Take account of possible https referer in upload route (#1787)

2021-12-23 12:18:30 +01:00
parent 7e379cfab1
commit 46c22a8b87
2 changed files with 16 additions and 1 deletions
@@ -240,7 +240,7 @@ module Precious
        halt 500 unless tempfile.is_a? Tempfile

        if wiki.per_page_uploads
-          dir = request.referer.sub(request.base_url, '')
+          dir = request.referer.match(/^https?:\/\/#{request.host_with_port}\/(.*)/)[1]          
          # remove base path if it is set
          dir.sub!(/^#{wiki.base_path}/, '') if wiki.base_path
          # remove base_url and gollum/* subpath if necessary