FIX: strip the trailing slash (/) of cors origins. (#10996)

Strips trailing `/` from global settings Provides a validation for site settings to ensure a trailing `/` is not added
2025-02-25 18:55:32 -06:00 · 2020-10-29 07:31:06 +05:30
parent 79b414d2a1
commit 72810853ea
5 changed files with 55 additions and 1 deletions
--- a/spec/lib/site_settings/validations_spec.rb
+++ b/spec/lib/site_settings/validations_spec.rb
@@ -195,6 +195,16 @@ describe SiteSettings::Validations do
      end
    end

+    describe "#validate_cors_origins" do
+      let(:error_message) { I18n.t("errors.site_settings.cors_origins_should_not_have_trailing_slash") }
+
+      context "when the new value has trailing slash" do
+        it "should raise an error" do
+          expect { subject.validate_cors_origins("https://www.rainbows.com/") }.to raise_error(Discourse::InvalidParameters, error_message)
+        end
+      end
+    end
+
    describe "#validate_secure_media" do
      let(:error_message) { I18n.t("errors.site_settings.secure_media_requirements") }