me/glitchier-soc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add allow_other_host in redirects which may go outside app (#24252)

Browse source
This commit is contained in:
Matt Jankowski 2023-03-25 19:38:32 -04:00 committed by GitHub
parent 4e6cf24ce9
commit cc5208f020
3 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/api/v1/streaming_controller.rb
View file

@ -5,7 +5,7 @@ class Api::V1::StreamingController < Api::BaseController
if Rails.configuration.x.streaming_api_base_url == request.host if Rails.configuration.x.streaming_api_base_url == request.host
not_found not_found
else else
redirect_to streaming_api_url, status: 301 redirect_to streaming_api_url, status: 301, allow_other_host: true
end end
end end

2
app/controllers/media_proxy_controller.rb
View file

@ -23,7 +23,7 @@ class MediaProxyController < ApplicationController
redownload! if @media_attachment.needs_redownload? && !reject_media? redownload! if @media_attachment.needs_redownload? && !reject_media?
end end
redirect_to full_asset_url(@media_attachment.file.url(version)) redirect_to full_asset_url(@media_attachment.file.url(version)), allow_other_host: true
end end
private private

2
app/controllers/statuses_controller.rb
View file

@ -70,6 +70,6 @@ class StatusesController < ApplicationController
end end
def redirect_to_original def redirect_to_original
redirect_to ActivityPub::TagManager.instance.url_for(@status.reblog) if @status.reblog? redirect_to(ActivityPub::TagManager.instance.url_for(@status.reblog), allow_other_host: true) if @status.reblog?
end end
end end