fixes CNVS-49087
flag = none
implement deep freezing
for the config values to
stop the pollution
dup all the locations
where the config is either
modified or passed off to
some other library where
it's not clear it was loaded
from a frozen config file
TEST PLAN:
1) load a config file
2) try to change it's key/vals
3) you can't because it's frozen
Change-Id: I15faa230e3c99fe4806154493e238cecec526d1a
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/236341
Reviewed-by: James Williams <jamesw@instructure.com>
QA-Review: James Williams <jamesw@instructure.com>
Product-Review: James Williams <jamesw@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
name did not match usage, and all remaining usage can be satisfied in
other ways.
closes CNVS-38407
test plan: regression test message sending (immediate, delayed, and
dashboard notifications w/ stream items)
Change-Id: Ibe110527b4644cbaa417c53b2b53c2fd7e18dc9e
Reviewed-on: https://gerrit.instructure.com/120520
Tested-by: Jenkins
QA-Review: Heath Hales <hhales@instructure.com>
Reviewed-by: Matt Smith <msmith@instructure.com>
Reviewed-by: Benjamin Christian Nelson <bcnelson@instructure.com>
Reviewed-by: Jon Willesen <jonw+gerrit@instructure.com>
Product-Review: Simon Williams <simon@instructure.com>
refs CNVS-13024
Setting wasn't properly being initialized as unsharded because
it was loading before Switchman. The reason we need Setting before
switchman is just for yaml loading, so split that into its own
class.
Change-Id: I5456e103cb216dba2d5af4e9c20a697b468c923b
Reviewed-on: https://gerrit.instructure.com/35043
Reviewed-by: Jacob Fugal <jacob@instructure.com>
Tested-by: Jenkins <jenkins@instructure.com>
Product-Review: Cody Cutrer <cody@instructure.com>
QA-Review: Cody Cutrer <cody@instructure.com>
allows it to be a different shard than where the file is. I had
to remove type casting from dynamic finders that don't know how
to deal with non-integral global ids.
also cache s3 urls on the same shard as the attachment
test plan:
* have multiple shards and S3 storage
* have a single safe files domain
* you should be able to upload and download files in all shards
* verify that it's going against the files domain, not the normal
domain
Change-Id: I2b498fc1df20d5b43bf20f702580451621eeaf6a
Reviewed-on: https://gerrit.instructure.com/15158
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
gravatar has started proxying fallback images, which breaks things if the
host is localhost or something not publicly accessible. set fallback host
to canvas.instructure.com in dev and selenium environments (w/ a
mechanism to override it).
test plan:
1. run canvas locally
2. gravatar fallback images should work again
3. run canvas in beta/production
4. gravatar fallback images should still work, and the url should have the
current hostname in the proxy path (e.g.
https://i1.wp.com/foobar.instructure.com/images/.. )
Change-Id: Idfd2129e0d78026b2bcfd57e8c7399e0b29f8a3a
Reviewed-on: https://gerrit.instructure.com/14245
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Zach Pendleton <zachp@instructure.com>
This fixes image links to /equation_images/X, among other things.
As part of this, I refactored the attachment.rb secure setting to be a
domain.yml (HostUrl) setting that can be used app-wide to determine
whether to use http or https when the code doesn't have access to a Request.
Fixes#8784
I also started down the road of having notification emails/sms/etc use
https links instead of http, but there is still work to do there, refs #9190
test plan: Use the rich text editor to post to a discussion or any other
rich text field that can be retrieved via the api, and include an
equation using the equation editor. Then retrieve that post through the
api, and verify that the url to the equation image includes the canvas
hostname and protocol (http://canvas.example.com/equation_images/X
instead of just /equation_images/X)
Change-Id: Iac28bf99d2d3b33c17d5b3eb128aa6d8488570fe
Reviewed-on: https://gerrit.instructure.com/11867
Tested-by: Jenkins <jenkins@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
fixes#8079
test plan: with safefiles configured, embed an object tag for a swf file
in a user content field (like a discussion topic), and then view html
source to pull out the form that posts to /object_snippet, including the
canvas verified signature. make that same post to the main non-files
domain, and verify it's denied. verify that object_snippet is still
allowed if safefiles is not configured -- though someday that may
change.
Change-Id: I7e6ae37482ff0c022bd4797d6589ba9a433a2626
Reviewed-on: https://gerrit.instructure.com/9902
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
This doesn't play well with the selenium specs, which modify the test
env domain config when spawning a forked server.
This reverts the forced config, but keeps the domain_config refactoring.
Change-Id: I4ebf8983264adf99c37dd7097d28bdd1773bc2ec
Reviewed-on: https://gerrit.instructure.com/6169
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Jon Jensen <jon@instructure.com>
Twitter recently stopped offering whitelist
exceptions for things like direct messaging. We are
trying to work around the limitations by having
a user direct message themselves instead of having
some global account user that direct messages everyone.
Also added a "short_host" method for HostUrl that
in the future we can use to generate short-ish links
to include in tweets. For now the links are somewhat
short, at least.
refs #4045
Change-Id: Iad59b979b166d572827a8ce16d3f9fcdd57d512d
Reviewed-on: https://gerrit.instructure.com/2938
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
user_content will now work for any arbitrary RTE field, no matter if it
came from a column, a string nested three levels deep in a serialized
column, whatever.
let's call this technique "controlled XSS injection"
Change-Id: I56eed1f9b546ac7849dc60faa0f2b3801231131e
Reviewed-on: https://gerrit.instructure.com/3704
Reviewed-by: Brian Palmer <brianp@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
This involved some refactoring, since we were using
ActionMailer::Base.smtp_settings[:domain] for generating "From"
addresses.
Change-Id: I6cac6d48971d396a56e07314e042b63a0081a4b6
Reviewed-on: https://gerrit.instructure.com/2398
Reviewed-by: Bracken Mosbacker <bracken@instructure.com>
Tested-by: Hudson <hudson@instructure.com>
Cody Cutrer