1 defmodule Pleroma.Web.MediaProxy.MediaProxyController do
2 use Pleroma.Web, :controller
5 @httpoison Application.get_env(:pleroma, :httpoison)
7 @max_body_length 25 * 1_048_576
10 default: "public, max-age=1209600",
11 error: "public, must-revalidate, max-age=160"
14 # Content-types that will not be returned as content-disposition attachments
15 # Override with :media_proxy, :safe_content_types in the configuration
28 def remote(conn, params = %{"sig" => sig, "url" => url}) do
29 config = Application.get_env(:pleroma, :media_proxy, [])
31 with true <- Keyword.get(config, :enabled, false),
32 {:ok, url} <- Pleroma.Web.MediaProxy.decode_url(sig, url),
33 filename <- Path.basename(URI.parse(url).path),
35 if(Map.get(params, "filename"),
36 do: filename == Path.basename(conn.request_path),
39 {:ok, content_type, body} <- proxy_request(url),
42 Keyword.get(config, :safe_content_types, @safe_content_types),
46 |> put_resp_content_type(content_type)
47 |> set_cache_header(:default)
49 "content-security-policy",
50 "default-src 'none'; style-src 'unsafe-inline'; media-src data:; img-src 'self' data:"
52 |> put_resp_header("x-xss-protection", "1; mode=block")
53 |> put_resp_header("x-content-type-options", "nosniff")
54 |> put_attachement_header(safe_content_type, filename)
55 |> send_resp(200, body)
60 {:error, :invalid_signature} ->
63 {:error, {:http, _, url}} ->
64 redirect_or_error(conn, url, Keyword.get(config, :redirect_on_failure, true))
68 defp proxy_request(link) do
71 "Pleroma/MediaProxy; #{Pleroma.Web.base_url()} <#{
72 Application.get_env(:pleroma, :instance)[:email]
77 @httpoison.process_request_options([:insecure, {:follow_redirect, true}]) ++
80 with {:ok, 200, headers, client} <- :hackney.request(:get, link, headers, "", options),
81 headers = Enum.into(headers, Map.new()),
82 {:ok, body} <- proxy_request_body(client),
83 content_type <- proxy_request_content_type(headers, body) do
84 {:ok, content_type, body}
86 {:ok, status, _, _} ->
87 Logger.warn("MediaProxy: request failed, status #{status}, link: #{link}")
88 {:error, {:http, :bad_status, link}}
91 Logger.warn("MediaProxy: request failed, error #{inspect(error)}, link: #{link}")
92 {:error, {:http, error, link}}
96 defp set_cache_header(conn, key) do
97 Plug.Conn.put_resp_header(conn, "cache-control", @cache_control[key])
100 defp redirect_or_error(conn, url, true), do: redirect(conn, external: url)
101 defp redirect_or_error(conn, url, _), do: send_error(conn, 502, "Media proxy error: " <> url)
103 defp send_error(conn, code, body \\ "") do
105 |> set_cache_header(:error)
106 |> send_resp(code, body)
109 defp proxy_request_body(client), do: proxy_request_body(client, <<>>)
111 defp proxy_request_body(client, body) when byte_size(body) < @max_body_length do
112 case :hackney.stream_body(client) do
113 {:ok, data} -> proxy_request_body(client, <<body::binary, data::binary>>)
115 {:error, reason} -> {:error, reason}
119 defp proxy_request_body(client, _) do
120 :hackney.close(client)
121 {:error, :body_too_large}
124 # TODO: the body is passed here as well because some hosts do not provide a content-type.
125 # At some point we may want to use magic numbers to discover the content-type and reply a proper one.
126 defp proxy_request_content_type(headers, _body) do
127 headers["Content-Type"] || headers["content-type"] || "application/octet-stream"
130 defp put_attachement_header(conn, true, _), do: conn
132 defp put_attachement_header(conn, false, filename) do
133 put_resp_header(conn, "content-disposition", "attachment; filename='#{filename}'")