Add support for signed URLs used by the render_file function
This commit is contained in:
@ -3,5 +3,4 @@ test:
|
||||
from: codeocean@hpi.de
|
||||
default_url_options:
|
||||
host: localhost
|
||||
port: 3000
|
||||
delivery_method: :test
|
||||
|
@ -19,5 +19,4 @@ test:
|
||||
<<: *default
|
||||
default_url_options:
|
||||
host: localhost
|
||||
port: 3000
|
||||
delivery_method: :test
|
||||
|
@ -1,4 +1,8 @@
|
||||
default: &default
|
||||
# A public-facing host to be used for the render_file function of the SubmissionsController.
|
||||
# User content will be served from this host. If not set, the default host is used (less secure!).
|
||||
# render_host: codeoceanusercontent.com
|
||||
|
||||
flowr:
|
||||
# When enabled, flowr can assist learners with related search results from
|
||||
# StackOverflow.com regarding exceptions that occurred during code execution.
|
||||
|
@ -38,6 +38,7 @@ Rails.application.config.content_security_policy do |policy|
|
||||
# Code executions might return a base64 encoded image as a :data URI
|
||||
policy.img_src :self, :data
|
||||
policy.object_src :none
|
||||
policy.media_src :self
|
||||
policy.script_src :self, :report_sample
|
||||
# Our ACE editor unfortunately requires :unsafe_inline for the code highlighting
|
||||
policy.style_src :self, :unsafe_inline, :report_sample
|
||||
|
@ -129,6 +129,7 @@ Rails.application.routes.draw do
|
||||
resources :files, only: %i[create destroy]
|
||||
end
|
||||
get '/uploads/files/:id/:filename', to: 'code_ocean/files#show_protected_upload', as: :protected_upload, constraints: {filename: FILENAME_REGEXP}
|
||||
get '/uploads/render_files/:id/:filename', to: 'code_ocean/files#render_protected_upload', as: :render_protected_upload, constraints: {filename: FILENAME_REGEXP}
|
||||
|
||||
resources :file_types
|
||||
|
||||
|
Reference in New Issue
Block a user