akkoma/lib/pleroma/web/media_proxy/media_proxy.ex

119 lines
3 KiB
Elixir
Raw Normal View History

# Pleroma: A lightweight social networking server
2020-03-03 22:44:49 +00:00
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
2017-11-22 18:06:07 +00:00
defmodule Pleroma.Web.MediaProxy do
2019-07-14 21:01:32 +00:00
alias Pleroma.Config
2019-08-02 17:07:09 +00:00
alias Pleroma.Upload
2019-07-14 21:01:32 +00:00
alias Pleroma.Web
2020-06-14 18:02:57 +00:00
alias Pleroma.Web.MediaProxy.Invalidation
2017-11-22 18:06:07 +00:00
2019-07-14 21:01:32 +00:00
@base64_opts [padding: false]
@spec in_banned_urls(String.t()) :: boolean()
def in_banned_urls(url), do: elem(Cachex.exists?(:banned_urls_cache, url(url)), 1)
2020-06-14 18:02:57 +00:00
def remove_from_banned_urls(urls) when is_list(urls) do
Cachex.execute!(:banned_urls_cache, fn cache ->
2020-06-14 18:02:57 +00:00
Enum.each(Invalidation.prepare_urls(urls), &Cachex.del(cache, &1))
end)
end
def remove_from_banned_urls(url) when is_binary(url) do
Cachex.del(:banned_urls_cache, url(url))
2020-06-14 18:02:57 +00:00
end
def put_in_banned_urls(urls) when is_list(urls) do
Cachex.execute!(:banned_urls_cache, fn cache ->
2020-06-14 18:02:57 +00:00
Enum.each(Invalidation.prepare_urls(urls), &Cachex.put(cache, &1, true))
end)
end
def put_in_banned_urls(url) when is_binary(url) do
Cachex.put(:banned_urls_cache, url(url), true)
2020-06-14 18:02:57 +00:00
end
2019-07-14 21:01:32 +00:00
def url(url) when is_nil(url) or url == "", do: nil
2019-02-03 17:44:18 +00:00
def url("/" <> _ = url), do: url
2017-11-22 18:06:07 +00:00
def url(url) do
if disabled?() or not url_proxiable?(url) do
2019-05-30 08:33:58 +00:00
url
else
encode_url(url)
end
end
2018-03-30 13:01:53 +00:00
@spec url_proxiable?(String.t()) :: boolean()
def url_proxiable?(url) do
2020-06-14 18:02:57 +00:00
if local?(url) or whitelisted?(url) do
false
else
true
end
end
2019-07-14 21:01:32 +00:00
defp disabled?, do: !Config.get([:media_proxy, :enabled], false)
2018-12-07 20:44:04 +00:00
2019-05-30 08:33:58 +00:00
defp local?(url), do: String.starts_with?(url, Pleroma.Web.base_url())
2019-05-30 08:33:58 +00:00
defp whitelisted?(url) do
%{host: domain} = URI.parse(url)
2019-08-02 17:07:09 +00:00
mediaproxy_whitelist = Config.get([:media_proxy, :whitelist])
upload_base_url_domain =
if !is_nil(Config.get([Upload, :base_url])) do
[URI.parse(Config.get([Upload, :base_url])).host]
else
[]
end
whitelist = mediaproxy_whitelist ++ upload_base_url_domain
Enum.any?(whitelist, fn pattern ->
2019-05-30 08:33:58 +00:00
String.equivalent?(domain, pattern)
end)
2017-11-22 18:06:07 +00:00
end
2019-04-25 23:11:47 +00:00
def encode_url(url) do
base64 = Base.url_encode64(url, @base64_opts)
2019-07-14 21:01:32 +00:00
sig64 =
base64
|> signed_url
|> Base.url_encode64(@base64_opts)
2019-04-25 23:11:47 +00:00
build_url(sig64, base64, filename(url))
end
2017-11-22 18:06:07 +00:00
def decode_url(sig, url) do
2019-07-14 21:01:32 +00:00
with {:ok, sig} <- Base.url_decode64(sig, @base64_opts),
signature when signature == sig <- signed_url(url) do
2017-11-22 18:06:07 +00:00
{:ok, Base.url_decode64!(url, @base64_opts)}
else
2019-07-14 21:01:32 +00:00
_ -> {:error, :invalid_signature}
2017-11-22 18:06:07 +00:00
end
end
2018-11-23 16:40:45 +00:00
2019-07-14 21:01:32 +00:00
defp signed_url(url) do
:crypto.hmac(:sha, Config.get([Web.Endpoint, :secret_key_base]), url)
end
2018-11-23 16:40:45 +00:00
def filename(url_or_path) do
if path = URI.parse(url_or_path).path, do: Path.basename(path)
end
def build_url(sig_base64, url_base64, filename \\ nil) do
[
2020-07-09 15:53:51 +00:00
Config.get([:media_proxy, :base_url], Web.base_url()),
2018-11-23 16:40:45 +00:00
"proxy",
sig_base64,
url_base64,
filename
]
2019-07-14 21:01:32 +00:00
|> Enum.filter(& &1)
2018-11-23 16:40:45 +00:00
|> Path.join()
end
2017-11-22 18:06:07 +00:00
end