IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

ICU-669 Ensured all URLs returned from OpenGraph are absolute

Browse Source
This commit is contained in:
Harrison Healey
2018-02-08 10:45:25 -05:00
parent 9bf23ece6c
commit d3a0e561c2
2 changed files with 135 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
app/post.go
View File

@@ -12,6 +12,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"net/url"
"regexp" "regexp"
"strings" "strings"
@@ -734,18 +735,68 @@ func (a *App) GetFileInfosForPost(postId string, readFromMaster bool) ([]*model.
return infos, nil return infos, nil
} }
func (a *App) GetOpenGraphMetadata(url string) *opengraph.OpenGraph { func (a *App) GetOpenGraphMetadata(requestURL string) *opengraph.OpenGraph {
og := opengraph.NewOpenGraph() og := opengraph.NewOpenGraph()
res, err := a.HTTPClient(false).Get(url) res, err := a.HTTPClient(false).Get(requestURL)
if err != nil { if err != nil {
l4g.Error("GetOpenGraphMetadata request failed for url=%v with err=%v", url, err.Error()) l4g.Error("GetOpenGraphMetadata request failed for url=%v with err=%v", requestURL, err.Error())
return og return og
} }
defer consumeAndClose(res) defer consumeAndClose(res)
if err := og.ProcessHTML(res.Body); err != nil { if err := og.ProcessHTML(res.Body); err != nil {
l4g.Error("GetOpenGraphMetadata processing failed for url=%v with err=%v", url, err.Error()) l4g.Error("GetOpenGraphMetadata processing failed for url=%v with err=%v", requestURL, err.Error())
}
og = makeOpenGraphURLsAbsolute(og, requestURL)
return og
}
func makeOpenGraphURLsAbsolute(og *opengraph.OpenGraph, requestURL string) *opengraph.OpenGraph {
parsedRequestURL, err := url.Parse(requestURL)
if err != nil {
l4g.Warn("makeOpenGraphURLsAbsolute failed to parse url=%v", requestURL)
return og
}
makeURLAbsolute := func(resultURL string) string {
if resultURL == "" {
return resultURL
}
parsedResultURL, err := url.Parse(resultURL)
if err != nil {
l4g.Warn("makeOpenGraphURLsAbsolute failed to parse result url=%v", resultURL)
return resultURL
}
if parsedResultURL.IsAbs() {
return resultURL
}
parsedResultURL.Scheme = parsedRequestURL.Scheme
parsedResultURL.Host = parsedRequestURL.Host
return parsedResultURL.String()
}
og.URL = makeURLAbsolute(og.URL)
for _, image := range og.Images {
image.URL = makeURLAbsolute(image.URL)
image.SecureURL = makeURLAbsolute(image.SecureURL)
}
for _, audio := range og.Audios {
audio.URL = makeURLAbsolute(audio.URL)
audio.SecureURL = makeURLAbsolute(audio.SecureURL)
}
for _, video := range og.Videos {
video.URL = makeURLAbsolute(video.URL)
video.SecureURL = makeURLAbsolute(video.SecureURL)
} }
return og return og

80
app/post_test.go
View File

@@ -8,9 +8,11 @@ import (
"fmt" "fmt"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"strings"
"testing" "testing"
"time" "time"
"github.com/dyatlov/go-opengraph/opengraph"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
@@ -250,6 +252,84 @@ func TestImageProxy(t *testing.T) {
} }
} }
func TestMakeOpenGraphURLsAbsolute(t *testing.T) {
for name, tc := range map[string]struct {
HTML string
RequestURL string
URL string
ImageURL string
}{
"absolute URLs": {
HTML: `
<html>
<head>
<meta property="og:url" content="https://example.com/apps/mattermost">
<meta property="og:image" content="https://images.example.com/image.png">
</head>
</html>`,
RequestURL: "https://example.com",
URL: "https://example.com/apps/mattermost",
ImageURL: "https://images.example.com/image.png",
},
"relative URLs": {
HTML: `
<html>
<head>
<meta property="og:url" content="/apps/mattermost">
<meta property="og:image" content="/image.png">
</head>
</html>`,
RequestURL: "http://example.com",
URL: "http://example.com/apps/mattermost",
ImageURL: "http://example.com/image.png",
},
"relative URLs with HTTPS": {
HTML: `
<html>
<head>
<meta property="og:url" content="/apps/mattermost">
<meta property="og:image" content="/image.png">
</head>
</html>`,
RequestURL: "https://example.com",
URL: "https://example.com/apps/mattermost",
ImageURL: "https://example.com/image.png",
},
"missing image URL": {
HTML: `
<html>
<head>
<meta property="og:url" content="/apps/mattermost">
</head>
</html>`,
RequestURL: "http://example.com",
URL: "http://example.com/apps/mattermost",
ImageURL: "",
},
} {
t.Run(name, func(t *testing.T) {
og := opengraph.NewOpenGraph()
if err := og.ProcessHTML(strings.NewReader(tc.HTML)); err != nil {
t.Fatal(err)
}
og = makeOpenGraphURLsAbsolute(og, tc.RequestURL)
if og.URL != tc.URL {
t.Fatalf("incorrect url, expected %v, got %v", tc.URL, og.URL)
}
if len(og.Images) > 0 {
if og.Images[0].URL != tc.ImageURL {
t.Fatalf("incorrect image url, expected %v, got %v", tc.ImageURL, og.Images[0].URL)
}
} else if tc.ImageURL != "" {
t.Fatal("missing image url, expected %v, got nothing", tc.ImageURL)
}
})
}
}
var imageProxyBenchmarkSink *model.Post var imageProxyBenchmarkSink *model.Post
func BenchmarkPostWithProxyRemovedFromImageURLs(b *testing.B) { func BenchmarkPostWithProxyRemovedFromImageURLs(b *testing.B) {