IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

DEV: Rename secure_media to secure_uploads (#18376)

Browse Source 
This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality.

This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site.

Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing.

This also keeps compatibility with the `secure-media-uploads` path, and changes new
secure URLs to be `secure-uploads`.

Deprecated settings:

* secure_media -> secure_uploads
* secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails
* secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
This commit is contained in:
Martin Brennan
2022-09-29 09:24:33 +10:00
committed by GitHub
parent 70b96ac4e7
commit 8ebd5edd1e
67 changed files with 442 additions and 361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/email/sender.rb
View File

@@ -242,7 +242,7 @@ module Email
# Embeds any of the secure images that have been attached inline,
# removing the redaction notice.
if SiteSetting.secure_media_allow_embed_images_in_emails
if SiteSetting.secure_uploads_allow_embed_images_in_emails
style.inline_secure_images(@message.attachments, @message_attachments_index)
end
@@ -357,8 +357,8 @@ module Email
end
def should_attach_image?(upload, optimized_1X = nil)
return if !SiteSetting.secure_media_allow_embed_images_in_emails || !upload.secure?
return if (optimized_1X&.filesize || upload.filesize) > SiteSetting.secure_media_max_email_embed_image_size_kb.kilobytes
return if !SiteSetting.secure_uploads_allow_embed_images_in_emails || !upload.secure?
return if (optimized_1X&.filesize || upload.filesize) > SiteSetting.secure_uploads_max_email_embed_image_size_kb.kilobytes
true
end

18
lib/email/styles.rb
View File

@@ -257,10 +257,10 @@ module Email
end
def inline_secure_images(attachments, attachments_index)
stripped_media = @fragment.css('[data-stripped-secure-media]')
stripped_media = @fragment.css('[data-stripped-secure-media], [data-stripped-secure-upload]')
upload_shas = {}
stripped_media.each do |div|
url = div['data-stripped-secure-media']
url = div['data-stripped-secure-media'] || div['data-stripped-secure-upload']
filename = File.basename(url)
filename_bare = filename.gsub(File.extname(filename), "")
sha1 = filename_bare.partition('_').first
@@ -269,7 +269,9 @@ module Email
uploads = Upload.select(:original_filename, :sha1).where(sha1: upload_shas.values)
stripped_media.each do |div|
upload = uploads.find { |upl| upl.sha1 == upload_shas[div['data-stripped-secure-media']] }
upload = uploads.find do |upl|
upl.sha1 == (upload_shas[div['data-stripped-secure-media']] || upload_shas[div['data-stripped-secure-upload']])
end
next if !upload
if attachments[attachments_index[upload.sha1]]
@@ -294,7 +296,7 @@ module Email
def to_html
# needs to be before class + id strip because we need to style redacted
# media and also not double-redact already redacted from lower levels
replace_secure_media_urls if SiteSetting.secure_media?
replace_secure_uploads_urls if SiteSetting.secure_uploads?
strip_classes_and_ids
replace_relative_urls
@@ -369,13 +371,13 @@ module Email
end
end
def replace_secure_media_urls
def replace_secure_uploads_urls
# strip again, this can be done at a lower level like in the user
# notification template but that may not catch everything
PrettyText.strip_secure_media(@fragment)
PrettyText.strip_secure_uploads(@fragment)
style('div.secure-media-notice', 'border: 5px solid #e9e9e9; padding: 5px; display: inline-block;')
style('div.secure-media-notice a', "color: #{SiteSetting.email_link_color}")
style('div.secure-upload-notice', 'border: 5px solid #e9e9e9; padding: 5px; display: inline-block;')
style('div.secure-upload-notice a', "color: #{SiteSetting.email_link_color}")
end
def correct_first_body_margin