diff --git a/Gemfile.lock b/Gemfile.lock index 58fadac34..087cfa5bb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,40 +9,40 @@ PATH GEM remote: https://rubygems.org/ specs: - actioncable (6.1.7.4) - actionpack (= 6.1.7.4) - activesupport (= 6.1.7.4) + actioncable (6.1.7.6) + actionpack (= 6.1.7.6) + activesupport (= 6.1.7.6) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7.4) - actionpack (= 6.1.7.4) - activejob (= 6.1.7.4) - activerecord (= 6.1.7.4) - activestorage (= 6.1.7.4) - activesupport (= 6.1.7.4) + actionmailbox (6.1.7.6) + actionpack (= 6.1.7.6) + activejob (= 6.1.7.6) + activerecord (= 6.1.7.6) + activestorage (= 6.1.7.6) + activesupport (= 6.1.7.6) mail (>= 2.7.1) - actionmailer (6.1.7.4) - actionpack (= 6.1.7.4) - actionview (= 6.1.7.4) - activejob (= 6.1.7.4) - activesupport (= 6.1.7.4) + actionmailer (6.1.7.6) + actionpack (= 6.1.7.6) + actionview (= 6.1.7.6) + activejob (= 6.1.7.6) + activesupport (= 6.1.7.6) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (6.1.7.4) - actionview (= 6.1.7.4) - activesupport (= 6.1.7.4) + actionpack (6.1.7.6) + actionview (= 6.1.7.6) + activesupport (= 6.1.7.6) rack (~> 2.0, >= 2.0.9) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.7.4) - actionpack (= 6.1.7.4) - activerecord (= 6.1.7.4) - activestorage (= 6.1.7.4) - activesupport (= 6.1.7.4) + actiontext (6.1.7.6) + actionpack (= 6.1.7.6) + activerecord (= 6.1.7.6) + activestorage (= 6.1.7.6) + activesupport (= 6.1.7.6) nokogiri (>= 1.8.5) - actionview (6.1.7.4) - activesupport (= 6.1.7.4) + actionview (6.1.7.6) + activesupport (= 6.1.7.6) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) @@ -50,22 +50,22 @@ GEM active_link_to (1.0.5) actionpack addressable - activejob (6.1.7.4) - activesupport (= 6.1.7.4) + activejob (6.1.7.6) + activesupport (= 6.1.7.6) globalid (>= 0.3.6) - activemodel (6.1.7.4) - activesupport (= 6.1.7.4) - activerecord (6.1.7.4) - activemodel (= 6.1.7.4) - activesupport (= 6.1.7.4) - activestorage (6.1.7.4) - actionpack (= 6.1.7.4) - activejob (= 6.1.7.4) - activerecord (= 6.1.7.4) - activesupport (= 6.1.7.4) + activemodel (6.1.7.6) + activesupport (= 6.1.7.6) + activerecord (6.1.7.6) + activemodel (= 6.1.7.6) + activesupport (= 6.1.7.6) + activestorage (6.1.7.6) + actionpack (= 6.1.7.6) + activejob (= 6.1.7.6) + activerecord (= 6.1.7.6) + activesupport (= 6.1.7.6) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (6.1.7.4) + activesupport (6.1.7.6) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -76,7 +76,7 @@ GEM addressable (2.8.5) public_suffix (>= 2.0.2, < 6.0) ast (2.4.2) - axe-core-api (4.7.0) + axe-core-api (4.8.0) dumb_delegator virtus axe-core-rspec (4.1.0) @@ -87,6 +87,7 @@ GEM descendants_tracker (~> 0.0.4) ice_nine (~> 0.11.0) thread_safe (~> 0.3, >= 0.3.1) + base64 (0.1.1) batch-loader (1.5.0) bcrypt (3.1.19) better_html (1.0.16) @@ -132,7 +133,7 @@ GEM actionpack (>= 5.0) cells (>= 4.1.6, < 5.0.0) charlock_holmes (0.7.7) - chef-utils (18.2.7) + chef-utils (18.3.0) concurrent-ruby childprocess (4.1.0) codecov (0.6.0) @@ -151,7 +152,7 @@ GEM crack (0.4.5) rexml crass (1.0.6) - css_parser (1.14.0) + css_parser (1.16.0) addressable date (3.3.3) date_validator (0.12.0) @@ -332,13 +333,13 @@ GEM declarative-option (0.1.0) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) - devise (4.9.2) + devise (4.9.3) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0) responders warden (~> 1.2.3) - devise-i18n (1.11.0) + devise-i18n (1.12.0) devise (>= 4.9.0) devise_invitable (2.0.8) actionmailer (>= 5.0) @@ -365,8 +366,8 @@ GEM temple erubi (1.12.0) escape_utils (1.3.0) - excon (0.100.0) - execjs (2.8.1) + excon (0.104.0) + execjs (2.9.1) extended-markdown-filter (0.7.0) html-pipeline (~> 2.9) factory_bot (4.11.1) @@ -376,11 +377,12 @@ GEM railties (>= 3.0.0) faker (2.23.0) i18n (>= 1.8.11, < 2) - faraday (2.7.10) + faraday (2.7.11) + base64 faraday-net_http (>= 2.0, < 3.1) ruby2_keywords (>= 0.0.4) faraday-net_http (3.0.2) - ffi (1.15.5) + ffi (1.16.3) file_validators (3.0.0) activemodel (>= 3.2) mime-types (>= 1.0) @@ -399,8 +401,8 @@ GEM railties (>= 4.1, < 7.1) gemoji (3.0.1) geocoder (1.8.2) - globalid (1.1.0) - activesupport (>= 5.0) + globalid (1.2.1) + activesupport (>= 6.1) graphql (1.12.24) graphql-docs (2.1.0) commonmarker (~> 0.16) @@ -479,7 +481,7 @@ GEM net-smtp marcel (1.0.2) matrix (0.4.2) - mdl (0.12.0) + mdl (0.13.0) kramdown (~> 2.3) kramdown-parser-gfm (~> 1.1) mixlib-cli (~> 2.1, >= 2.1.1) @@ -488,10 +490,10 @@ GEM method_source (1.0.0) mime-types (3.5.1) mime-types-data (~> 3.2015) - mime-types-data (3.2023.0808) + mime-types-data (3.2023.1003) mini_magick (4.12.0) mini_mime (1.1.5) - minitest (5.19.0) + minitest (5.20.0) mixlib-cli (2.1.8) mixlib-config (3.0.27) tomlrb @@ -500,18 +502,16 @@ GEM msgpack (1.7.2) multi_xml (0.6.0) mustache (1.1.1) - net-imap (0.3.7) + net-imap (0.4.2) date net-protocol net-pop (0.1.2) net-protocol net-protocol (0.2.1) timeout - net-smtp (0.3.3) + net-smtp (0.4.0) net-protocol nio4r (2.5.9) - nokogiri (1.14.5-arm64-darwin) - racc (~> 1.4) nokogiri (1.14.5-x86_64-linux) racc (~> 1.4) oauth (1.1.0) @@ -557,7 +557,7 @@ GEM parallel (1.23.0) parallel_tests (3.13.0) parallel - parser (3.2.2.3) + parser (3.2.2.4) ast (~> 2.4.1) racc pg (1.1.4) @@ -583,24 +583,24 @@ GEM rack (>= 2.0.0) rack-protection (3.1.0) rack (~> 2.2, >= 2.2.4) - rack-proxy (0.7.6) + rack-proxy (0.7.7) rack rack-test (2.1.0) rack (>= 1.3) - rails (6.1.7.4) - actioncable (= 6.1.7.4) - actionmailbox (= 6.1.7.4) - actionmailer (= 6.1.7.4) - actionpack (= 6.1.7.4) - actiontext (= 6.1.7.4) - actionview (= 6.1.7.4) - activejob (= 6.1.7.4) - activemodel (= 6.1.7.4) - activerecord (= 6.1.7.4) - activestorage (= 6.1.7.4) - activesupport (= 6.1.7.4) + rails (6.1.7.6) + actioncable (= 6.1.7.6) + actionmailbox (= 6.1.7.6) + actionmailer (= 6.1.7.6) + actionpack (= 6.1.7.6) + actiontext (= 6.1.7.6) + actionview (= 6.1.7.6) + activejob (= 6.1.7.6) + activemodel (= 6.1.7.6) + activerecord (= 6.1.7.6) + activestorage (= 6.1.7.6) + activesupport (= 6.1.7.6) bundler (>= 1.15.0) - railties (= 6.1.7.4) + railties (= 6.1.7.6) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) @@ -615,9 +615,9 @@ GEM rails-i18n (6.0.0) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 7) - railties (6.1.7.4) - actionpack (= 6.1.7.4) - activesupport (= 6.1.7.4) + railties (6.1.7.6) + actionpack (= 6.1.7.6) + activesupport (= 6.1.7.6) method_source rake (>= 12.2) thor (~> 1.0) @@ -632,10 +632,10 @@ GEM ffi (~> 1.0) redcarpet (3.6.0) redis (4.8.1) - regexp_parser (2.8.1) + regexp_parser (2.8.2) request_store (1.5.1) rack (>= 1.4) - responders (3.1.0) + responders (3.1.1) actionpack (>= 5.2) railties (>= 5.2) rexml (3.2.6) @@ -691,7 +691,7 @@ GEM rubocop-rspec (2.11.1) rubocop (~> 1.19) ruby-progressbar (1.13.0) - ruby-vips (2.1.4) + ruby-vips (2.2.0) ffi (~> 1.12) ruby2_keywords (0.0.5) rubyXL (3.4.25) @@ -730,20 +730,20 @@ GEM spring-watcher-listen (2.0.1) listen (>= 2.7, < 4.0) spring (>= 1.2, < 3.0) - sprockets (4.2.0) + sprockets (4.2.1) concurrent-ruby (~> 1.0) rack (>= 2.2.4, < 4) sprockets-rails (3.4.2) actionpack (>= 5.2) activesupport (>= 5.2) sprockets (>= 3.0.0) - ssrf_filter (1.1.1) - temple (0.10.2) + ssrf_filter (1.1.2) + temple (0.10.3) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) - thor (1.2.2) + thor (1.3.0) thread_safe (0.3.6) - tilt (2.2.0) + tilt (2.3.0) timeout (0.4.0) tomlrb (2.0.3) tzinfo (2.0.6) @@ -751,7 +751,7 @@ GEM uber (0.1.0) uglifier (4.2.0) execjs (>= 0.3.0, < 3) - unicode-display_width (2.4.2) + unicode-display_width (2.5.0) valid_email2 (2.3.1) activemodel (>= 3.2) mail (~> 2.5) @@ -770,12 +770,12 @@ GEM rexml (~> 3.2) warden (1.2.9) rack (>= 2.0.9) - web-console (4.2.0) + web-console (4.2.1) actionview (>= 6.0.0) activemodel (>= 6.0.0) bindex (>= 0.4.0) railties (>= 6.0.0) - webmock (3.18.1) + webmock (3.19.1) addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) @@ -790,17 +790,16 @@ GEM websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) - wicked_pdf (2.6.3) + wicked_pdf (2.7.0) activesupport wisper (2.0.1) wisper-rspec (1.1.0) wkhtmltopdf-binary (0.12.6.6) xpath (3.2.0) nokogiri (~> 1.8) - zeitwerk (2.6.11) + zeitwerk (2.6.12) PLATFORMS - arm64-darwin-22 x86_64-linux DEPENDENCIES @@ -821,7 +820,7 @@ DEPENDENCIES web-console RUBY VERSION - ruby 3.0.5p211 + ruby 3.0.6p216 BUNDLED WITH - 2.2.33 + 2.4.6 diff --git a/app/controllers/concerns/decidim/decidim_awesome/not_found_redirect.rb b/app/controllers/concerns/decidim/decidim_awesome/not_found_redirect.rb index 8516a428f..af56b3531 100644 --- a/app/controllers/concerns/decidim/decidim_awesome/not_found_redirect.rb +++ b/app/controllers/concerns/decidim/decidim_awesome/not_found_redirect.rb @@ -43,8 +43,8 @@ def custom_redirects_destination(fullpath) return unless redirects.is_a? Hash path, query = fullpath.split("?") - destination = redirects.dig(path.downcase, "destination") - pass_query = redirects.dig(path.downcase, "pass_query") + destination = redirects.dig(path, "destination") + pass_query = redirects.dig(path, "pass_query") if pass_query.present? union = destination.include?("?") ? "&" : "?" destination = "#{destination}#{union}#{query}" diff --git a/app/forms/decidim/decidim_awesome/admin/custom_redirect_form.rb b/app/forms/decidim/decidim_awesome/admin/custom_redirect_form.rb index 11946172d..8c3c7ae87 100644 --- a/app/forms/decidim/decidim_awesome/admin/custom_redirect_form.rb +++ b/app/forms/decidim/decidim_awesome/admin/custom_redirect_form.rb @@ -25,7 +25,7 @@ def to_params end def sanitize_url(url, strip_host: true) - url = url.strip.downcase + url = url.strip parsed = Addressable::URI.parse(url) url = parsed.path if strip_host && parsed.host == current_organization.host url = "/#{url}" unless url.match?(%r{^https?://|^/}) diff --git a/spec/forms/admin/custom_redirect_form_spec.rb b/spec/forms/admin/custom_redirect_form_spec.rb index f4b5aab30..69e5c8141 100644 --- a/spec/forms/admin/custom_redirect_form_spec.rb +++ b/spec/forms/admin/custom_redirect_form_spec.rb @@ -95,6 +95,16 @@ module Admin it { is_expected.to be_invalid } end + + context "when origin and destination are not case sensitive" do + let(:origin) { "/Some-Origin-Path".downcase } + let(:destination) { "http://#{organization.host}/Some-Origin-Path".downcase } + + it "compares origin and destination without considering case" do + expect(origin).not_to eq("/Some-Origin-Path") + expect(destination).not_to eq("http://#{organization.host}/Some-Origin-Path") + end + end end end end