X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fplugs%2Fuploaded_media.ex;h=40984cfc06b618bfadae5ad0f1f09452023b45fe;hb=cc7153cd828afef1564b58649875b5529c078054;hp=be2c17c5f74e0066cb4dc6d0bfe51d936cc6f017;hpb=5104f65b69cb00155c3e0f3ea2c6dca5bb8c10b7;p=akkoma
diff --git a/lib/pleroma/plugs/uploaded_media.ex b/lib/pleroma/plugs/uploaded_media.ex
index be2c17c5f..40984cfc0 100644
--- a/lib/pleroma/plugs/uploaded_media.ex
+++ b/lib/pleroma/plugs/uploaded_media.ex
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.UploadedMedia do
@@ -8,16 +8,22 @@ defmodule Pleroma.Plugs.UploadedMedia do
import Plug.Conn
import Pleroma.Web.Gettext
- import Pleroma.Web.TranslationHelpers
require Logger
+ alias Pleroma.Web.MediaProxy
+
@behaviour Plug
# no slashes
@path "media"
+ @default_cache_control_header "public, max-age=1209600"
+
def init(_opts) do
static_plug_opts =
- []
+ [
+ headers: %{"cache-control" => @default_cache_control_header},
+ cache_control_for_etags: @default_cache_control_header
+ ]
|> Keyword.put(:from, "__unconfigured_media_plug")
|> Keyword.put(:at, "/__unconfigured_media_plug")
|> Plug.Static.init()
@@ -31,18 +37,19 @@ defmodule Pleroma.Plugs.UploadedMedia do
%{query_params: %{"name" => name}} = conn ->
name = String.replace(name, "\"", "\\\"")
- conn
- |> put_resp_header("content-disposition", "filename=\"#{name}\"")
+ put_resp_header(conn, "content-disposition", "filename=\"#{name}\"")
conn ->
conn
end
+ |> merge_resp_headers([{"content-security-policy", "sandbox"}])
config = Pleroma.Config.get(Pleroma.Upload)
with uploader <- Keyword.fetch!(config, :uploader),
proxy_remote = Keyword.get(config, :proxy_remote, false),
- {:ok, get_method} <- uploader.get_file(file) do
+ {:ok, get_method} <- uploader.get_file(file),
+ false <- media_is_banned(conn, get_method) do
get_media(conn, get_method, proxy_remote, opts)
else
_ ->
@@ -54,6 +61,14 @@ defmodule Pleroma.Plugs.UploadedMedia do
def call(conn, _opts), do: conn
+ defp media_is_banned(%{request_path: path} = _conn, {:static_dir, _}) do
+ MediaProxy.in_banned_urls(Pleroma.Web.base_url() <> path)
+ end
+
+ defp media_is_banned(_, {:url, url}), do: MediaProxy.in_banned_urls(url)
+
+ defp media_is_banned(_, _), do: false
+
defp get_media(conn, {:static_dir, directory}, _, opts) do
static_opts =
Map.get(opts, :static_plug_opts)
@@ -66,7 +81,7 @@ defmodule Pleroma.Plugs.UploadedMedia do
conn
else
conn
- |> render_error(:not_found, "Not found")
+ |> send_resp(:not_found, dgettext("errors", "Not found"))
|> halt()
end
end
@@ -86,7 +101,7 @@ defmodule Pleroma.Plugs.UploadedMedia do
Logger.error("#{__MODULE__}: Unknown get startegy: #{inspect(unknown)}")
conn
- |> render_error(:internal_server_error, "Internal Error")
+ |> send_resp(:internal_server_error, dgettext("errors", "Internal Error"))
|> halt()
end
end