Support ssrf_filter 1.1
Includes a backwards compatibility mode for SsrfFilter 1.0, which is needed for Ruby 2.5 and JRuby 9.2. Also includes a local version constraint for fog-google for Ruby 2.5 and JRuby 9.2 because of a known but undeclared incompatibility in that gem. gemfiles/rails-6-1.gemfile already has this fix. [Fixes #2625]
This commit is contained in:
parent
b104d0f0e0
commit
c10e7ef311
2
Gemfile
2
Gemfile
|
@ -3,5 +3,7 @@ source "https://rubygems.org"
|
||||||
gem "activemodel-serializers-xml"
|
gem "activemodel-serializers-xml"
|
||||||
gem 'sqlite3', platforms: :ruby
|
gem 'sqlite3', platforms: :ruby
|
||||||
gem "activerecord-jdbcsqlite3-adapter", platform: [:jruby, :truffleruby]
|
gem "activerecord-jdbcsqlite3-adapter", platform: [:jruby, :truffleruby]
|
||||||
|
# See https://github.com/fog/fog-google/issues/535 for this restriction.
|
||||||
|
gem "fog-google", "~> 1.13.0" if RUBY_VERSION.to_f < 2.6
|
||||||
|
|
||||||
gemspec
|
gemspec
|
||||||
|
|
|
@ -46,5 +46,4 @@ Gem::Specification.new do |s|
|
||||||
if RUBY_ENGINE != 'jruby'
|
if RUBY_ENGINE != 'jruby'
|
||||||
s.add_development_dependency "pry-byebug"
|
s.add_development_dependency "pry-byebug"
|
||||||
end
|
end
|
||||||
s.add_development_dependency "ssrf_filter", "< 1.1.0"
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -30,8 +30,12 @@ module CarrierWave
|
||||||
response = OpenURI.open_uri(process_uri(url.to_s), headers)
|
response = OpenURI.open_uri(process_uri(url.to_s), headers)
|
||||||
else
|
else
|
||||||
request = nil
|
request = nil
|
||||||
response = SsrfFilter.get(uri, headers: headers) do |req|
|
if ::SsrfFilter::VERSION.to_f < 1.1
|
||||||
request = req
|
response = SsrfFilter.get(uri, headers: headers) do |req|
|
||||||
|
request = req
|
||||||
|
end
|
||||||
|
else
|
||||||
|
response = SsrfFilter.get(uri, headers: headers, request_proc: ->(req) { request = req })
|
||||||
end
|
end
|
||||||
response.uri = request.uri
|
response.uri = request.uri
|
||||||
response.value
|
response.value
|
||||||
|
|
Loading…
Reference in New Issue