Patch #40652 » 0001-Replaces-md5-with-SHA256-when-creating-the-hash-for-.patch
| lib/plugins/gravatar/lib/gravatar.rb | ||
|---|---|---|
| 1 | 1 |
# frozen_string_literal: true |
| 2 | 2 | |
| 3 |
require 'digest/md5' |
|
| 4 | 3 |
require 'cgi' |
| 5 | 4 | |
| 6 | 5 |
module GravatarHelper |
| ... | ... | |
| 65 | 64 | |
| 66 | 65 |
# Return the gravatar URL for the given email address. |
| 67 | 66 |
def gravatar_url(email, options={})
|
| 68 |
email_hash = Digest::MD5.hexdigest(email)
|
|
| 67 |
email_hash = Digest::SHA256.hexdigest(email)
|
|
| 69 | 68 |
options = DEFAULT_OPTIONS.merge(options) |
| 70 | 69 |
options[:default] = CGI::escape(options[:default]) unless options[:default].nil? |
| 71 | 70 |
gravatar_api_url(email_hash).tap do |url| |
| test/helpers/avatars_helper_test.rb | ||
|---|---|---|
| 31 | 31 |
end |
| 32 | 32 | |
| 33 | 33 |
def test_avatar_with_user |
| 34 |
assert_include Digest::MD5.hexdigest('jsmith@somenet.foo'), avatar(User.find_by_mail('jsmith@somenet.foo'))
|
|
| 34 |
assert_include Digest::SHA256.hexdigest('jsmith@somenet.foo'), avatar(User.find_by_mail('jsmith@somenet.foo'))
|
|
| 35 | 35 |
end |
| 36 | 36 | |
| 37 | 37 |
def test_avatar_with_email_string |
| 38 |
assert_include Digest::MD5.hexdigest('jsmith@somenet.foo'), avatar('jsmith <jsmith@somenet.foo>')
|
|
| 38 |
assert_include Digest::SHA256.hexdigest('jsmith@somenet.foo'), avatar('jsmith <jsmith@somenet.foo>')
|
|
| 39 | 39 |
end |
| 40 | 40 | |
| 41 | 41 |
def test_avatar_with_anonymous_user |