X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fmedia_proxy%2Fcontroller.ex;h=63140feb99a2bbce660b2fb12ac375a214c5ae59;hb=0863ec27379a09ee8367fe61da9e63c90cfe18ee;hp=560a653531b6c7824aa1967c0b99a40f6523d869;hpb=0ccd0e5cc99417428877e61d09a1fa4ea5578625;p=akkoma

diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex
index 560a65353..63140feb9 100644
--- a/lib/pleroma/web/media_proxy/controller.ex
+++ b/lib/pleroma/web/media_proxy/controller.ex
@@ -1,82 +1,39 @@
 defmodule Pleroma.Web.MediaProxy.MediaProxyController do
   use Pleroma.Web, :controller
-  require Logger
+  alias Pleroma.{Web.MediaProxy, ReverseProxy}
 
-  @max_body_length 25 * 1048576
+  @default_proxy_opts [max_body_length: 25 * 1_048_576, http: [follow_redirect: true]]
 
-  @cache_control %{
-    default: "public, max-age=1209600",
-    error:   "public, must-revalidate, max-age=160",
-  }
-
-  def remote(conn, %{"sig" => sig, "url" => url}) do
-    config = Application.get_env(:pleroma, :media_proxy, [])
-    with \
-      true <- Keyword.get(config, :enabled, false),
-      {:ok, url} <- Pleroma.Web.MediaProxy.decode_url(sig, url),
-      {:ok, content_type, body} <- proxy_request(url)
-    do
-      conn
-      |> put_resp_content_type(content_type)
-      |> set_cache_header(:default)
-      |> send_resp(200, body)
+  def remote(conn, params = %{"sig" => sig64, "url" => url64}) do
+    with config <- Pleroma.Config.get([:media_proxy], []),
+         true <- Keyword.get(config, :enabled, false),
+         {:ok, url} <- MediaProxy.decode_url(sig64, url64),
+         :ok <- filename_matches(Map.has_key?(params, "filename"), conn.request_path, url) do
+      ReverseProxy.call(conn, url, Keyword.get(config, :proxy_opts, @default_proxy_opts))
     else
-      false -> send_error(conn, 404)
-      {:error, :invalid_signature} -> send_error(conn, 403)
-      {:error, {:http, _, url}} -> redirect_or_error(conn, url, Keyword.get(config, :redirect_on_failure, true))
-    end
-  end
+      false ->
+        send_resp(conn, 404, Plug.Conn.Status.reason_phrase(404))
 
-  defp proxy_request(link) do
-    headers = [{"user-agent", "Pleroma/MediaProxy; #{Pleroma.Web.base_url()} <#{Application.get_env(:pleroma, :instance)[:email]}>"}]
-    options = [:insecure, {:follow_redirect, true}]
-    with \
-      {:ok, 200, headers, client} <- :hackney.request(:get, link, headers, "", options),
-      headers = Enum.into(headers, Map.new),
-      {:ok, body} <- proxy_request_body(client),
-      content_type <- proxy_request_content_type(headers, body)
-    do
-      {:ok, content_type, body}
-    else
-      {:ok, status, _, _} ->
-        Logger.warn "MediaProxy: request failed, status #{status}, link: #{link}"
-        {:error, {:http, :bad_status, link}}
-      {:error, error} ->
-        Logger.warn "MediaProxy: request failed, error #{inspect error}, link: #{link}"
-        {:error, {:http, error, link}}
+      {:error, :invalid_signature} ->
+        send_resp(conn, 403, Plug.Conn.Status.reason_phrase(403))
+
+      {:wrong_filename, filename} ->
+        redirect(conn, external: MediaProxy.build_url(sig64, url64, filename))
     end
   end
 
-  defp set_cache_header(conn, key) do
-    Plug.Conn.put_resp_header(conn, "cache-control", @cache_control[key])
-  end
+  def filename_matches(has_filename, path, url) do
+    filename =
+      url
+      |> MediaProxy.filename()
+      |> URI.decode()
 
-  defp redirect_or_error(conn, url, true), do: redirect(conn, external: url)
-  defp redirect_or_error(conn, url, _), do: send_error(conn, 502, "Media proxy error: " <> url)
+    path = URI.decode(path)
 
-  defp send_error(conn, code, body \\ "") do
-    conn
-    |> set_cache_header(:error)
-    |> send_resp(code, body)
-  end
-
-  defp proxy_request_body(client), do: proxy_request_body(client, <<>>)
-  defp proxy_request_body(client, body) when byte_size(body) < @max_body_length do
-    case :hackney.stream_body(client) do
-      {:ok, data} -> proxy_request_body(client, <<body :: binary, data :: binary>>)
-      :done -> {:ok, body}
-      {:error, reason} -> {:error, reason}
+    if has_filename && filename && Path.basename(path) != filename do
+      {:wrong_filename, filename}
+    else
+      :ok
     end
   end
-  defp proxy_request_body(client, _) do
-    :hackney.close(client)
-    {:error, :body_too_large}
-  end
-
-  # TODO: the body is passed here as well because some hosts do not provide a content-type.
-  # At some point we may want to use magic numbers to discover the content-type and reply a proper one.
-  defp proxy_request_content_type(headers, _body) do
-    headers["Content-Type"] || headers["content-type"] || "image/jpeg"
-  end
-
 end