From 3e462713debd5c992aa071bed902110bed88ec67 Mon Sep 17 00:00:00 2001
From: Jesse Haka <haka.jesse@gmail.com>
Date: Tue, 2 Oct 2018 09:00:50 +0300
Subject: if EnableLinkPreviews not enabled, do not call url (#9461)

---
 api4/system.go      | 10 +++++++---
 api4/system_test.go | 19 +++++++++++++++++++
 2 files changed, 26 insertions(+), 3 deletions(-)

(limited to 'api4')

diff --git a/api4/system.go b/api4/system.go
index 2f6e53ab8..ddeac4df4 100644
--- a/api4/system.go
+++ b/api4/system.go
@@ -451,6 +451,13 @@ func testS3(c *Context, w http.ResponseWriter, r *http.Request) {
 }
 
 func getRedirectLocation(c *Context, w http.ResponseWriter, r *http.Request) {
+	m := make(map[string]string)
+	m["location"] = ""
+	cfg := c.App.GetConfig()
+	if !*cfg.ServiceSettings.EnableLinkPreviews {
+		w.Write([]byte(model.MapToJson(m)))
+		return
+	}
 	url := r.URL.Query().Get("url")
 	if len(url) == 0 {
 		c.SetInvalidParam("url")
@@ -463,9 +470,6 @@ func getRedirectLocation(c *Context, w http.ResponseWriter, r *http.Request) {
 		},
 	}
 
-	m := make(map[string]string)
-	m["location"] = ""
-
 	res, err := client.Head(url)
 	if err != nil {
 		// Always return a success status and a JSON string to limit the amount of information returned to a
diff --git a/api4/system_test.go b/api4/system_test.go
index c66e08976..32fadd380 100644
--- a/api4/system_test.go
+++ b/api4/system_test.go
@@ -717,6 +717,12 @@ func TestRedirectLocation(t *testing.T) {
 	th := Setup().InitBasic().InitSystemAdmin()
 	defer th.TearDown()
 	Client := th.Client
+	enableLinkPreviews := *th.App.Config().ServiceSettings.EnableLinkPreviews
+	defer func() {
+		th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableLinkPreviews = enableLinkPreviews })
+	}()
+
+	*th.App.Config().ServiceSettings.EnableLinkPreviews = true
 
 	_, resp := th.SystemAdminClient.GetRedirectLocation("https://mattermost.com/", "")
 	CheckNoError(t, resp)
@@ -730,6 +736,19 @@ func TestRedirectLocation(t *testing.T) {
 		t.Errorf("Expected %v but got %v.", expected, actual)
 	}
 
+	*th.App.Config().ServiceSettings.EnableLinkPreviews = false
+	actual, resp = th.SystemAdminClient.GetRedirectLocation("https://mattermost.com/", "")
+	CheckNoError(t, resp)
+	assert.Equal(t, actual, "")
+
+	actual, resp = th.SystemAdminClient.GetRedirectLocation("", "")
+	CheckNoError(t, resp)
+	assert.Equal(t, actual, "")
+
+	actual, resp = th.SystemAdminClient.GetRedirectLocation(mockBitlyLink, "")
+	CheckNoError(t, resp)
+	assert.Equal(t, actual, "")
+
 	Client.Logout()
 	_, resp = Client.GetRedirectLocation("", "")
 	CheckUnauthorizedStatus(t, resp)
-- 
cgit v1.2.3-1-g7c22