From 68b591e06554688e2ec32e33e04c26983a864c05 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Gaya?= <sebastien.gaya@gmail.com>
Date: Fri, 17 Mar 2023 11:30:50 +0100
Subject: [PATCH] 404 when invalid signature media

---
 app/controllers/media_controller.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/controllers/media_controller.rb b/app/controllers/media_controller.rb
index 01f365cb2..6d7a51879 100644
--- a/app/controllers/media_controller.rb
+++ b/app/controllers/media_controller.rb
@@ -2,7 +2,11 @@ class MediaController < ApplicationController
   skip_before_action :authenticate_user!
 
   def show
-    @blob = ActiveStorage::Blob.find_signed! params[:signed_id]
+    begin
+      @blob = ActiveStorage::Blob.find_signed! params[:signed_id]
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      raise ActiveRecord::RecordNotFound
+    end
     @size = @blob.byte_size
     if @blob.variable?
       variant_service = VariantService.compute(@blob, params[:filename_with_transformations], params[:format])
-- 
GitLab