Gravatar host is displayed CGI-escaped when not customized
Introduced by 0f785bbc
When no host
value is set for Gravatar in gitlab.yml
, it gets a default value in 1_settings.rb
:
Settings.gravatar['plain_url'] ||= 'http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
Settings.gravatar['host'] = Settings.get_host_without_www(Settings.gravatar['plain_url'])
Where get_host_without_www
does this:
def get_host_without_www(url)
url = CGI.escape(url)
uri = URI.parse(url)
uri = URI.parse("http://#{url}") if uri.scheme.nil?
host = uri.host.downcase
host.start_with?('www.') ? host[4..-1] : host
end
Note the CGI.escape
so that URI.parse
doesn't fail due to the interpolation happening in the querystring. Unfortunately this makes uri.host
return the full, escaped String rather than the www.gravatar.com
we actually want. As a result, when you edit your profile, you see this monstrosity: