ylqjgm
/
canvas-lms
mirror of https://github.com/instructure/canvas-lms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix avatar fallback images using http instead of https 

fixes #9451

rack's request.scheme doesn't take x-forwarded-proto into account, so it
was returning http. Using request.protocol correctly handles ssl
termination, it just means we have to chop off the "://" part of the
protocol.

test plan: In an environment using ssl behind a load balancer, load the
avatar for a user that doesn't have one. verify that the gravatar
request redirects back to canvas using https, not http.

Change-Id: Ifb5f42e91379cfe591d29e07cd2ccf1f9d2b19fa
Reviewed-on: https://gerrit.instructure.com/12865
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
This commit is contained in:
Brian Palmer 2012-08-10 15:25:51 -06:00
parent ac9eebb275
commit 785c8ca73b
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/user.rb
View File

@ -1355,7 +1355,7 @@ class User < ActiveRecord::Base
def self.avatar_fallback_url(fallback=nil, request=nil)
return fallback if fallback == '%{fallback}'
if fallback and uri = URI.parse(fallback) rescue nil
uri.scheme ||= request ? request.scheme : "https"
uri.scheme ||= request ? request.protocol[0..-4] : "https" # -4 to chop off the ://
if request && !uri.host
uri.host = request.host
uri.port = request.port if ![80, 443].include?(request.port)

8
spec/models/user_spec.rb
View File

@ -1205,13 +1205,13 @@ describe User do
"https://somedomain/path"
User.avatar_fallback_url("http://somedomain/path").should ==
"http://somedomain/path"
User.avatar_fallback_url(nil, OpenObject.new(:host => "foo", :scheme => "http")).should ==
User.avatar_fallback_url(nil, OpenObject.new(:host => "foo", :protocol => "http://")).should ==
"http://foo/images/messages/avatar-50.png"
User.avatar_fallback_url("/somepath", OpenObject.new(:host => "bar", :scheme => "https")).should ==
User.avatar_fallback_url("/somepath", OpenObject.new(:host => "bar", :protocol => "https://")).should ==
"https://bar/somepath"
User.avatar_fallback_url("//somedomain/path", OpenObject.new(:host => "bar", :scheme => "https")).should ==
User.avatar_fallback_url("//somedomain/path", OpenObject.new(:host => "bar", :protocol => "https://")).should ==
"https://somedomain/path"
User.avatar_fallback_url("http://somedomain/path", OpenObject.new(:host => "bar", :scheme => "https")).should ==
User.avatar_fallback_url("http://somedomain/path", OpenObject.new(:host => "bar", :protocol => "https://")).should ==
"http://somedomain/path"
User.avatar_fallback_url('%{fallback}').should ==
'%{fallback}'