X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fplugs%2Fuploaded_media.ex;h=72f20e8de16a332c5efda0ae8c9cbe59340c49a8;hb=bab1ab5b6c74de5f02d9ddd06f0026efa547c2a5;hp=94b4c2177d9ae762c5d1491c3c611ce882df95f6;hpb=e73c7fa7e58cf507aad03e8adbc55742f77b74c2;p=akkoma
diff --git a/lib/pleroma/web/plugs/uploaded_media.ex b/lib/pleroma/web/plugs/uploaded_media.ex
index 94b4c2177..72f20e8de 100644
--- a/lib/pleroma/web/plugs/uploaded_media.ex
+++ b/lib/pleroma/web/plugs/uploaded_media.ex
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Plugs.UploadedMedia do
@@ -35,7 +35,7 @@ defmodule Pleroma.Web.Plugs.UploadedMedia do
conn =
case fetch_query_params(conn) do
%{query_params: %{"name" => name}} = conn ->
- name = String.replace(name, "\"", "\\\"")
+ name = escape_header_value(name)
put_resp_header(conn, "content-disposition", "filename=\"#{name}\"")
@@ -47,10 +47,9 @@ defmodule Pleroma.Web.Plugs.UploadedMedia do
config = Pleroma.Config.get(Pleroma.Upload)
with uploader <- Keyword.fetch!(config, :uploader),
- proxy_remote = Keyword.get(config, :proxy_remote, false),
{:ok, get_method} <- uploader.get_file(file),
false <- media_is_banned(conn, get_method) do
- get_media(conn, get_method, proxy_remote, opts)
+ get_media(conn, get_method, opts)
else
_ ->
conn
@@ -62,14 +61,14 @@ defmodule Pleroma.Web.Plugs.UploadedMedia do
def call(conn, _opts), do: conn
defp media_is_banned(%{request_path: path} = _conn, {:static_dir, _}) do
- MediaProxy.in_banned_urls(Pleroma.Web.base_url() <> path)
+ MediaProxy.in_banned_urls(Pleroma.Upload.base_url() <> path)
end
defp media_is_banned(_, {:url, url}), do: MediaProxy.in_banned_urls(url)
defp media_is_banned(_, _), do: false
- defp get_media(conn, {:static_dir, directory}, _, opts) do
+ defp get_media(conn, {:static_dir, directory}, opts) do
static_opts =
Map.get(opts, :static_plug_opts)
|> Map.put(:at, [@path])
@@ -86,29 +85,24 @@ defmodule Pleroma.Web.Plugs.UploadedMedia do
end
end
- defp get_media(conn, {:url, url}, true, _) do
- proxy_opts = [
- http: [
- follow_redirect: true,
- pool: :upload
- ]
- ]
-
- conn
- |> Pleroma.ReverseProxy.call(url, proxy_opts)
- end
-
- defp get_media(conn, {:url, url}, _, _) do
+ defp get_media(conn, {:url, url}, _) do
conn
|> Phoenix.Controller.redirect(external: url)
|> halt()
end
- defp get_media(conn, unknown, _, _) do
+ defp get_media(conn, unknown, _) do
Logger.error("#{__MODULE__}: Unknown get startegy: #{inspect(unknown)}")
conn
|> send_resp(:internal_server_error, dgettext("errors", "Internal Error"))
|> halt()
end
+
+ defp escape_header_value(value) do
+ value
+ |> String.replace("\"", "\\\"")
+ |> String.replace("\\r", "")
+ |> String.replace("\\n", "")
+ end
end