9bf2641de6 100644 --- a/activestorage/test/controllers/blobs_controller_test.rb +++ b/activestorage/test/controllers/blobs_controller_test.rb @@ -20,3 +20,28 @@ class ActiveStorage::BlobsControllerTest < ActionDispatch::IntegrationTest assert_equal "max-age=300, private", @response.headers["Cache-Control"] end end + +if SERVICE_CONFIGURATIONS[:s3] && SERVICE_CONFIGURATIONS[:s3][:access_key_id].present? + class ActiveStorage::S3BlobsControllerTest < ActionDispatch::IntegrationTest + setup do + @old_service = ActiveStorage::Blob.service + ActiveStorage::Blob.service = ActiveStorage::Service.configure(:s3, SERVICE_CONFIGURATIONS) + end + + teardown do + ActiveStorage::Blob.service = @old_service + end + + test "allow redirection to the different host" do + blob = create_file_blob filename: "racecar.jpg" + + assert_nothing_raised { get rails_blob_url(blob) } + assert_response :redirect + assert_no_match @request.host, @response.headers["Location"] + ensure + blob.purge + end + end +else + puts "Skipping S3 redirection tests because no S3 configuration was supplied" +end diff --git a/activestorage/test/controllers/representations_controller_test.rb b/activestorage/test/controllers/representations_controller_test.rb index 2662cc5283..4ae0ff877e 100644 --- a/activestorage/test/controllers/representations_controller_test.rb +++ b/activestorage/test/controllers/representations_controller_test.rb @@ -59,3 +59,33 @@ class ActiveStorage::RepresentationsControllerWithPreviewsTest < ActionDispatch: assert_response :not_found end end + +if SERVICE_CONFIGURATIONS[:s3] && SERVICE_CONFIGURATIONS[:s3][:access_key_id].present? + class ActiveStorage::S3RepresentationsControllerWithVariantsTest < ActionDispatch::IntegrationTest + setup do + @old_service = ActiveStorage::Blob.service + ActiveStorage::Blob.service = ActiveStorage::Service.configure(:s3, SERVICE_CONFIGURATIONS) + end + + teardown do + ActiveStorage::Blob.service = @old_service + end + + test "allow redirection to the different host" do + blob = create_file_blob filename: "racecar.jpg" + + assert_nothing_raised do + get rails_blob_representation_url( + filename: blob.filename, + signed_blob_id: blob.signed_id, + variation_key: ActiveStorage::Variation.encode(resize: "100x100")) + end + assert_response :redirect + assert_no_match @request.host, @response.headers["Location"] + ensure + blob.purge + end + end +else + puts "Skipping S3 redirection tests because no S3 configuration was supplied" +end |