inform that symlinks are not allowed in safe mode (#6670)

Merge pull request 6670
jekyll · Jan 14, 2018 · 082e062 · 082e062
1 parent f77d704
commit 082e062
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 6 deletions.
diff --git a/lib/jekyll/tags/include.rb b/lib/jekyll/tags/include.rb
@@ -115,9 +115,7 @@ def locate_include_file(context, file, safe)
           path = File.join(dir.to_s, file.to_s)
           return path if valid_include_file?(path, dir.to_s, safe)
         end
-        raise IOError, "Could not locate the included file '#{file}' in any of "\
-          "#{includes_dirs}. Ensure it exists in one of those directories and, "\
-          "if it is a symlink, does not point outside your site source."
+        raise IOError, could_not_locate_message(file, includes_dirs, safe)
       end
 
       def render(context)
@@ -192,6 +190,18 @@ def realpath_prefixed_with?(path, dir)
       def read_file(file, context)
         File.read(file, file_read_opts(context))
       end
+
+      private
+
+      def could_not_locate_message(file, includes_dirs, safe)
+        message = "Could not locate the included file '#{file}' in any of "\
+          "#{includes_dirs}. Ensure it exists in one of those directories and"
+        message + if safe
+                    " is not a symlink as those are not allowed in safe mode."
+                  else
+                    ", if it is a symlink, does not point outside your site source."
+                  end
+      end
     end
 
     class IncludeRelativeTag < IncludeTag

diff --git a/test/test_tags.rb b/test/test_tags.rb
@@ -912,7 +912,9 @@ def highlight_block_with_opts(options_string)
         end
         assert_match(
           "Could not locate the included file 'tmp/pages-test-does-not-exist' " \
-          "in any of [\"#{source_dir}/_includes\"].",
+          "in any of [\"#{source_dir}/_includes\"]. Ensure it exists in one of " \
+          "those directories and is not a symlink as those are not allowed in " \
+          "safe mode.",
           ex.message
         )
       end
@@ -1271,8 +1273,8 @@ def highlight_block_with_opts(options_string)
           })
         end
         assert_match(
-          "Ensure it exists in one of those directories and, if it is a symlink, does " \
-          "not point outside your site source.",
+          "Ensure it exists in one of those directories and is not a symlink "\
+          "as those are not allowed in safe mode.",
           ex.message
         )
       end