projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'runtime-fixes' into 'develop'
[akkoma]
/
lib
/
pleroma
/
web
/
media_proxy
/
media_proxy.ex
diff --git
a/lib/pleroma/web/media_proxy/media_proxy.ex
b/lib/pleroma/web/media_proxy/media_proxy.ex
index 9c1d717481d2ec7dde07ad50d3e87e515a878673..0fc0a07b269d3bb6af0baf5897e73ffc0bf8c459 100644
(file)
--- a/
lib/pleroma/web/media_proxy/media_proxy.ex
+++ b/
lib/pleroma/web/media_proxy/media_proxy.ex
@@
-1,33
+1,38
@@
defmodule Pleroma.Web.MediaProxy do
@base64_opts [padding: false]
defmodule Pleroma.Web.MediaProxy do
@base64_opts [padding: false]
- @base64_key Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
def url(nil), do: nil
def url(nil), do: nil
+ def url(""), do: nil
+
+ def url(url = "/" <> _), do: url
+
def url(url) do
def url(url) do
- if String.starts_with?(url, Pleroma.Web.base_url) do
+ config = Application.get_env(:pleroma, :media_proxy, [])
+
+ if !Keyword.get(config, :enabled, false) or String.starts_with?(url, Pleroma.Web.base_url()) do
url
else
url
else
+ secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
base64 = Base.url_encode64(url, @base64_opts)
base64 = Base.url_encode64(url, @base64_opts)
- sig = :crypto.hmac(:sha,
@base64_key
, base64)
+ sig = :crypto.hmac(:sha,
secret
, base64)
sig64 = sig |> Base.url_encode64(@base64_opts)
sig64 = sig |> Base.url_encode64(@base64_opts)
- cache_url("#{sig64}/#{base64}")
+ filename = if path = URI.parse(url).path, do: "/" <> Path.basename(path), else: ""
+
+ Keyword.get(config, :base_url, Pleroma.Web.base_url()) <>
+ "/proxy/#{sig64}/#{base64}#{filename}"
end
end
def decode_url(sig, url) do
end
end
def decode_url(sig, url) do
+ secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
sig = Base.url_decode64!(sig, @base64_opts)
sig = Base.url_decode64!(sig, @base64_opts)
- local_sig = :crypto.hmac(:sha, @base64_key, url)
+ local_sig = :crypto.hmac(:sha, secret, url)
+
if local_sig == sig do
{:ok, Base.url_decode64!(url, @base64_opts)}
else
{:error, :invalid_signature}
end
end
if local_sig == sig do
{:ok, Base.url_decode64!(url, @base64_opts)}
else
{:error, :invalid_signature}
end
end
-
- defp cache_url(path) do
- "/proxy/" <> path
- end
-
-
end
end