mirror of
https://github.com/miniflux/v2.git
synced 2025-08-01 17:38:37 +00:00
Proxify images in API responses
This commit is contained in:
Romain de Laage
Frédéric Guillot
parent
206be5ba15
commit
3f14d08095
12 changed files with 146 additions and 19 deletions
18
ui/proxy.go
18
ui/proxy.go
|
|
@ -5,6 +5,8 @@
|
|||
package ui // import "miniflux.app/ui"
|
||||
|
||||
import (
|
||||
"crypto/hmac"
|
||||
"crypto/sha256"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"net/http"
|
||||
|
|
@ -25,18 +27,34 @@ func (h *handler) imageProxy(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
encodedDigest := request.RouteStringParam(r, "encodedDigest")
|
||||
encodedURL := request.RouteStringParam(r, "encodedURL")
|
||||
if encodedURL == "" {
|
||||
html.BadRequest(w, r, errors.New("No URL provided"))
|
||||
return
|
||||
}
|
||||
|
||||
decodedDigest, err := base64.URLEncoding.DecodeString(encodedDigest)
|
||||
if err != nil {
|
||||
html.BadRequest(w, r, errors.New("Unable to decode this Digest"))
|
||||
return
|
||||
}
|
||||
|
||||
decodedURL, err := base64.URLEncoding.DecodeString(encodedURL)
|
||||
if err != nil {
|
||||
html.BadRequest(w, r, errors.New("Unable to decode this URL"))
|
||||
return
|
||||
}
|
||||
|
||||
mac := hmac.New(sha256.New, config.Opts.ProxyPrivateKey())
|
||||
mac.Write(decodedURL)
|
||||
expectedMAC := mac.Sum(nil)
|
||||
|
||||
if !hmac.Equal(decodedDigest, expectedMAC) {
|
||||
html.Forbidden(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
imageURL := string(decodedURL)
|
||||
logger.Debug(`[Proxy] Fetching %q`, imageURL)
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue