diff options
author | George Claghorn <george@basecamp.com> | 2017-12-15 19:26:53 -0500 |
---|---|---|
committer | George Claghorn <george@basecamp.com> | 2017-12-15 19:26:53 -0500 |
commit | af0caadb8d9781770399c1804976af4a71d1313b (patch) | |
tree | 19fe95a35822990cba61915b3efd38b4ed5f1513 /activestorage/app/controllers/concerns/active_storage | |
parent | ca2c4cb7c4ee2f126e65ade6192a0c6b5ec58ffc (diff) | |
download | rails-af0caadb8d9781770399c1804976af4a71d1313b.tar.gz rails-af0caadb8d9781770399c1804976af4a71d1313b.tar.bz2 rails-af0caadb8d9781770399c1804976af4a71d1313b.zip |
Handle invalid signed blob IDs gracefully
Diffstat (limited to 'activestorage/app/controllers/concerns/active_storage')
-rw-r--r-- | activestorage/app/controllers/concerns/active_storage/set_blob.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/activestorage/app/controllers/concerns/active_storage/set_blob.rb b/activestorage/app/controllers/concerns/active_storage/set_blob.rb new file mode 100644 index 0000000000..b0f3d97a66 --- /dev/null +++ b/activestorage/app/controllers/concerns/active_storage/set_blob.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +module ActiveStorage::SetBlob + extend ActiveSupport::Concern + + included do + before_action :set_blob + end + + private + def set_blob + @blob = ActiveStorage::Blob.find_signed(params[:signed_blob_id] || params[:signed_id]) + rescue ActiveSupport::MessageVerifier::InvalidSignature + head :not_found + end +end |