diff --git a/modules/avatar/avatar.go b/modules/avatar/avatar.go index 144fda387e50..225d6c818301 100644 --- a/modules/avatar/avatar.go +++ b/modules/avatar/avatar.go @@ -48,8 +48,12 @@ func init() { // hash email to md5 string // keep this func in order to make this package indenpent func HashEmail(email string) string { + // https://en.gravatar.com/site/implement/hash/ + email = strings.TrimSpace(email) + email = strings.ToLower(email) + h := md5.New() - h.Write([]byte(strings.ToLower(email))) + h.Write([]byte(email)) return hex.EncodeToString(h.Sum(nil)) } diff --git a/modules/base/tool.go b/modules/base/tool.go index 0e083c8d0cb6..14c0e7d08672 100644 --- a/modules/base/tool.go +++ b/modules/base/tool.go @@ -23,6 +23,7 @@ import ( "github.com/Unknwon/com" "github.com/Unknwon/i18n" + "github.com/gogits/gogs/modules/avatar" "github.com/gogits/gogs/modules/setting" ) @@ -177,10 +178,13 @@ func CreateTimeLimitCode(data string, minutes int, startInf interface{}) string func AvatarLink(email string) string { if setting.DisableGravatar { return setting.AppSubUrl + "/img/avatar_default.jpg" - } else if setting.Service.EnableCacheAvatar { - return setting.AppSubUrl + "/avatar/" + EncodeMd5(email) } - return setting.GravatarSource + EncodeMd5(email) + + gravatarHash := avatar.HashEmail(email) + if setting.Service.EnableCacheAvatar { + return setting.AppSubUrl + "/avatar/" + gravatarHash + } + return setting.GravatarSource + gravatarHash } // Seconds-based time units