X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fmedia_proxy%2Fmedia_proxy_controller.ex;h=0f4575e2f20d0782ade5a3183074ab57d491efd5;hb=61180ab6f4b85ab78de2eaf1bc1b974c9e7908af;hp=9a64b0ef35776f9b2a3c189481fed15c30ae698a;hpb=4c044f62258b33a95b8281e1eb42a5e0ce47d42d;p=akkoma

diff --git a/lib/pleroma/web/media_proxy/media_proxy_controller.ex b/lib/pleroma/web/media_proxy/media_proxy_controller.ex
index 9a64b0ef3..0f4575e2f 100644
--- a/lib/pleroma/web/media_proxy/media_proxy_controller.ex
+++ b/lib/pleroma/web/media_proxy/media_proxy_controller.ex
@@ -5,20 +5,23 @@
 defmodule Pleroma.Web.MediaProxy.MediaProxyController do
   use Pleroma.Web, :controller
 
+  alias Pleroma.Config
+  alias Pleroma.Helpers.MediaHelper
   alias Pleroma.ReverseProxy
   alias Pleroma.Web.MediaProxy
 
-  @default_proxy_opts [max_body_length: 25 * 1_048_576, http: [follow_redirect: true]]
-
-  def remote(conn, %{"sig" => sig64, "url" => url64} = params) do
-    with config <- Pleroma.Config.get([:media_proxy], []),
-         true <- Keyword.get(config, :enabled, false),
-         {:ok, url} <- MediaProxy.decode_url(sig64, url64),
+  def remote(conn, %{"sig" => sig64, "url" => url64}) do
+    with {_, true} <- {:enabled, MediaProxy.enabled?()},
          {_, false} <- {:in_banned_urls, MediaProxy.in_banned_urls(url)},
-         :ok <- filename_matches(params, conn.request_path, url) do
-      ReverseProxy.call(conn, url, Keyword.get(config, :proxy_opts, @default_proxy_opts))
+         {:ok, url} <- MediaProxy.decode_url(sig64, url64),
+         :ok <- MediaProxy.verify_request_path_and_url(conn, url) do
+      proxy_opts = Config.get([:media_proxy, :proxy_opts], [])
+      ReverseProxy.call(conn, url, proxy_opts)
     else
-      error when error in [false, {:in_banned_urls, true}] ->
+      {:enabled, false} ->
+        send_resp(conn, 404, Plug.Conn.Status.reason_phrase(404))
+
+      {:in_banned_urls, true} ->
         send_resp(conn, 404, Plug.Conn.Status.reason_phrase(404))
 
       {:error, :invalid_signature} ->
@@ -29,20 +32,89 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do
     end
   end
 
-  def filename_matches(%{"filename" => _} = _, path, url) do
-    filename = MediaProxy.filename(url)
+  def preview(conn, %{"sig" => sig64, "url" => url64}) do
+    with {_, true} <- {:enabled, MediaProxy.preview_enabled?()},
+         {:ok, url} <- MediaProxy.decode_url(sig64, url64),
+         :ok <- MediaProxy.verify_request_path_and_url(conn, url) do
+      handle_preview(conn, url)
+    else
+      {:enabled, false} ->
+        send_resp(conn, 404, Plug.Conn.Status.reason_phrase(404))
+
+      {:error, :invalid_signature} ->
+        send_resp(conn, 403, Plug.Conn.Status.reason_phrase(403))
+
+      {:wrong_filename, filename} ->
+        redirect(conn, external: MediaProxy.build_preview_url(sig64, url64, filename))
+    end
+  end
 
-    if filename && does_not_match(path, filename) do
-      {:wrong_filename, filename}
+  defp handle_preview(conn, url) do
+    with {:ok, %{status: status} = head_response} when status in 200..299 <-
+           Tesla.head(url, opts: [adapter: [timeout: preview_head_request_timeout()]]) do
+      content_type = Tesla.get_header(head_response, "content-type")
+      handle_preview(content_type, conn, url)
     else
-      :ok
+      {_, %{status: status}} ->
+        send_resp(conn, :failed_dependency, "Can't fetch HTTP headers (HTTP #{status}).")
+
+      {:error, :recv_response_timeout} ->
+        send_resp(conn, :failed_dependency, "HEAD request timeout.")
+
+      _ ->
+        send_resp(conn, :failed_dependency, "Can't fetch HTTP headers.")
+    end
+  end
+
+  defp thumbnail_max_dimensions(params) do
+    config = Config.get([:media_preview_proxy], [])
+
+    thumbnail_max_width =
+      if w = params["thumbnail_max_width"] do
+        String.to_integer(w)
+      else
+        Keyword.fetch!(config, :thumbnail_max_width)
+      end
+
+    thumbnail_max_height =
+      if h = params["thumbnail_max_height"] do
+        String.to_integer(h)
+      else
+        Keyword.fetch!(config, :thumbnail_max_height)
+      end
+
+    {thumbnail_max_width, thumbnail_max_height}
+  end
+
+  defp handle_preview("image/" <> _ = _content_type, %{params: params} = conn, url) do
+    with {thumbnail_max_width, thumbnail_max_height} <- thumbnail_max_dimensions(params),
+         media_proxy_url <- MediaProxy.url(url),
+         {:ok, thumbnail_binary} <-
+           MediaHelper.ffmpeg_resize_remote(
+             media_proxy_url,
+             %{max_width: thumbnail_max_width, max_height: thumbnail_max_height}
+           ) do
+      conn
+      |> put_resp_header("content-type", "image/jpeg")
+      |> send_resp(200, thumbnail_binary)
+    else
+      _ ->
+        send_resp(conn, :failed_dependency, "Can't handle image preview.")
     end
   end
 
-  def filename_matches(_, _, _), do: :ok
+  defp handle_preview(content_type, conn, _url) do
+    send_resp(conn, :unprocessable_entity, "Unsupported content type: #{content_type}.")
+  end
+
+  defp preview_head_request_timeout do
+    Config.get([:media_preview_proxy, :proxy_opts, :head_request_max_read_duration]) ||
+      preview_timeout()
+  end
 
-  defp does_not_match(path, filename) do
-    basename = Path.basename(path)
-    basename != filename and URI.decode(basename) != filename and URI.encode(basename) != filename
+  defp preview_timeout do
+    Config.get([:media_preview_proxy, :proxy_opts, :max_read_duration]) ||
+      Config.get([:media_proxy, :proxy_opts, :max_read_duration]) ||
+      ReverseProxy.max_read_duration_default()
   end
 end