diff --git a/lib/jekyll/tags/include.rb b/lib/jekyll/tags/include.rb index 5c679dc1..394d4e67 100644 --- a/lib/jekyll/tags/include.rb +++ b/lib/jekyll/tags/include.rb @@ -96,13 +96,12 @@ eos def render(context) dir = File.join(context.registers[:site].source, INCLUDES_DIR) - validate_dir(dir, context.registers[:site].safe) file = render_variable(context) || @file validate_file_name(file) path = File.join(dir, file) - validate_file(path, context.registers[:site].safe) + validate_path(path, context.registers[:site].safe) begin partial = Liquid::Template.parse(source(path, context)) @@ -116,17 +115,11 @@ eos end end - def validate_dir(dir, safe) - if File.symlink?(dir) && safe - raise IOError.new "Includes directory '#{dir}' cannot be a symlink" - end - end - - def validate_file(file, safe) - if !File.exists?(file) - raise IOError.new "Included file '#{file}' not found" - elsif File.symlink?(file) && safe - raise IOError.new "The included file '#{file}' should not be a symlink" + def validate_path(path, safe) + if !File.exist?(path) + raise IOError.new "Included file '#{path}' not found" + elsif path != File.realpath(path) && safe + raise IOError.new "The included file '#{path}' should not be a symlink" end end diff --git a/test/test_tags.rb b/test/test_tags.rb index 68507c76..194846f1 100644 --- a/test/test_tags.rb +++ b/test/test_tags.rb @@ -366,8 +366,10 @@ CONTENT context "with symlink'd include" do - setup do - content = < 'pretty', 'source' => source_dir, 'destination' => dest_dir, 'read_posts' => true, 'safe' => true }) - end - - should "not allow symlink includes" do - File.open("/tmp/pages-test", 'w') { |file| file.write("SYMLINK TEST") } + create_post(content, {'permalink' => 'pretty', 'source' => source_dir, 'destination' => dest_dir, 'read_posts' => true, 'safe' => true }) + end assert_no_match /SYMLINK TEST/, @result end end