Merge branch 'fix/2473-purge-expired-activities-duplicates' into 'develop'
[akkoma] / lib / pleroma / web / media_proxy.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Web.MediaProxy do
6 alias Pleroma.Config
7 alias Pleroma.Helpers.UriHelper
8 alias Pleroma.Upload
9 alias Pleroma.Web
10 alias Pleroma.Web.MediaProxy.Invalidation
11
12 @base64_opts [padding: false]
13 @cache_table :banned_urls_cache
14
15 @cachex Pleroma.Config.get([:cachex, :provider], Cachex)
16
17 def cache_table, do: @cache_table
18
19 @spec in_banned_urls(String.t()) :: boolean()
20 def in_banned_urls(url), do: elem(@cachex.exists?(@cache_table, url(url)), 1)
21
22 def remove_from_banned_urls(urls) when is_list(urls) do
23 @cachex.execute!(@cache_table, fn cache ->
24 Enum.each(Invalidation.prepare_urls(urls), &@cachex.del(cache, &1))
25 end)
26 end
27
28 def remove_from_banned_urls(url) when is_binary(url) do
29 @cachex.del(@cache_table, url(url))
30 end
31
32 def put_in_banned_urls(urls) when is_list(urls) do
33 @cachex.execute!(@cache_table, fn cache ->
34 Enum.each(Invalidation.prepare_urls(urls), &@cachex.put(cache, &1, true))
35 end)
36 end
37
38 def put_in_banned_urls(url) when is_binary(url) do
39 @cachex.put(@cache_table, url(url), true)
40 end
41
42 def url(url) when is_nil(url) or url == "", do: nil
43 def url("/" <> _ = url), do: url
44
45 def url(url) do
46 if enabled?() and url_proxiable?(url) do
47 encode_url(url)
48 else
49 url
50 end
51 end
52
53 @spec url_proxiable?(String.t()) :: boolean()
54 def url_proxiable?(url) do
55 not local?(url) and not whitelisted?(url)
56 end
57
58 def preview_url(url, preview_params \\ []) do
59 if preview_enabled?() do
60 encode_preview_url(url, preview_params)
61 else
62 url(url)
63 end
64 end
65
66 def enabled?, do: Config.get([:media_proxy, :enabled], false)
67
68 # Note: media proxy must be enabled for media preview proxy in order to load all
69 # non-local non-whitelisted URLs through it and be sure that body size constraint is preserved.
70 def preview_enabled?, do: enabled?() and !!Config.get([:media_preview_proxy, :enabled])
71
72 def local?(url), do: String.starts_with?(url, Web.base_url())
73
74 def whitelisted?(url) do
75 %{host: domain} = URI.parse(url)
76
77 mediaproxy_whitelist_domains =
78 [:media_proxy, :whitelist]
79 |> Config.get()
80 |> Kernel.++(["#{Upload.base_url()}"])
81 |> Enum.map(&maybe_get_domain_from_url/1)
82
83 domain in mediaproxy_whitelist_domains
84 end
85
86 defp maybe_get_domain_from_url("http" <> _ = url) do
87 URI.parse(url).host
88 end
89
90 defp maybe_get_domain_from_url(domain), do: domain
91
92 defp base64_sig64(url) do
93 base64 = Base.url_encode64(url, @base64_opts)
94
95 sig64 =
96 base64
97 |> signed_url()
98 |> Base.url_encode64(@base64_opts)
99
100 {base64, sig64}
101 end
102
103 def encode_url(url) do
104 {base64, sig64} = base64_sig64(url)
105
106 build_url(sig64, base64, filename(url))
107 end
108
109 def encode_preview_url(url, preview_params \\ []) do
110 {base64, sig64} = base64_sig64(url)
111
112 build_preview_url(sig64, base64, filename(url), preview_params)
113 end
114
115 def decode_url(sig, url) do
116 with {:ok, sig} <- Base.url_decode64(sig, @base64_opts),
117 signature when signature == sig <- signed_url(url) do
118 {:ok, Base.url_decode64!(url, @base64_opts)}
119 else
120 _ -> {:error, :invalid_signature}
121 end
122 end
123
124 defp signed_url(url) do
125 :crypto.hmac(:sha, Config.get([Web.Endpoint, :secret_key_base]), url)
126 end
127
128 def filename(url_or_path) do
129 if path = URI.parse(url_or_path).path, do: Path.basename(path)
130 end
131
132 def base_url do
133 Config.get([:media_proxy, :base_url], Web.base_url())
134 end
135
136 defp proxy_url(path, sig_base64, url_base64, filename) do
137 [
138 base_url(),
139 path,
140 sig_base64,
141 url_base64,
142 filename
143 ]
144 |> Enum.filter(& &1)
145 |> Path.join()
146 end
147
148 def build_url(sig_base64, url_base64, filename \\ nil) do
149 proxy_url("proxy", sig_base64, url_base64, filename)
150 end
151
152 def build_preview_url(sig_base64, url_base64, filename \\ nil, preview_params \\ []) do
153 uri = proxy_url("proxy/preview", sig_base64, url_base64, filename)
154
155 UriHelper.modify_uri_params(uri, preview_params)
156 end
157
158 def verify_request_path_and_url(
159 %Plug.Conn{params: %{"filename" => _}, request_path: request_path},
160 url
161 ) do
162 verify_request_path_and_url(request_path, url)
163 end
164
165 def verify_request_path_and_url(request_path, url) when is_binary(request_path) do
166 filename = filename(url)
167
168 if filename && not basename_matches?(request_path, filename) do
169 {:wrong_filename, filename}
170 else
171 :ok
172 end
173 end
174
175 def verify_request_path_and_url(_, _), do: :ok
176
177 defp basename_matches?(path, filename) do
178 basename = Path.basename(path)
179 basename == filename or URI.decode(basename) == filename or URI.encode(basename) == filename
180 end
181 end