Add mediaproxy whitelist capability

diff --git a/config/config.exs b/config/config.exs
index b11e4c680faf4d56d4a736c37eeeb36b921719f5..a1cca06f868985cb1600332d1513626193794ad0 100644 (file)
--- a/config/config.exs
+++ b/config/config.exs
@@ -326,7 +326,8 @@ config :pleroma, :media_proxy,
       follow_redirect: true,
       pool: :media
     ]
-  ]
+  ],
+  whitelist: []
 
 config :pleroma, :chat, enabled: true
 

diff --git a/docs/config.md b/docs/config.md
index 7b6631f9b29f9d32fecb1a1e75d4da0bdf7b145d..7e31e6fb785ddd6d9cc56469486758cab85d228e 100644 (file)
--- a/docs/config.md
+++ b/docs/config.md
@@ -205,6 +205,7 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i
 * `enabled`: Enables proxying of remote media to the instance’s proxy
 * `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts.
 * `proxy_opts`: All options defined in `Pleroma.ReverseProxy` documentation, defaults to `[max_body_length: (25*1_048_576)]`.
+* `whitelist`: List of domains to bypass the mediaproxy
 
 ## :gopher
 * `enabled`: Enables the gopher interface

diff --git a/lib/pleroma/web/media_proxy/media_proxy.ex b/lib/pleroma/web/media_proxy/media_proxy.ex
index 3bd2affe9e63733727a64ca1839eca27c15a924b..5762e767b8586b0b5511d4f5bd425ac77889af8b 100644 (file)
--- a/lib/pleroma/web/media_proxy/media_proxy.ex
+++ b/lib/pleroma/web/media_proxy/media_proxy.ex
@@ -13,32 +13,44 @@ defmodule Pleroma.Web.MediaProxy do
 
   def url(url) do
     config = Application.get_env(:pleroma, :media_proxy, [])
+    domain = URI.parse(url).host
 
-    if !Keyword.get(config, :enabled, false) or String.starts_with?(url, Pleroma.Web.base_url()) do
-      url
-    else
-      secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
-
-      # Must preserve `%2F` for compatibility with S3
-      # https://git.pleroma.social/pleroma/pleroma/issues/580
-      replacement = get_replacement(url, ":2F:")
-
-      # The URL is url-decoded and encoded again to ensure it is correctly encoded and not twice.
-      base64 =
+    cond do
+      !Keyword.get(config, :enabled, false) or String.starts_with?(url, Pleroma.Web.base_url()) ->
         url
-        |> String.replace("%2F", replacement)
-        |> URI.decode()
-        |> URI.encode()
-        |> String.replace(replacement, "%2F")
-        |> Base.url_encode64(@base64_opts)
 
-      sig = :crypto.hmac(:sha, secret, base64)
-      sig64 = sig |> Base.url_encode64(@base64_opts)
+      Enum.any?(Pleroma.Config.get([:media_proxy, :whitelist]), fn pattern ->
+        String.equivalent?(domain, pattern)
+      end) ->
+        url
 
-      build_url(sig64, base64, filename(url))
+      true ->
+        encode_url(url)
     end
   end
 
+  def encode_url(url) do
+    secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
+
+    # Must preserve `%2F` for compatibility with S3
+    # https://git.pleroma.social/pleroma/pleroma/issues/580
+    replacement = get_replacement(url, ":2F:")
+
+    # The URL is url-decoded and encoded again to ensure it is correctly encoded and not twice.
+    base64 =
+      url
+      |> String.replace("%2F", replacement)
+      |> URI.decode()
+      |> URI.encode()
+      |> String.replace(replacement, "%2F")
+      |> Base.url_encode64(@base64_opts)
+
+    sig = :crypto.hmac(:sha, secret, base64)
+    sig64 = sig |> Base.url_encode64(@base64_opts)
+
+    build_url(sig64, base64, filename(url))
+  end
+
   def decode_url(sig, url) do
     secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
     sig = Base.url_decode64!(sig, @base64_opts)

diff --git a/test/media_proxy_test.exs b/test/media_proxy_test.exs
index ddbadfbf542198443b653171d38f6d07d2284869..a4331478e163f159e8f41f242373bbe6186f1938 100644 (file)
--- a/test/media_proxy_test.exs
+++ b/test/media_proxy_test.exs
@@ -177,4 +177,13 @@ defmodule Pleroma.MediaProxyTest do
     {:ok, decoded} = decode_url(sig, base64)
     decoded
   end
+
+  test "mediaproxy whitelist" do
+    Pleroma.Config.put([:media_proxy, :enabled], true)
+    Pleroma.Config.put([:media_proxy, :whitelist], ["google.com", "feld.me"])
+    url = "https://feld.me/foo.png"
+
+    unencoded = url(url)
+    assert unencoded == url
+  end
 end