DEV: Absorb onebox gem into core (#12979)

DEV: Absorb onebox gem into core (#12979)

  • Move onebox gem in core library

  • Update template file path

  • Remove warning for onebox gem caching

  • Remove onebox version file

  • Remove onebox gem

  • Add sanitize gem

  • Require onebox library in lazy-yt plugin

  • Remove onebox web specific code

This code was used in standalone onebox Sinatra application

  • Merge Discourse specific AllowlistedGenericOnebox engine in core

  • Fix onebox engine filenames to match class name casing

  • Move onebox specs from gem into core

  • DEV: Rename response helper to onebox_response

Fixes a naming collision.

  • Require rails_helper

  • Don’t use before/after(:all)

  • Whitespace

  • Remove fakeweb

  • Remove poor unit tests

  • DEV: Re-add fakeweb, plugins are using it

  • Move onebox helpers

  • Stub Instagram API

  • FIX: Follow additional redirect status codes (#476)

Don’t throw errors if we encounter 303, 307 or 308 HTTP status codes in responses

  • Remove an empty file

  • DEV: Update the license file

Using the copy from GNU General Public License v2.0 | Choose a License

Hopefully this will enable GitHub to show the license UI?

  • DEV: Update embedded copyrights

  • DEV: Add Onebox copyright notice

  • DEV: Add MIT license, convert COPYRIGHT.txt to md

  • DEV: Remove an incorrect copyright claim

Co-authored-by: Jarek Radosz jradosz@gmail.com Co-authored-by: jbrw jamie@goatforce5.org

diff --git a/COPYRIGHT.md b/COPYRIGHT.md
new file mode 100644
index 0000000..80c989e
--- /dev/null
+++ b/COPYRIGHT.md
@@ -0,0 +1,59 @@
+# Legal notice
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program as the file LICENSE.txt; if not, please see
+http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+
+## Trademark
+
+Discourse is a registered trademark of Civilized Discourse Construction Kit.
+
+## Other copyright notices
+
+Discourse includes works under other copyright notices and distributed
+according to the terms of the GNU General Public License or a compatible
+license (where indicated), including:
+
+- Ember.js - Copyright (c) 2020 Yehuda Katz, Tom Dale and Ember.js contributors
+  MIT License
+
+- jQuery - Copyright OpenJS Foundation and other contributors, https://openjsf.org/
+  MIT License
+
+- Rails - Copyright (c) 2005-2021 David Heinemeier Hansson
+  MIT License
+
+- Onebox - Copyright (c) 2013 jzeta
+  MIT License
+
+MIT License:
+
+`‍``
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+`‍``
diff --git a/COPYRIGHT.txt b/COPYRIGHT.txt
deleted file mode 100644
index cb867e5..0000000
--- a/COPYRIGHT.txt
+++ /dev/null
@@ -1,31 +0,0 @@
-All Discourse code is Copyright 2013 by Civilized Discourse Construction Kit, Inc.
-
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-This program is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program as the file LICENSE.txt; if not, please see
-http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
-
-Discourse is a registered trademark of Civilized Discourse Construction Kit.
-
-Discourse includes works under other copyright notices and distributed
-according to the terms of the GNU General Public License or a compatible
-license (where indicated), including:
-
-Javascript
-
-  Ember.js - Copyright (c) 2012-2013 Yehuda Katz, Tom Dale, Charles Jolley and Ember.js contributors
-
-  jQuery - Copyright (c) 2010-2013 John Resig
-
-Ruby
-
-  Rails - Copyright (c) 2005-2013 David Heinemeier Hansson, Rails Core Team contributors (MIT)
diff --git a/Gemfile b/Gemfile
index e54a9dc..703c5da 100644
--- a/Gemfile
+++ b/Gemfile
@@ -60,8 +60,6 @@ gem 'redis-namespace'
 # better maintained living fork
 gem 'active_model_serializers', '~> 0.8.3'
 
-gem 'onebox'
-
 gem 'http_accept_language', require: false
 
 # Ember related gems need to be pinned cause they control client side
@@ -229,6 +227,8 @@ gem 'sshkey', require: false
 gem 'rchardet', require: false
 gem 'lz4-ruby', require: false, platform: :ruby
 
+gem 'sanitize'
+
 if ENV["IMPORT"] == "1"
   gem 'mysql2'
   gem 'redcarpet'
diff --git a/Gemfile.lock b/Gemfile.lock
index cba9b03..8935c62 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -277,13 +277,6 @@ GEM
     omniauth-twitter (1.4.0)
       omniauth-oauth (~> 1.1)
       rack
-    onebox (2.2.15)
-      addressable (~> 2.7.0)
-      htmlentities (~> 4.3)
-      multi_json (~> 1.11)
-      mustache
-      nokogiri (~> 1.7)
-      sanitize
     openssl (2.2.0)
     openssl-signature_algorithm (1.1.1)
       openssl (~> 2.0)
@@ -558,7 +551,6 @@ DEPENDENCIES
   omniauth-google-oauth2
   omniauth-oauth2
   omniauth-twitter
-  onebox
   parallel_tests
   pg
   pry-byebug
@@ -589,6 +581,7 @@ DEPENDENCIES
   ruby-prof
   ruby-readability
   rubyzip
+  sanitize
   sassc (= 2.0.1)
   sassc-rails
   seed-fu
@@ -610,4 +603,4 @@ DEPENDENCIES
   yaml-lint
 
 BUNDLED WITH
-   2.2.16
+   2.2.17
diff --git a/LICENSE.txt b/LICENSE.txt
index 94fb846..d159169 100644
--- a/LICENSE.txt
+++ b/LICENSE.txt
@@ -1,12 +1,12 @@
-        GNU GENERAL PUBLIC LICENSE
-           Version 2, June 1991
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 2, June 1991
 
  Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
 
-          Preamble
+                            Preamble
 
   The licenses for most software are designed to take away your
 freedom to share and change it.  By contrast, the GNU General Public
@@ -56,7 +56,7 @@ patent must be licensed for everyone's free use or not licensed at all.
   The precise terms and conditions for copying, distribution and
 modification follow.
 
-        GNU GENERAL PUBLIC LICENSE
+                    GNU GENERAL PUBLIC LICENSE
    TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
 
   0. This License applies to any program or other work which contains
@@ -255,7 +255,7 @@ make exceptions for this.  Our decision will be guided by the two goals
 of preserving the free status of all derivatives of our free software and
 of promoting the sharing and reuse of software generally.
 
-          NO WARRANTY
+                            NO WARRANTY
 
   11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
 FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
@@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
 PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.
 
-         END OF TERMS AND CONDITIONS
+                     END OF TERMS AND CONDITIONS
 
-      How to Apply These Terms to Your New Programs
+            How to Apply These Terms to Your New Programs
 
   If you develop a new program, and you want it to be of the greatest
 possible use to the public, the best way to achieve this is to make it
diff --git a/lib/onebox.rb b/lib/onebox.rb
new file mode 100644
index 0000000..12244ad
--- /dev/null
+++ b/lib/onebox.rb
@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "open-uri"
+require "multi_json"
+require "nokogiri"
+require "mustache"
+require "ostruct"
+require "cgi"
+require "net/http"
+require "digest"
+require "sanitize"
+require_relative "onebox/sanitize_config"
+
+module Onebox
+  DEFAULTS = {
+    connect_timeout: 5,
+    timeout: 10,

[... diff too long, it was truncated ...]

GitHub sha: 283b08d4

1 Like

This commit appears in #12979 which was approved by eviltrout. It was merged by techAPJ.

This commit has been mentioned on Discourse Meta. There might be relevant details there:

https://meta.discourse.org/t/custom-onebox-broke-with-discourse-2-8-0-beta2/193303/1