1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MediaProxy.MediaProxyController do
6 use Pleroma.Web, :controller
9 alias Pleroma.Helpers.MediaHelper
10 alias Pleroma.ReverseProxy
11 alias Pleroma.Web.MediaProxy
13 def remote(conn, %{"sig" => sig64, "url" => url64}) do
14 with {_, true} <- {:enabled, MediaProxy.enabled?()},
15 {:ok, url} <- MediaProxy.decode_url(sig64, url64),
16 {_, false} <- {:in_banned_urls, MediaProxy.in_banned_urls(url)},
17 :ok <- MediaProxy.verify_request_path_and_url(conn, url) do
18 ReverseProxy.call(conn, url, media_proxy_opts())
21 send_resp(conn, 404, Plug.Conn.Status.reason_phrase(404))
23 {:in_banned_urls, true} ->
24 send_resp(conn, 404, Plug.Conn.Status.reason_phrase(404))
26 {:error, :invalid_signature} ->
27 send_resp(conn, 403, Plug.Conn.Status.reason_phrase(403))
29 {:wrong_filename, filename} ->
30 redirect(conn, external: MediaProxy.build_url(sig64, url64, filename))
34 def preview(conn, %{"sig" => sig64, "url" => url64}) do
35 with {_, true} <- {:enabled, MediaProxy.preview_enabled?()},
36 {:ok, url} <- MediaProxy.decode_url(sig64, url64) do
37 handle_preview(conn, url)
40 send_resp(conn, 404, Plug.Conn.Status.reason_phrase(404))
42 {:error, :invalid_signature} ->
43 send_resp(conn, 403, Plug.Conn.Status.reason_phrase(403))
45 {:wrong_filename, filename} ->
46 redirect(conn, external: MediaProxy.build_preview_url(sig64, url64, filename))
50 defp handle_preview(conn, url) do
51 with {:ok, %{status: status} = head_response} when status in 200..299 <-
52 Pleroma.HTTP.request("head", MediaProxy.url(url), [], [], [adapter: [pool: :preview]]) do
53 content_type = Tesla.get_header(head_response, "content-type")
54 handle_preview(content_type, conn, url)
56 {_, %{status: status}} ->
57 send_resp(conn, :failed_dependency, "Can't fetch HTTP headers (HTTP #{status}).")
59 {:error, :recv_response_timeout} ->
60 send_resp(conn, :failed_dependency, "HEAD request timeout.")
63 send_resp(conn, :failed_dependency, "Can't fetch HTTP headers.")
67 # TODO: find a workaround so avatar_static and header_static can work.
68 # Those only permit GIFs for animation, so we have to permit a way to
69 # allow those to get real static variants.
70 defp handle_preview("image/gif" = _content_type, conn, url) do
71 mediaproxy_url = url |> MediaProxy.url()
73 redirect(conn, external: mediaproxy_url)
76 defp handle_preview("image/png" <> _ = _content_type, conn, url) do
77 handle_png_preview(conn, url)
80 defp handle_preview("image/" <> _ = _content_type, conn, url) do
81 handle_jpeg_preview(conn, url)
84 defp handle_preview("video/" <> _ = _content_type, conn, url) do
85 handle_video_preview(conn, url)
88 defp handle_preview(content_type, conn, _url) do
89 send_resp(conn, :unprocessable_entity, "Unsupported content type: #{content_type}.")
92 defp handle_png_preview(%{params: params} = conn, url) do
93 quality = Config.get!([:media_preview_proxy, :image_quality])
95 with {thumbnail_max_width, thumbnail_max_height} <- thumbnail_max_dimensions(params),
96 {:ok, thumbnail_binary} <-
97 MediaHelper.image_resize(
100 max_width: thumbnail_max_width,
101 max_height: thumbnail_max_height,
107 |> put_preview_response_headers("image/png", "preview.png")
108 |> send_resp(200, thumbnail_binary)
111 send_resp(conn, :failed_dependency, "Can't handle preview.")
115 defp handle_jpeg_preview(%{params: params} = conn, url) do
116 quality = Config.get!([:media_preview_proxy, :image_quality])
118 with {thumbnail_max_width, thumbnail_max_height} <- thumbnail_max_dimensions(params),
119 {:ok, thumbnail_binary} <-
120 MediaHelper.image_resize(
122 %{max_width: thumbnail_max_width, max_height: thumbnail_max_height, quality: quality}
125 |> put_preview_response_headers()
126 |> send_resp(200, thumbnail_binary)
129 send_resp(conn, :failed_dependency, "Can't handle preview.")
133 defp handle_video_preview(conn, url) do
134 with {:ok, thumbnail_binary} <-
135 MediaHelper.video_framegrab(url) do
137 |> put_preview_response_headers()
138 |> send_resp(200, thumbnail_binary)
141 send_resp(conn, :failed_dependency, "Can't handle preview.")
145 defp put_preview_response_headers(conn, content_type \\ "image/jpeg", filename \\ "preview.jpg") do
147 |> put_resp_header("content-type", content_type)
148 |> put_resp_header("content-disposition", "inline; filename=\"#{filename}\"")
149 |> put_resp_header("cache-control", "max-age=0, private, must-revalidate")
152 defp thumbnail_max_dimensions(params) do
153 config = Config.get([:media_preview_proxy], [])
155 thumbnail_max_width =
156 if w = params["thumbnail_max_width"] do
159 Keyword.fetch!(config, :thumbnail_max_width)
162 thumbnail_max_height =
163 if h = params["thumbnail_max_height"] do
166 Keyword.fetch!(config, :thumbnail_max_height)
169 {thumbnail_max_width, thumbnail_max_height}
172 defp media_proxy_opts do
173 Config.get([:media_proxy, :proxy_opts], [])