Commit a8a65afe authored by Robert Speicher's avatar Robert Speicher

Merge branch 'fix-error-500-with-invalid-utf8' into 'master'

Gracefully handle invalid UTF-8 sequences in Markdown links

Closes #6077

See merge request !2382
parents e3c43ca7 a10ab94b
...@@ -14,6 +14,7 @@ v 8.4.0 (unreleased) ...@@ -14,6 +14,7 @@ v 8.4.0 (unreleased)
- Autocomplete data is now always loaded, instead of when focusing a comment text area - Autocomplete data is now always loaded, instead of when focusing a comment text area
- Improved performance of finding issues for an entire group - Improved performance of finding issues for an entire group
- Added custom application performance measuring system powered by InfluxDB - Added custom application performance measuring system powered by InfluxDB
- Gracefully handle invalid UTF-8 sequences in Markdown links (Stan Hu)
- Bump fog to 1.36.0 (Stan Hu) - Bump fog to 1.36.0 (Stan Hu)
- Add user's last used IP addresses to admin page (Stan Hu) - Add user's last used IP addresses to admin page (Stan Hu)
- Add housekeeping function to project settings page - Add housekeeping function to project settings page
......
...@@ -133,6 +133,7 @@ module Banzai ...@@ -133,6 +133,7 @@ module Banzai
next unless link && text next unless link && text
link = CGI.unescape(link) link = CGI.unescape(link)
next unless link.force_encoding('UTF-8').valid_encoding?
# Ignore ending punctionation like periods or commas # Ignore ending punctionation like periods or commas
next unless link == text && text =~ /\A#{pattern}/ next unless link == text && text =~ /\A#{pattern}/
...@@ -170,6 +171,7 @@ module Banzai ...@@ -170,6 +171,7 @@ module Banzai
next unless link && text next unless link && text
link = CGI.unescape(link) link = CGI.unescape(link)
next unless link.force_encoding('UTF-8').valid_encoding?
next unless link && link =~ /\A#{pattern}\z/ next unless link && link =~ /\A#{pattern}\z/
html = yield link, text html = yield link, text
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment