silva
/
new_site
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed security issue with download 3rd party plugin (#2364) 

Signed-off-by: George Araujo <george.gcac@gmail.com>
This commit is contained in:
George 2024-04-23 10:59:33 -03:00 committed by GitHub
parent 0aa3821300
commit b315315f9b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_plugins/download-3rd-party.rb
View File

@ -34,7 +34,7 @@ Jekyll::Hooks.register :site, :after_init do |site|
unless File.directory?(dest) && !Dir.empty?(dest) unless File.directory?(dest) && !Dir.empty?(dest)
puts "Downloading fonts from #{url} to #{dest}" puts "Downloading fonts from #{url} to #{dest}"
# get available fonts from the url # get available fonts from the url
doc = Nokogiri::HTML(URI.open(url, "User-Agent" => "Ruby/#{RUBY_VERSION}")) doc = Nokogiri::HTML(URI().open(url, "User-Agent" => "Ruby/#{RUBY_VERSION}"))
doc.css('a').each do |link| doc.css('a').each do |link|
# get the file name from the url # get the file name from the url
file_name = link['href'].split('/').last.split('?').first file_name = link['href'].split('/').last.split('?').first