gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Merge pull request from GHSA-3fjr-858r-92rw

Browse source 
* Fix insufficient origin validation

* Bump version to v4.2.5
This commit is contained in:
Claire 2024-02-01 15:56:46 +01:00 committed by GitHub
parent 4633bb8ce0
commit a6641f828b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
20 changed files with 47 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/helpers/jsonld_helper.rb
View file

@ -155,8 +155,8 @@ module JsonLdHelper
end
end
def fetch_resource(uri, id, on_behalf_of = nil, request_options: {})
unless id
def fetch_resource(uri, id_is_known, on_behalf_of = nil, request_options: {})
unless id_is_known
json = fetch_resource_without_id_validation(uri, on_behalf_of)
return if !json.is_a?(Hash) || unsupported_uri_scheme?(json['id'])