28 commits

Author	SHA1	Message	Date
Oneric	11ae8344eb	Sanitise Content-Type of media proxy URLs ... Just as with uploads and emoji before, this can otherwise be used to place counterfeit AP objects or other malicious payloads. In this case, even if we never assign a priviliged type to content, the remote server can and until now we just mimcked whatever it told us. Preview URLs already handle only specific, safe content types and redirect to the external host for all else; thus no additional sanitisiation is needed for them. Non-previews are all delegated to the modified ReverseProxy module. It already has consolidated logic for building response headers making it easy to slip in sanitisation. Although proxy urls are prefixed by a MAC built from a server secret, attackers can still achieve a perfect id match when they are able to change the contents of the pointed to URL. After sending an posts containing an attachment at a controlled destination, the proxy URL can be read back and inserted into the payload. After injection of counterfeits in the target server the content can again be changed to something innocuous lessening chance of detection.	2024-03-18 22:33:10 -01:00
Rohan Kumar	36f4f18aa5	Add more image mimetypes to reverse proxy ... Add JPEG-XL, AVIF, and WebP support to the reverse proxy. All three are supported in WebKit browsers; the latter two are supported in Gecko and Blink.	2023-11-01 17:47:52 -07:00
FloatingGhost	9d83a1e23f	Add csp	2023-05-26 11:41:22 +01:00
floatingghost	405406601f	Fix emoji qualification (#124) ... Reviewed-on: #124	2022-07-28 12:02:36 +00:00
floatingghost	364b6969eb	Use finch everywhere (#33) ... Reviewed-on: #33	2022-07-04 16:30:38 +00:00
Alex Gleason	1c3fe43d23	ReverseProxy: create Client.Wrapper to call client from config ... Speeds up recompilation by reducing compile-time cycles	2021-06-04 21:12:24 -05:00
Alex Gleason	1dc5794e29	Never forward the client's user-agent through the media proxy	2021-03-01 21:05:46 +01:00
Haelwenn (lanodan) Monnier	c4439c630f	Bump Copyright to 2021 ... grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'	2021-01-13 07:49:50 +01:00
lain	713612c377	Cachex: Make caching provider switchable at runtime. ... Defaults to Cachex.	2020-12-18 17:44:46 +01:00
Alexander Strizhakov	0374df1d12	other files consistency	2020-10-13 16:38:19 +03:00
Alexander Strizhakov	4e6e5d8042	reverse proxy tests	2019-07-09 16:54:13 +00:00
Alexander Strizhakov	c2ca1f22a2	it is changed in compile time ... we can't change module attributes and endpoint settings in runtime	2019-06-14 15:45:05 +00:00
William Pitcock	52e09807d4	reverse proxy: clean up some @hackney leftovers	2019-06-02 09:09:58 +00:00
Egor Kislitsyn	99f70c7e20	Use Pleroma.Config everywhere	2019-05-30 15:33:58 +07:00
William Pitcock	9bec891eb4	kill @httpoison	2019-05-25 04:24:21 +00:00
rinpatch	d02f1120f9	Content-Disposition regex improvements	2019-03-15 08:29:51 +03:00
rinpatch	958227d556	MediaProxy: parse filename from content-disposition for non-whitelisted types	2019-03-15 01:36:29 +03:00
Haelwenn (lanodan) Monnier	c42d34b2ec	[Credo] fix Credo.Check.Readability.MaxLineLength	2019-03-13 04:26:56 +01:00
href	99763999c1	reverse_proxy - always override plug's cache-control	2019-01-21 15:17:24 +01:00
William Pitcock	980b5288ed	update copyright years to 2019	2018-12-31 15:41:47 +00:00
William Pitcock	2791ce9a1f	add license boilerplate to pleroma core	2018-12-23 20:56:42 +00:00
Maksim Pechnikov	074fa790ba	fix compile warnings	2018-12-09 20:50:08 +03:00
Hakaba Hitoyo	96ba95df2e	remove follow_redirect options	2018-12-06 11:38:33 +09:00
href	8e0e20631c	Reverse proxy: default max read duration at 30 secs.	2018-11-30 19:12:03 +01:00
href	02d3dc6869	Uploads fun, part. 2	2018-11-30 18:02:37 +01:00
href	97b00d366f	reverse_proxy: more headers	2018-11-30 18:00:57 +01:00
href	a2640c8088	Parse correctly content-type & do not forward content-length	2018-11-30 18:00:57 +01:00
href	b19597f602	reverse proxy / uploads	2018-11-30 18:00:47 +01:00