codeninjasllc/discourse
1
0
Fork 0
mirror of https://github.com/codeninjasllc/discourse.git synced 2024-11-27 09:36:19 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

FIX: Allow Safe Redirections in Topic Embedding

Browse source
This commit is contained in:
Robin Ward 2016-09-15 13:56:59 -04:00
parent 596fcfeb58
commit cd571b26ba
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/models/topic_embed.rb
View file

@ -81,7 +81,7 @@ class TopicEmbed < ActiveRecord::Base
embed_classname_whitelist = SiteSetting.embed_classname_whitelist if SiteSetting.embed_classname_whitelist.present?
response = FetchResponse.new
html = open(url).read
html = open(url, allow_redirections: :safe).read
raw_doc = Nokogiri::HTML(html)
auth_element = raw_doc.at('meta[@name="author"]')