Add support for signed URLs used by the render_file function

This commit is contained in:
Sebastian Serth
2022-09-23 11:26:56 +02:00
parent 5881795d5f
commit 16c00ec136
16 changed files with 229 additions and 31 deletions

View File

@ -3,5 +3,4 @@ test:
from: codeocean@hpi.de
default_url_options:
host: localhost
port: 3000
delivery_method: :test

View File

@ -19,5 +19,4 @@ test:
<<: *default
default_url_options:
host: localhost
port: 3000
delivery_method: :test

View File

@ -1,4 +1,8 @@
default: &default
# A public-facing host to be used for the render_file function of the SubmissionsController.
# User content will be served from this host. If not set, the default host is used (less secure!).
# render_host: codeoceanusercontent.com
flowr:
# When enabled, flowr can assist learners with related search results from
# StackOverflow.com regarding exceptions that occurred during code execution.

View File

@ -38,6 +38,7 @@ Rails.application.config.content_security_policy do |policy|
# Code executions might return a base64 encoded image as a :data URI
policy.img_src :self, :data
policy.object_src :none
policy.media_src :self
policy.script_src :self, :report_sample
# Our ACE editor unfortunately requires :unsafe_inline for the code highlighting
policy.style_src :self, :unsafe_inline, :report_sample

View File

@ -129,6 +129,7 @@ Rails.application.routes.draw do
resources :files, only: %i[create destroy]
end
get '/uploads/files/:id/:filename', to: 'code_ocean/files#show_protected_upload', as: :protected_upload, constraints: {filename: FILENAME_REGEXP}
get '/uploads/render_files/:id/:filename', to: 'code_ocean/files#render_protected_upload', as: :render_protected_upload, constraints: {filename: FILENAME_REGEXP}
resources :file_types