Contents

module RailsConnector
  class PdfExternalController < ApplicationController # :nodoc: all
    skip_before_filter :verify_authenticity_token
    before_filter :validate_inputs

    def index
      send_file(
        FopOnRails.generate_pdf(
          params[:xml_url],
          params[:xsl_url],
          params[:tidy]
        ),
        :filename => "#{params[:filename] || 'output'}.pdf",
        :type => 'application/pdf'
      )
    end

    private

    def validate_inputs
      validate_input('xml', params['xml_url'])
      validate_input('xsl', params['xsl_url'])
      validate_hosts
    end

    def validate_input(type, url)
      unless url and valid_url?(url)
        raise "Invalid #{type} input URL: #{url || 'empty'}"
      end
    end

    def valid_url?(url)
      begin
        URI.parse(url)
      rescue URI::InvalidURIError
        return false
      end
      true
    end

    def validate_hosts
      xml_host, xsl_host = URI.parse(params['xml_url']).host, URI.parse(params['xsl_url']).host
      bad_host = [xml_host, xsl_host].detect do |host|
        !Configuration::PdfGenerator.host_allowed?(host)
      end
      if bad_host
        render(
          :status => 403,
          :text => I18n.t(:"rails_connector.controllers.pdf_external.host_not_allowed", :host => bad_host)
        )
      end
    end
  end
end

Version data entries

21 entries across 21 versions & 1 rubygems

Version	Path
infopark_rails_connector-6.8.0.210.ed204b0	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.110.6570b45	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.72.d18d096	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.23.da7f96b	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.16.def5e85	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.15.a24f5ff	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.891.647580e	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.889.d503e42	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.883.f5f063b	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.884.4bd86e6	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.869.9609b39	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.856.8c0fec5	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.809.bdfa8c3	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.785.05d4af9	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.744.99f67fc	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.720.44fbabd	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.713.e5c3150	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.681.7c84f4a	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.663.ceecdee	app/controllers/rails_connector/pdf_external_controller.rb
infopark_rails_connector-6.8.0.beta.200.650.7c93155	app/controllers/rails_connector/pdf_external_controller.rb