From 81a699e2b01348bf559cdb162cdc49cf50150d41 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9gis=20Hanol?= <regis@hanol.fr>
Date: Mon, 1 Jun 2015 17:49:58 +0200
Subject: [PATCH] better support for mixed content

---
 app/controllers/user_avatars_controller.rb | 17 +++++++----------
 app/models/optimized_image.rb              |  2 +-
 lib/file_store/base_store.rb               |  2 +-
 lib/file_store/local_store.rb              | 21 ++++++++++++---------
 lib/file_store/s3_store.rb                 |  6 ++----
 5 files changed, 23 insertions(+), 25 deletions(-)

diff --git a/app/controllers/user_avatars_controller.rb b/app/controllers/user_avatars_controller.rb
index 6a372718003..ed8f31e4af0 100644
--- a/app/controllers/user_avatars_controller.rb
+++ b/app/controllers/user_avatars_controller.rb
@@ -74,16 +74,13 @@ class UserAvatarsController < ApplicationController
     if user.uploaded_avatar && !upload
       avatar_url = UserAvatar.local_avatar_url(hostname, user.username_lower, user.uploaded_avatar_id, size)
       return redirect_to cdn_path(avatar_url)
-    elsif upload
-      original = Discourse.store.path_for(upload)
-      if Discourse.store.external? || File.exists?(original)
-        if optimized = get_optimized_image(upload, size)
-          unless optimized.local?
-            expires_in 1.day, public: true
-            return redirect_to Discourse.store.cdn_url(optimized.url)
-          end
-          image = Discourse.store.path_for(optimized)
-        end
+    elsif upload && optimized = get_optimized_image(upload, size)
+      if optimized.local?
+        optimized_path = Discourse.store.path_for(optimized)
+        image = optimized_path if File.exists?(optimized_path)
+      else
+        expires_in 1.day, public: true
+        return redirect_to Discourse.store.cdn_url(optimized.url)
       end
     end
 
diff --git a/app/models/optimized_image.rb b/app/models/optimized_image.rb
index 475825cb801..029ac1b0332 100644
--- a/app/models/optimized_image.rb
+++ b/app/models/optimized_image.rb
@@ -13,7 +13,7 @@ class OptimizedImage < ActiveRecord::Base
       # do we already have that thumbnail?
       thumbnail = find_by(upload_id: upload.id, width: width, height: height)
 
-      # make sure the previous thumbnail has not failed
+      # make sure we have an url
       if thumbnail && thumbnail.url.blank?
         thumbnail.destroy
         thumbnail = nil
diff --git a/lib/file_store/base_store.rb b/lib/file_store/base_store.rb
index e416df240ba..7e984a65288 100644
--- a/lib/file_store/base_store.rb
+++ b/lib/file_store/base_store.rb
@@ -104,7 +104,7 @@ module FileStore
       dir = File.dirname(path)
       FileUtils.mkdir_p(dir) unless Dir[dir].present?
       FileUtils.cp(file.path, path)
-      # keep up to 500 files
+      # keep latest 500 files
       `ls -tr #{CACHE_DIR} | head -n +#{CACHE_MAXIMUM_SIZE} | xargs rm -f`
     end
 
diff --git a/lib/file_store/local_store.rb b/lib/file_store/local_store.rb
index 20255931d07..b5c172eeeb7 100644
--- a/lib/file_store/local_store.rb
+++ b/lib/file_store/local_store.rb
@@ -12,7 +12,7 @@ module FileStore
     def remove_file(url)
       return unless is_relative?(url)
       path = public_dir + url
-      tombstone = public_dir + url.gsub("/uploads/", "/tombstone/")
+      tombstone = public_dir + url.sub("/uploads/", "/tombstone/")
       FileUtils.mkdir_p(Pathname.new(tombstone).dirname)
       FileUtils.move(path, tombstone)
     rescue Errno::ENOENT
@@ -20,13 +20,20 @@ module FileStore
     end
 
     def has_been_uploaded?(url)
-      url.present? && (is_relative?(url) || is_local?(url))
+      return false if url.blank?
+      return true if is_relative?(url)
+      return true if is_local?(url)
+      false
     end
 
     def absolute_base_url
       "#{Discourse.base_url_no_prefix}#{relative_base_url}"
     end
 
+    def absolute_base_cdn_url
+      "#{Discourse.asset_host}#{relative_base_url}"
+    end
+
     def relative_base_url
       "/uploads/#{RailsMultisite::ConnectionManagement.current_db}"
     end
@@ -41,8 +48,8 @@ module FileStore
     end
 
     def path_for(upload)
-      return unless upload && has_been_uploaded?(upload.url)
-      "#{public_dir}#{upload.url}"
+      url = upload.try(:url)
+      "#{public_dir}#{upload.url}" if url && url[0] == "/" && url[1] != "/"
     end
 
     def purge_tombstone(grace_period)
@@ -70,16 +77,12 @@ module FileStore
       absolute_url.start_with?(absolute_base_url) || absolute_url.start_with?(absolute_base_cdn_url)
     end
 
-    def absolute_base_cdn_url
-      "#{Discourse.asset_host}#{relative_base_url}"
-    end
-
     def public_dir
       "#{Rails.root}/public"
     end
 
     def tombstone_dir
-      public_dir + relative_base_url.gsub("/uploads/", "/tombstone/")
+      public_dir + relative_base_url.sub("/uploads/", "/tombstone/")
     end
 
   end
diff --git a/lib/file_store/s3_store.rb b/lib/file_store/s3_store.rb
index 352bbd3eb54..aa9dc1601ec 100644
--- a/lib/file_store/s3_store.rb
+++ b/lib/file_store/s3_store.rb
@@ -71,10 +71,8 @@ module FileStore
     end
 
     def path_for(upload)
-      url = upload.url
-      if url && url[0] == "/" && url[1] != "/"
-        FileStore::LocalStore.new.path_for(upload)
-      end
+      url = upload.try(:url)
+      FileStore::LocalStore.new.path_for(upload) if url && url[0] == "/" && url[1] != "/"
     end
 
     def cdn_url(url)