paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-04 14:03:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't proxy https images through Camo on MIT

Browse Source 
These images at least load now, but that's because Camo redirects
the browser to the origin server, so the only effect is an extra
round-trip time.

(imported from commit 0d6b9c888a5cdfaa9299272d74a085e872dfa434)
This commit is contained in:
Kevin Mehall
2013-12-13 13:39:30 -05:00
parent 11aec0104e
commit ebab4a59c9
2 changed files with 1 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
zerver/lib/bugdown/__init__.py
View File

@@ -147,11 +147,7 @@ class InlineHttpsProcessor(markdown.treeprocessors.Treeprocessor):
found_imgs = walk_tree(root, lambda e: e if e.tag == "img" else None) found_imgs = walk_tree(root, lambda e: e if e.tag == "img" else None)
for img in found_imgs: for img in found_imgs:
url = img.get("src") url = img.get("src")
# We rewrite all HTTP URLs as well as all HTTPs URLs for mit.edu if not url.startswith("http://"):
if not (url.startswith("http://") or
(url.startswith("https://") and
current_message is not None and
current_message.sender.realm.domain == "mit.edu")):
# Don't rewrite images on our own site (e.g. emoji). # Don't rewrite images on our own site (e.g. emoji).
continue continue
digest = hmac.new(settings.CAMO_KEY, url, hashlib.sha1).hexdigest() digest = hmac.new(settings.CAMO_KEY, url, hashlib.sha1).hexdigest()

7
zerver/tests.py
View File

@@ -3747,13 +3747,6 @@ xxxxxxx</strong></p>\n<p>xxxxxxx xxxxx xxxx xxxxx:<br>\n<code>xxxxxx</code>: xxx
self.assertEqual(converted, '<p>Google logo today: <a href="http://www.google.com/images/srpr/logo4w.png" target="_blank" title="http://www.google.com/images/srpr/logo4w.png">http://www.google.com/images/srpr/logo4w.png</a></p>\n<div class="message_inline_image"><a href="http://www.google.com/images/srpr/logo4w.png" target="_blank" title="http://www.google.com/images/srpr/logo4w.png"><img src="https://external-content.zulipcdn.net/4882a845c6edd9a945bfe5f33734ce0aed8170f3/687474703a2f2f7777772e676f6f676c652e636f6d2f696d616765732f737270722f6c6f676f34772e706e67"></a></div>') self.assertEqual(converted, '<p>Google logo today: <a href="http://www.google.com/images/srpr/logo4w.png" target="_blank" title="http://www.google.com/images/srpr/logo4w.png">http://www.google.com/images/srpr/logo4w.png</a></p>\n<div class="message_inline_image"><a href="http://www.google.com/images/srpr/logo4w.png" target="_blank" title="http://www.google.com/images/srpr/logo4w.png"><img src="https://external-content.zulipcdn.net/4882a845c6edd9a945bfe5f33734ce0aed8170f3/687474703a2f2f7777772e676f6f676c652e636f6d2f696d616765732f737270722f6c6f676f34772e706e67"></a></div>')
# in mit.edu, https images should be converted to https via our Camo integration
message = Message(sender=get_user_profile_by_email("starnine@mit.edu"))
msg = 'Google logo today: https://www.google.com/images/srpr/logo4w.png'
converted = bugdown.convert(msg, "mit.com", message=message)
self.assertEqual(converted, '<p>Google logo today: <a href="https://www.google.com/images/srpr/logo4w.png" target="_blank" title="https://www.google.com/images/srpr/logo4w.png">https://www.google.com/images/srpr/logo4w.png</a></p>\n<div class="message_inline_image"><a href="https://www.google.com/images/srpr/logo4w.png" target="_blank" title="https://www.google.com/images/srpr/logo4w.png"><img src="https://external-content.zulipcdn.net/cadb491a68c9272ffd7e571703d7f8c51542acc8/68747470733a2f2f7777772e676f6f676c652e636f6d2f696d616765732f737270722f6c6f676f34772e706e67"></a></div>')
def test_inline_youtube(self): def test_inline_youtube(self):
msg = 'Check out the debate: http://www.youtube.com/watch?v=hx1mjT73xYE' msg = 'Check out the debate: http://www.youtube.com/watch?v=hx1mjT73xYE'
converted = bugdown_convert(msg) converted = bugdown_convert(msg)