Add IMGPROXY_COOKIE_PASSTHROUGH_ALL config

2025-10-02 17:09:48 +02:00 · 2025-02-12 22:34:31 +03:00
parent bd6b86e299
commit 204cfa3648
5 changed files with 91 additions and 37 deletions
--- a/cookies/cookies.go
+++ b/cookies/cookies.go
@@ -5,16 +5,65 @@ import (
 	"net/http"
 	"net/http/cookiejar"
 	"net/url"
+	"sync"

 	"golang.org/x/net/publicsuffix"

 	"github.com/imgproxy/imgproxy/v3/config"
 )

-func JarFromRequest(r *http.Request) (*cookiejar.Jar, error) {
-	jar, err := cookiejar.New(&cookiejar.Options{PublicSuffixList: publicsuffix.List})
-	if err != nil {
-		return nil, err
+type anyCookieJarEntry struct {
+	Name   string
+	Value  string
+	Quoted bool
+}
+
+// anyCookieJar is a cookie jar that stores all cookies in memory
+// and doesn't care about domains and paths
+type anyCookieJar struct {
+	entries []anyCookieJarEntry
+	mu      sync.RWMutex
+}
+
+func (j *anyCookieJar) SetCookies(u *url.URL, cookies []*http.Cookie) {
+	j.mu.Lock()
+	defer j.mu.Unlock()
+
+	for _, c := range cookies {
+		entry := anyCookieJarEntry{
+			Name:   c.Name,
+			Value:  c.Value,
+			Quoted: c.Quoted,
+		}
+		j.entries = append(j.entries, entry)
+	}
+}
+
+func (j *anyCookieJar) Cookies(u *url.URL) []*http.Cookie {
+	j.mu.RLock()
+	defer j.mu.RUnlock()
+
+	cookies := make([]*http.Cookie, 0, len(j.entries))
+	for _, e := range j.entries {
+		c := http.Cookie{
+			Name:   e.Name,
+			Value:  e.Value,
+			Quoted: e.Quoted,
+		}
+		cookies = append(cookies, &c)
+	}
+
+	return cookies
+}
+
+func JarFromRequest(r *http.Request) (jar http.CookieJar, err error) {
+	if config.CookiePassthroughAll {
+		jar = &anyCookieJar{}
+	} else {
+		jar, err = cookiejar.New(&cookiejar.Options{PublicSuffixList: publicsuffix.List})
+		if err != nil {
+			return nil, err
+		}
 	}

 	if r == nil {
@@ -23,38 +72,40 @@ func JarFromRequest(r *http.Request) (*cookiejar.Jar, error) {

 	var cookieBase *url.URL

-	if len(config.CookieBaseURL) > 0 {
-		if cookieBase, err = url.Parse(config.CookieBaseURL); err != nil {
-			return nil, fmt.Errorf("can't parse cookie base URL: %s", err)
-		}
-	}
-
-	if cookieBase == nil {
-		scheme := r.Header.Get("X-Forwarded-Proto")
-		if len(scheme) == 0 {
-			scheme = "http"
+	if !config.CookiePassthroughAll {
+		if len(config.CookieBaseURL) > 0 {
+			if cookieBase, err = url.Parse(config.CookieBaseURL); err != nil {
+				return nil, fmt.Errorf("can't parse cookie base URL: %s", err)
+			}
 		}

-		host := r.Header.Get("X-Forwarded-Host")
-		if len(host) == 0 {
-			host = r.Header.Get("Host")
-		}
-		if len(host) == 0 {
-			host = r.Host
-		}
+		if cookieBase == nil {
+			scheme := r.Header.Get("X-Forwarded-Proto")
+			if len(scheme) == 0 {
+				scheme = "http"
+			}

-		if len(host) == 0 {
-			return jar, nil
-		}
+			host := r.Header.Get("X-Forwarded-Host")
+			if len(host) == 0 {
+				host = r.Header.Get("Host")
+			}
+			if len(host) == 0 {
+				host = r.Host
+			}

-		port := r.Header.Get("X-Forwarded-Port")
-		if len(port) > 0 {
-			host = host + ":" + port
-		}
+			if len(host) == 0 {
+				return jar, nil
+			}

-		cookieBase = &url.URL{
-			Scheme: scheme,
-			Host:   host,
+			port := r.Header.Get("X-Forwarded-Port")
+			if len(port) > 0 {
+				host = host + ":" + port
+			}
+
+			cookieBase = &url.URL{
+				Scheme: scheme,
+				Host:   host,
+			}
 		}
 	}