mirror of
https://github.com/imgproxy/imgproxy.git
synced 2025-10-11 04:32:29 +02:00
Polish cookies passthrough
This commit is contained in:
DarthSim
@@ -3,10 +3,8 @@ package main
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/url"
|
||||
"net/http"
|
||||
"net/http/cookiejar"
|
||||
"golang.org/x/net/publicsuffix"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
@@ -14,6 +12,7 @@ import (
|
||||
log "github.com/sirupsen/logrus"
|
||||
|
||||
"github.com/imgproxy/imgproxy/v3/config"
|
||||
"github.com/imgproxy/imgproxy/v3/cookies"
|
||||
"github.com/imgproxy/imgproxy/v3/errorreport"
|
||||
"github.com/imgproxy/imgproxy/v3/etag"
|
||||
"github.com/imgproxy/imgproxy/v3/ierrors"
|
||||
@@ -138,48 +137,6 @@ func respondWithNotModified(reqID string, r *http.Request, rw http.ResponseWrite
|
||||
)
|
||||
}
|
||||
|
||||
func cookieJarFromRequest(r *http.Request) (*cookiejar.Jar, error) {
|
||||
jar, err := cookiejar.New(&cookiejar.Options{PublicSuffixList: publicsuffix.List})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
if config.CookiePassthrough && r != nil {
|
||||
cookieBase := config.CookieBaseURL
|
||||
|
||||
if len(cookieBase) == 0 {
|
||||
scheme := r.Header.Get("X-Forwarded-Proto")
|
||||
if len(scheme) == 0 {
|
||||
scheme = "http"
|
||||
}
|
||||
host := r.Header.Get("X-Forwarded-Host")
|
||||
if len(host) == 0 {
|
||||
host = r.Header.Get("Host")
|
||||
}
|
||||
if len(host) == 0 {
|
||||
cookieBase = ""
|
||||
} else {
|
||||
port := r.Header.Get("X-Forwarded-Port")
|
||||
if len(port) > 0 {
|
||||
host = host + ":" + port
|
||||
}
|
||||
cookieBase = scheme + "://" + host + "/"
|
||||
}
|
||||
}
|
||||
|
||||
if len(cookieBase) > 0 {
|
||||
cookieBaseURL, err := url.Parse(cookieBase)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
jar.SetCookies(cookieBaseURL, r.Cookies())
|
||||
}
|
||||
}
|
||||
return jar, nil
|
||||
}
|
||||
|
||||
func handleProcessing(reqID string, rw http.ResponseWriter, r *http.Request) {
|
||||
ctx, timeoutCancel := context.WithTimeout(r.Context(), time.Duration(config.WriteTimeout)*time.Second)
|
||||
defer timeoutCancel()
|
||||
@@ -220,11 +177,6 @@ func handleProcessing(reqID string, rw http.ResponseWriter, r *http.Request) {
|
||||
panic(ierrors.New(404, fmt.Sprintf("Source URL is not allowed: %s", imageURL), "Invalid source"))
|
||||
}
|
||||
|
||||
jar, err := cookieJarFromRequest(r)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
// SVG is a special case. Though saving to svg is not supported, SVG->SVG is.
|
||||
if !vips.SupportsSave(po.Format) && po.Format != imagetype.Unknown && po.Format != imagetype.SVG {
|
||||
panic(ierrors.New(
|
||||
@@ -263,7 +215,16 @@ func handleProcessing(reqID string, rw http.ResponseWriter, r *http.Request) {
|
||||
|
||||
originData, err := func() (*imagedata.ImageData, error) {
|
||||
defer metrics.StartDownloadingSegment(ctx)()
|
||||
return imagedata.Download(imageURL, "source image", imgRequestHeader, jar)
|
||||
|
||||
var cookieJar *cookiejar.Jar
|
||||
|
||||
if config.CookiePassthrough {
|
||||
if cookieJar, err = cookies.JarFromRequest(r); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
return imagedata.Download(imageURL, "source image", imgRequestHeader, cookieJar)
|
||||
}()
|
||||
|
||||
if err == nil {
|
||||
|
||||
Reference in New Issue
Block a user