Commit c917b26f authored by Robert Speicher's avatar Robert Speicher

Recover from all `URI::Error`s

Fixes #2257
Fixes #2260
parent d7f61aff
...@@ -255,12 +255,16 @@ module ApplicationHelper ...@@ -255,12 +255,16 @@ module ApplicationHelper
# #
# Returns `html_options`, adding `rel: nofollow` for external links # Returns `html_options`, adding `rel: nofollow` for external links
def add_nofollow(link, html_options = {}) def add_nofollow(link, html_options = {})
begin
uri = URI(link) uri = URI(link)
if uri && uri.absolute? && uri.host != Gitlab.config.gitlab.host if uri && uri.absolute? && uri.host != Gitlab.config.gitlab.host
rel = html_options.fetch(:rel, '') rel = html_options.fetch(:rel, '')
html_options[:rel] = (rel + ' nofollow').strip html_options[:rel] = (rel + ' nofollow').strip
end end
rescue URI::Error
# noop
end
html_options html_options
end end
......
...@@ -249,6 +249,16 @@ describe ApplicationHelper do ...@@ -249,6 +249,16 @@ describe ApplicationHelper do
expect(link_to('Example', 'http://example.foo/bar')). expect(link_to('Example', 'http://example.foo/bar')).
to eq '<a href="http://example.foo/bar">Example</a>' to eq '<a href="http://example.foo/bar">Example</a>'
end end
it 'should not raise an error when given a bad URI' do
expect { link_to('default', 'if real=1 RANDOM; if real>1 IDLHS; if real>500 LHS') }.
not_to raise_error
end
it 'should not raise an error when given a bad mailto URL' do
expect { link_to('email', 'mailto://foo.bar@example.es?subject=Subject%20Line') }.
not_to raise_error
end
end end
describe 'markup_render' do describe 'markup_render' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment