From b315315f9b4717134997a5f7b85832bdfe8c6f06 Mon Sep 17 00:00:00 2001 From: George <31376482+george-gca@users.noreply.github.com> Date: Tue, 23 Apr 2024 10:59:33 -0300 Subject: [PATCH] Fixed security issue with download 3rd party plugin (#2364) Signed-off-by: George Araujo --- _plugins/download-3rd-party.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_plugins/download-3rd-party.rb b/_plugins/download-3rd-party.rb index a3abbd37ac68..18b7c6ca6f07 100644 --- a/_plugins/download-3rd-party.rb +++ b/_plugins/download-3rd-party.rb @@ -34,7 +34,7 @@ def download_fonts(url, dest) unless File.directory?(dest) && !Dir.empty?(dest) puts "Downloading fonts from #{url} to #{dest}" # get available fonts from the url - doc = Nokogiri::HTML(URI.open(url, "User-Agent" => "Ruby/#{RUBY_VERSION}")) + doc = Nokogiri::HTML(URI().open(url, "User-Agent" => "Ruby/#{RUBY_VERSION}")) doc.css('a').each do |link| # get the file name from the url file_name = link['href'].split('/').last.split('?').first