Merge pull request #1324 from ThibG/glitch-soc/merge-upstream

Merge upstream changes
author: ThibG <thib@sitedethib.com> 2020-05-03 23:29:41 +0200
committer: GitHub <noreply@github.com> 2020-05-03 23:29:41 +0200
commit: 75b0fa8b760b8829b933b249ac48965abdab15ae (patch)
tree: 4b2e5293f15972012c4dc876bb66870d692490d0 /app/services
parent: 9c61dadc0db7009853c6b2345a02c3b219022929 (diff)
parent: 89fcd68b7501f81a3e33f6b1abff6fc66f78e04b (diff)
1 files changed, 12 insertions, 1 deletions
diff --git a/app/services/fetch_resource_service.rb b/app/services/fetch_resource_service.rb
index 880cdde92..6c0093cd4 100644
--- a/app/services/fetch_resource_service.rb
+++ b/app/services/fetch_resource_service.rb
@@ -25,7 +25,18 @@ class FetchResourceService < BaseService
   end
 
   def perform_request(&block)
-    Request.new(:get, @url).add_headers('Accept' => ACCEPT_HEADER).on_behalf_of(Account.representative).perform(&block)
+    Request.new(:get, @url).tap do |request|
+      request.add_headers('Accept' => ACCEPT_HEADER)
+
+      # In a real setting we want to sign all outgoing requests,
+      # in case the remote server has secure mode enabled and requires
+      # authentication on all resources. However, during development,
+      # sending request signatures with an inaccessible host is useless
+      # and prevents even public resources from being fetched, so
+      # don't do it
+
+      request.on_behalf_of(Account.representative) unless Rails.env.development?
+    end.perform(&block)
   end
 
   def process_response(response, terminal = false)
author	ThibG <thib@sitedethib.com>	2020-05-03 23:29:41 +0200
committer	GitHub <noreply@github.com>	2020-05-03 23:29:41 +0200
commit	75b0fa8b760b8829b933b249ac48965abdab15ae (patch)
tree	4b2e5293f15972012c4dc876bb66870d692490d0 /app/services
parent	9c61dadc0db7009853c6b2345a02c3b219022929 (diff)
parent	89fcd68b7501f81a3e33f6b1abff6fc66f78e04b (diff)