Fix unsafe URLs in audit log resulting from domain blocks (#27139)

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
pull/17979/merge
Emelia Smith 2024-06-14 09:54:09 +02:00 committed by GitHub
parent a243963e93
commit 3d9f00ae16
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 3 deletions

View File

@ -15,15 +15,15 @@ module Admin::ActionLogsHelper
link_to log.human_identifier, admin_roles_path(log.target_id) link_to log.human_identifier, admin_roles_path(log.target_id)
when 'Report' when 'Report'
link_to "##{log.human_identifier.presence || log.target_id}", admin_report_path(log.target_id) link_to "##{log.human_identifier.presence || log.target_id}", admin_report_path(log.target_id)
when 'DomainBlock', 'DomainAllow', 'EmailDomainBlock', 'UnavailableDomain' when 'Instance', 'DomainBlock', 'DomainAllow', 'UnavailableDomain'
link_to log.human_identifier, "https://#{log.human_identifier.presence}" log.human_identifier.present? ? link_to(log.human_identifier, admin_instance_path(log.human_identifier)) : I18n.t('admin.action_logs.unavailable_instance')
when 'Status' when 'Status'
link_to log.human_identifier, log.permalink link_to log.human_identifier, log.permalink
when 'AccountWarning' when 'AccountWarning'
link_to log.human_identifier, disputes_strike_path(log.target_id) link_to log.human_identifier, disputes_strike_path(log.target_id)
when 'Announcement' when 'Announcement'
link_to truncate(log.human_identifier), edit_admin_announcement_path(log.target_id) link_to truncate(log.human_identifier), edit_admin_announcement_path(log.target_id)
when 'IpBlock', 'Instance', 'CustomEmoji' when 'IpBlock', 'EmailDomainBlock', 'CustomEmoji'
log.human_identifier log.human_identifier
when 'CanonicalEmailBlock' when 'CanonicalEmailBlock'
content_tag(:samp, (log.human_identifier.presence || '')[0...7], title: log.human_identifier) content_tag(:samp, (log.human_identifier.presence || '')[0...7], title: log.human_identifier)

View File

@ -293,6 +293,7 @@ en:
filter_by_action: Filter by action filter_by_action: Filter by action
filter_by_user: Filter by user filter_by_user: Filter by user
title: Audit log title: Audit log
unavailable_instance: "(domain name unavailable)"
announcements: announcements:
destroyed_msg: Announcement successfully deleted! destroyed_msg: Announcement successfully deleted!
edit: edit: