projects / discourse_docker.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f15044d)
FIX: no longer allow protocol-less CDN
authorSam Saffron <sam.saffron@gmail.com>
Wed, 3 Apr 2019 06:01:48 +0000 (17:01 +1100)
committerSam Saffron <sam.saffron@gmail.com>
Wed, 3 Apr 2019 06:01:48 +0000 (17:01 +1100)
DISCOURSE_CDN_URL starting with `//` can lead to problems. Avoid allowing
people to enter it.

templates/web.template.yml patch | blob | blame | history

diff --git a/templates/web.template.yml b/templates/web.template.yml
index 395ddcb9e55c1b3920cfee5a01441181a2b769ba..ceb701cb96367b336c533adfef3b47ae88749bfe 100644 (file)
--- a/templates/web.template.yml
+++ b/templates/web.template.yml
@@ -27,6 +27,7 @@ run:
   - exec: thpoff echo "thpoff is installed!"
   - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_SMTP_ADDRESS"] == "smtp.example.com"; puts "Aborting! Mail is not configured!"; exit 1; end'
   - exec: /usr/local/bin/ruby -e 'if ENV["DISCOURSE_HOSTNAME"] == "discourse.example.com"; puts "Aborting! Domain is not configured!"; exit 1; end'
+  - exec: /usr/local/bin/ruby -e 'if (ENV["DISCOURSE_CDN_URL"] || "")[0..2] == "//"; puts "Aborting! CDN must have a protocol specified. Once fixed you should rebake your posts now to correct all posts."; exit 1; end'
   - exec: chown -R discourse /home/discourse
   # TODO: move to base image (anacron can not be fired up using rc.d)
   - exec: rm -f /etc/cron.d/anacron