diff options
author | Ahmad Sherif <me@ahmadsherif.com> | 2016-08-14 23:27:49 +0300 |
---|---|---|
committer | Ahmad Sherif <me@ahmadsherif.com> | 2016-08-14 23:28:18 +0300 |
commit | 504a3b5e6f0b2e2957cf1e4d9d8eebbf32234bdb (patch) | |
tree | 9247e662cd68f90fe97a5cc42c0ff2e0d0665eea /lib/banzai/filter/sanitization_filter.rb | |
parent | 30f5b9a5b711b46f1065baf755e413ceced5646b (diff) |
Fix a memory leak caused by Banzai::Filter::SanitizationFilter
In Banzai::Filter::SanitizationFilter#customize_whitelist, we append
three lambdas that has reference to the SanitizationFilter instance,
which in turn (potentially) has a reference to the following chain:
context hash -> Project instance -> Repository instance -> lookup hash
-> various Rugged instances -> various mmap-ed git pack files.
All of the above is not garbage collected because the array we append
the lambdas to is the constant
HTML::Pipeline::SanitizationFilter::WHITELIST.
Diffstat (limited to 'lib/banzai/filter/sanitization_filter.rb')
-rw-r--r-- | lib/banzai/filter/sanitization_filter.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/banzai/filter/sanitization_filter.rb b/lib/banzai/filter/sanitization_filter.rb index ca80aac5a08..6e13282d5f4 100644 --- a/lib/banzai/filter/sanitization_filter.rb +++ b/lib/banzai/filter/sanitization_filter.rb @@ -7,7 +7,7 @@ module Banzai UNSAFE_PROTOCOLS = %w(data javascript vbscript).freeze def whitelist - whitelist = super + whitelist = super.dup customize_whitelist(whitelist) @@ -42,6 +42,8 @@ module Banzai # Allow any protocol in `a` elements... whitelist[:protocols].delete('a') + whitelist[:transformers] = whitelist[:transformers].dup + # ...but then remove links with unsafe protocols whitelist[:transformers].push(remove_unsafe_links) |