- def remote(conn, %{"sig" => sig, "url" => url}) do
- {:ok, url} = Pleroma.MediaProxy.decode_url(sig, url)
- url = url |> URI.encode()
- case proxy_request(url) do
- {:ok, content_type, body} ->
- conn
- |> put_resp_content_type(content_type)
- |> set_cache_header(:default)
- |> send_resp(200, body)
- other ->
- conn
- |> set_cache_header(:error)
- |> redirect(external: url)
+ @httpoison Application.get_env(:pleroma, :httpoison)
+
+ @max_body_length 25 * 1_048_576
+
+ @cache_control %{
+ default: "public, max-age=1209600",
+ error: "public, must-revalidate, max-age=160"
+ }
+
+ # Content-types that will not be returned as content-disposition attachments
+ # Override with :media_proxy, :safe_content_types in the configuration
+ @safe_content_types [
+ "image/gif",
+ "image/jpeg",
+ "image/jpg",
+ "image/png",
+ "image/svg+xml",
+ "audio/mpeg",
+ "audio/mp3",
+ "video/webm",
+ "video/mp4"
+ ]
+
+ def remote(conn, params = %{"sig" => sig, "url" => url}) do
+ config = Application.get_env(:pleroma, :media_proxy, [])
+
+ with true <- Keyword.get(config, :enabled, false),
+ {:ok, url} <- Pleroma.Web.MediaProxy.decode_url(sig, url),
+ filename <- Path.basename(URI.parse(url).path),
+ true <-
+ if(Map.get(params, "filename"),
+ do: filename == Path.basename(conn.request_path),
+ else: true
+ ),
+ {:ok, content_type, body} <- proxy_request(url),
+ safe_content_type <-
+ Enum.member?(
+ Keyword.get(config, :safe_content_types, @safe_content_types),
+ content_type
+ ) do
+ conn
+ |> put_resp_content_type(content_type)
+ |> set_cache_header(:default)
+ |> put_resp_header(
+ "content-security-policy",
+ "default-src 'none'; style-src 'unsafe-inline'; media-src data:; img-src 'self' data:"
+ )
+ |> put_resp_header("x-xss-protection", "1; mode=block")
+ |> put_resp_header("x-content-type-options", "nosniff")
+ |> put_attachement_header(safe_content_type, filename)
+ |> send_resp(200, body)
+ else
+ false ->
+ send_error(conn, 404)
+
+ {:error, :invalid_signature} ->
+ send_error(conn, 403)
+
+ {:error, {:http, _, url}} ->
+ redirect_or_error(conn, url, Keyword.get(config, :redirect_on_failure, true))