From 5f35fdcf5d7bc0dc6054eda06d565268f9e79b33 Mon Sep 17 00:00:00 2001 From: href Date: Wed, 22 Nov 2017 19:06:07 +0100 Subject: [PATCH 1/7] media proxy: good enough wip --- .../web/mastodon_api/views/account_view.ex | 5 +- .../web/mastodon_api/views/status_view.ex | 5 +- lib/pleroma/web/media_proxy/controller.ex | 49 +++++++++++++++++++ lib/pleroma/web/media_proxy/media_proxy.ex | 33 +++++++++++++ lib/pleroma/web/router.ex | 8 +++ .../representers/object_representer.ex | 2 +- .../web/twitter_api/views/user_view.ex | 7 +-- 7 files changed, 101 insertions(+), 8 deletions(-) create mode 100644 lib/pleroma/web/media_proxy/controller.ex create mode 100644 lib/pleroma/web/media_proxy/media_proxy.ex diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex index 02f1e60bb..1d5918988 100644 --- a/lib/pleroma/web/mastodon_api/views/account_view.ex +++ b/lib/pleroma/web/mastodon_api/views/account_view.ex @@ -3,6 +3,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do alias Pleroma.User alias Pleroma.Web.MastodonAPI.AccountView alias Pleroma.Web.CommonAPI.Utils + alias Pleroma.Web.MediaProxy defp image_url(%{"url" => [ %{ "href" => href } | _ ]}), do: href defp image_url(_), do: nil @@ -12,10 +13,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do end def render("account.json", %{user: user}) do - image = User.avatar_url(user) + image = User.avatar_url(user) |> MediaProxy.url() user_info = User.user_info(user) - header = image_url(user.info["banner"]) || "https://placehold.it/700x335" + header = (image_url(user.info["banner"]) || "https://placehold.it/700x335") |> MediaProxy.url() %{ id: to_string(user.id), diff --git a/lib/pleroma/web/mastodon_api/views/status_view.ex b/lib/pleroma/web/mastodon_api/views/status_view.ex index 5585a5605..64f315597 100644 --- a/lib/pleroma/web/mastodon_api/views/status_view.ex +++ b/lib/pleroma/web/mastodon_api/views/status_view.ex @@ -3,6 +3,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do alias Pleroma.Web.MastodonAPI.{AccountView, StatusView} alias Pleroma.{User, Activity} alias Pleroma.Web.CommonAPI.Utils + alias Pleroma.Web.MediaProxy def render("index.json", opts) do render_many(opts.activities, StatusView, "status.json", opts) @@ -121,9 +122,9 @@ defmodule Pleroma.Web.MastodonAPI.StatusView do %{ id: to_string(attachment["id"] || hash_id), - url: href, + url: MediaProxy.url(href), remote_url: href, - preview_url: href, + preview_url: MediaProxy.url(href), text_url: href, type: type } diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex new file mode 100644 index 000000000..84c6e9c8b --- /dev/null +++ b/lib/pleroma/web/media_proxy/controller.ex @@ -0,0 +1,49 @@ +defmodule Pleroma.Web.MediaProxy.MediaProxyController do + use Pleroma.Web, :controller + require Logger + + def remote(conn, %{"sig" => sig, "url" => url}) do + {:ok, url} = Pleroma.MediaProxy.decode_url(sig, url) + url = url |> URI.encode() + case proxy_request(url) do + {:ok, content_type, body} -> + conn + |> put_resp_content_type(content_type) + |> set_cache_header(:default) + |> send_resp(200, body) + other -> + conn + |> set_cache_header(:error) + |> redirect(external: url) + end + end + + defp proxy_request(link) do + instance = ) + headers = [{"user-agent", "Pleroma/MediaProxy; #{Pleroma.Web.base_url()} <#{Application.get_env(:pleroma, :instance)[:email]}>"}] + options = [:insecure, {:follow_redirect, true}] + case :hackney.request(:get, link, headers, "", options) do + {:ok, 200, headers, client} -> + headers = Enum.into(headers, Map.new) + {:ok, body} = :hackney.body(client) + {:ok, headers["Content-Type"], body} + {:ok, status, _, _} -> + Logger.warn "MediaProxy: request failed, status #{status}, link: #{link}" + {:error, :bad_status} + {:error, error} -> + Logger.warn "MediaProxy: request failed, error #{inspect error}, link: #{link}" + {:error, error} + end + end + + @cache_control %{ + default: "public, max-age=1209600", + error: "public, must-revalidate, max-age=160", + } + + defp set_cache_header(conn, true), do: set_cache_header(conn, :default) + defp set_cache_header(conn, false), do: set_cache_header(conn, :error) + defp set_cache_header(conn, key) when is_atom(key), do: set_cache_header(conn, @cache_control[key]) + defp set_cache_header(conn, value) when is_binary(value), do: Plug.Conn.put_resp_header(conn, "cache-control", value) + +end diff --git a/lib/pleroma/web/media_proxy/media_proxy.ex b/lib/pleroma/web/media_proxy/media_proxy.ex new file mode 100644 index 000000000..9c1d71748 --- /dev/null +++ b/lib/pleroma/web/media_proxy/media_proxy.ex @@ -0,0 +1,33 @@ +defmodule Pleroma.Web.MediaProxy do + @base64_opts [padding: false] + @base64_key Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base] + + def url(nil), do: nil + + def url(url) do + if String.starts_with?(url, Pleroma.Web.base_url) do + url + else + base64 = Base.url_encode64(url, @base64_opts) + sig = :crypto.hmac(:sha, @base64_key, base64) + sig64 = sig |> Base.url_encode64(@base64_opts) + cache_url("#{sig64}/#{base64}") + end + end + + def decode_url(sig, url) do + sig = Base.url_decode64!(sig, @base64_opts) + local_sig = :crypto.hmac(:sha, @base64_key, url) + if local_sig == sig do + {:ok, Base.url_decode64!(url, @base64_opts)} + else + {:error, :invalid_signature} + end + end + + defp cache_url(path) do + "/proxy/" <> path + end + + +end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 6806e8a75..799021c24 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -233,6 +233,14 @@ defmodule Pleroma.Web.Router do delete "/auth/sign_out", MastodonAPIController, :logout end + pipeline :remote_media do + plug :accepts, ["html"] + end + scope "/proxy/", Pleroma.Web.MediaProxy do + pipe_through :remote_media + get "/:sig/:url", MediaProxyController, :remote + end + scope "/", Fallback do get "/*path", RedirectController, :redirector end diff --git a/lib/pleroma/web/twitter_api/representers/object_representer.ex b/lib/pleroma/web/twitter_api/representers/object_representer.ex index c39b60760..69eaeb36c 100644 --- a/lib/pleroma/web/twitter_api/representers/object_representer.ex +++ b/lib/pleroma/web/twitter_api/representers/object_representer.ex @@ -6,7 +6,7 @@ defmodule Pleroma.Web.TwitterAPI.Representers.ObjectRepresenter do data = object.data url = List.first(data["url"]) %{ - url: url["href"], + url: url["href"] |> Pleroma.Web.MediaProxy.url(), mimetype: url["mediaType"], id: data["uuid"], oembed: false diff --git a/lib/pleroma/web/twitter_api/views/user_view.ex b/lib/pleroma/web/twitter_api/views/user_view.ex index 3dc18eff8..eeef1c037 100644 --- a/lib/pleroma/web/twitter_api/views/user_view.ex +++ b/lib/pleroma/web/twitter_api/views/user_view.ex @@ -2,6 +2,7 @@ defmodule Pleroma.Web.TwitterAPI.UserView do use Pleroma.Web, :view alias Pleroma.User alias Pleroma.Web.CommonAPI.Utils + alias Pleroma.Web.MediaProxy def render("show.json", %{user: user = %User{}} = assigns) do render_one(user, Pleroma.Web.TwitterAPI.UserView, "user.json", assigns) @@ -12,7 +13,7 @@ defmodule Pleroma.Web.TwitterAPI.UserView do end def render("user.json", %{user: user = %User{}} = assigns) do - image = User.avatar_url(user) + image = User.avatar_url(user) |> MediaProxy.url() {following, follows_you, statusnet_blocking} = if assigns[:for] do { User.following?(assigns[:for], user), @@ -44,8 +45,8 @@ defmodule Pleroma.Web.TwitterAPI.UserView do "screen_name" => user.nickname, "statuses_count" => user_info[:note_count], "statusnet_profile_url" => user.ap_id, - "cover_photo" => image_url(user.info["banner"]), - "background_image" => image_url(user.info["background"]) + "cover_photo" => image_url(user.info["banner"]) |> MediaProxy.url(), + "background_image" => image_url(user.info["background"]) |> MediaProxy.url(), } end From e28c110eba5a4c8c5b4b3d2f552a8706db511c51 Mon Sep 17 00:00:00 2001 From: href Date: Wed, 22 Nov 2017 19:14:03 +0100 Subject: [PATCH 2/7] mandatory typo fix... --- lib/pleroma/web/media_proxy/controller.ex | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex index 84c6e9c8b..fece7cf45 100644 --- a/lib/pleroma/web/media_proxy/controller.ex +++ b/lib/pleroma/web/media_proxy/controller.ex @@ -3,7 +3,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do require Logger def remote(conn, %{"sig" => sig, "url" => url}) do - {:ok, url} = Pleroma.MediaProxy.decode_url(sig, url) + {:ok, url} = Pleroma.Web.MediaProxy.decode_url(sig, url) url = url |> URI.encode() case proxy_request(url) do {:ok, content_type, body} -> @@ -19,7 +19,6 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do end defp proxy_request(link) do - instance = ) headers = [{"user-agent", "Pleroma/MediaProxy; #{Pleroma.Web.base_url()} <#{Application.get_env(:pleroma, :instance)[:email]}>"}] options = [:insecure, {:follow_redirect, true}] case :hackney.request(:get, link, headers, "", options) do From 1cb5cbdc6c1cd065e90961a9d538cb72610ae481 Mon Sep 17 00:00:00 2001 From: href Date: Tue, 28 Nov 2017 21:44:25 +0100 Subject: [PATCH 3/7] Improve error handling, add configuration --- config/config.exs | 5 ++ lib/pleroma/web/media_proxy/controller.ex | 55 +++++++++++++--------- lib/pleroma/web/media_proxy/media_proxy.ex | 17 +++---- 3 files changed, 45 insertions(+), 32 deletions(-) diff --git a/config/config.exs b/config/config.exs index c4f89c40c..503ce8d64 100644 --- a/config/config.exs +++ b/config/config.exs @@ -47,6 +47,11 @@ config :pleroma, :instance, limit: 5000, registrations_open: true +config :pleroma, :media_proxy, + enabled: false, + redirect_on_failure: true + #base_url: "https://cache.pleroma.social" + # Import environment specific config. This must remain at the bottom # of this file so it overrides the configuration defined above. import_config "#{Mix.env}.exs" diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex index fece7cf45..dc122fc3a 100644 --- a/lib/pleroma/web/media_proxy/controller.ex +++ b/lib/pleroma/web/media_proxy/controller.ex @@ -2,19 +2,27 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do use Pleroma.Web, :controller require Logger + @cache_control %{ + default: "public, max-age=1209600", + error: "public, must-revalidate, max-age=160", + } + def remote(conn, %{"sig" => sig, "url" => url}) do - {:ok, url} = Pleroma.Web.MediaProxy.decode_url(sig, url) - url = url |> URI.encode() - case proxy_request(url) do - {:ok, content_type, body} -> - conn - |> put_resp_content_type(content_type) - |> set_cache_header(:default) - |> send_resp(200, body) - other -> - conn - |> set_cache_header(:error) - |> redirect(external: url) + config = Application.get_env(:pleroma, :media_proxy, []) + with \ + true <- Keyword.get(config, :enabled, false), + {:ok, url} <- Pleroma.Web.MediaProxy.decode_url(sig, url), + url = URI.encode(url), + {:ok, content_type, body} <- proxy_request(url) + do + conn + |> put_resp_content_type(content_type) + |> set_cache_header(:default) + |> send_resp(200, body) + else + false -> send_error(conn, 404) + {:error, :invalid_signature} -> send_error(conn, 403) + {:error, {:http, _, url}} -> redirect_or_error(conn, url, Keyword.get(config, :redirect_on_failure, true)) end end @@ -28,21 +36,24 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do {:ok, headers["Content-Type"], body} {:ok, status, _, _} -> Logger.warn "MediaProxy: request failed, status #{status}, link: #{link}" - {:error, :bad_status} + {:error, {:http, :bad_status, link}} {:error, error} -> Logger.warn "MediaProxy: request failed, error #{inspect error}, link: #{link}" - {:error, error} + {:error, {:http, error, link}} end end - @cache_control %{ - default: "public, max-age=1209600", - error: "public, must-revalidate, max-age=160", - } + defp set_cache_header(conn, key) do + Plug.Conn.put_resp_header(conn, "cache-control", @cache_control[key]) + end - defp set_cache_header(conn, true), do: set_cache_header(conn, :default) - defp set_cache_header(conn, false), do: set_cache_header(conn, :error) - defp set_cache_header(conn, key) when is_atom(key), do: set_cache_header(conn, @cache_control[key]) - defp set_cache_header(conn, value) when is_binary(value), do: Plug.Conn.put_resp_header(conn, "cache-control", value) + defp redirect_or_error(conn, url, true), do: redirect(conn, external: url) + defp redirect_or_error(conn, url, _), do: send_error(conn, 502, "Media proxy error: " <> url) + + defp send_error(conn, code, body \\ "") do + conn + |> set_cache_header(:error) + |> send_resp(code, body) + end end diff --git a/lib/pleroma/web/media_proxy/media_proxy.ex b/lib/pleroma/web/media_proxy/media_proxy.ex index 9c1d71748..21ebdfbbc 100644 --- a/lib/pleroma/web/media_proxy/media_proxy.ex +++ b/lib/pleroma/web/media_proxy/media_proxy.ex @@ -1,23 +1,25 @@ defmodule Pleroma.Web.MediaProxy do @base64_opts [padding: false] - @base64_key Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base] def url(nil), do: nil def url(url) do - if String.starts_with?(url, Pleroma.Web.base_url) do + config = Application.get_env(:pleroma, :media_proxy, []) + if !Keyword.get(config, :enabled, false) or String.starts_with?(url, Pleroma.Web.base_url) do url else + secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base] base64 = Base.url_encode64(url, @base64_opts) - sig = :crypto.hmac(:sha, @base64_key, base64) + sig = :crypto.hmac(:sha, secret, base64) sig64 = sig |> Base.url_encode64(@base64_opts) - cache_url("#{sig64}/#{base64}") + Keyword.get(config, :base_url, Pleroma.Web.base_url) <> "/proxy/#{sig64}/#{base64}" end end def decode_url(sig, url) do + secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base] sig = Base.url_decode64!(sig, @base64_opts) - local_sig = :crypto.hmac(:sha, @base64_key, url) + local_sig = :crypto.hmac(:sha, secret, url) if local_sig == sig do {:ok, Base.url_decode64!(url, @base64_opts)} else @@ -25,9 +27,4 @@ defmodule Pleroma.Web.MediaProxy do end end - defp cache_url(path) do - "/proxy/" <> path - end - - end From 077faaed8c81113ab7b365facecf7180a5fb0417 Mon Sep 17 00:00:00 2001 From: href Date: Mon, 11 Dec 2017 02:31:37 +0100 Subject: [PATCH 4/7] Limit body size to 25MB --- lib/pleroma/web/media_proxy/controller.ex | 28 +++++++++++++++++++---- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex index dc122fc3a..d6a1866bf 100644 --- a/lib/pleroma/web/media_proxy/controller.ex +++ b/lib/pleroma/web/media_proxy/controller.ex @@ -2,6 +2,8 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do use Pleroma.Web, :controller require Logger + @max_body_length 25 * 1048576 + @cache_control %{ default: "public, max-age=1209600", error: "public, must-revalidate, max-age=160", @@ -29,11 +31,13 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do defp proxy_request(link) do headers = [{"user-agent", "Pleroma/MediaProxy; #{Pleroma.Web.base_url()} <#{Application.get_env(:pleroma, :instance)[:email]}>"}] options = [:insecure, {:follow_redirect, true}] - case :hackney.request(:get, link, headers, "", options) do - {:ok, 200, headers, client} -> - headers = Enum.into(headers, Map.new) - {:ok, body} = :hackney.body(client) - {:ok, headers["Content-Type"], body} + with \ + {:ok, 200, headers, client} <- :hackney.request(:get, link, headers, "", options), + {:ok, body} <- proxy_request_body(client) + do + headers = Enum.into(headers, Map.new) + {:ok, headers["Content-Type"], body} + else {:ok, status, _, _} -> Logger.warn "MediaProxy: request failed, status #{status}, link: #{link}" {:error, {:http, :bad_status, link}} @@ -56,4 +60,18 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do |> send_resp(code, body) end + defp proxy_request_body(client), do: proxy_request_body(client, <<>>) + defp proxy_request_body(client, body) when byte_size(body) < @max_body_length do + case :hackney.stream_body(client) do + {:ok, data} -> proxy_request_body(client, <>) + :done -> {:ok, body} + {:error, reason} -> {:error, reason} + end + end + defp proxy_request_body(client, _) do + :hackney.close(client) + {:error, :body_too_large} + end + + end From d1806ec07f44b617769bc862048df30b8a3336da Mon Sep 17 00:00:00 2001 From: href Date: Mon, 11 Dec 2017 02:40:19 +0100 Subject: [PATCH 5/7] nginx sample config, quickly tested --- installation/pleroma.nginx | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index 1a6e1d56f..d882908e4 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -1,3 +1,6 @@ +proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g + inactive=720m use_temp_path=off; + server { listen 80; server_name example.tld; @@ -21,6 +24,13 @@ server { location / { proxy_pass http://localhost:4000; } + + location /proxy { + proxy_cache pleroma_media_cache; + proxy_cache_lock on; + proxy_pass http://localhost:4000; + } + include snippets/well-known.conf; -} \ No newline at end of file +} From 8e82547179e3e2dab3fde111f162d07e3fb98df7 Mon Sep 17 00:00:00 2001 From: href Date: Tue, 12 Dec 2017 11:45:55 +0100 Subject: [PATCH 6/7] fix content-type and fallback to image/jpeg --- lib/pleroma/web/media_proxy/controller.ex | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex index d6a1866bf..0ac70c9d8 100644 --- a/lib/pleroma/web/media_proxy/controller.ex +++ b/lib/pleroma/web/media_proxy/controller.ex @@ -33,10 +33,11 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do options = [:insecure, {:follow_redirect, true}] with \ {:ok, 200, headers, client} <- :hackney.request(:get, link, headers, "", options), - {:ok, body} <- proxy_request_body(client) + headers = Enum.into(headers, Map.new), + {:ok, body} <- proxy_request_body(client), + content_type <- proxy_request_content_type(headers, body) do - headers = Enum.into(headers, Map.new) - {:ok, headers["Content-Type"], body} + {:ok, content_type, body} else {:ok, status, _, _} -> Logger.warn "MediaProxy: request failed, status #{status}, link: #{link}" @@ -73,5 +74,10 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do {:error, :body_too_large} end + # TODO: the body is passed here as well because some hosts do not provide a content-type. + # At some point we may want to use magic numbers to discover the content-type and reply a proper one. + defp proxy_request_content_type(headers, _body) do + headers["Content-Type"] || headers["content-type"] || "image/jpeg" + end end From f909aec050498a366d8b0ed6c1b5439b5b0891f1 Mon Sep 17 00:00:00 2001 From: href Date: Tue, 12 Dec 2017 12:30:24 +0100 Subject: [PATCH 7/7] proxy emojis (i fix emojos better than gargon but sshhhhh) --- lib/pleroma/formatter.ex | 3 ++- lib/pleroma/web/media_proxy/media_proxy.ex | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/formatter.ex b/lib/pleroma/formatter.ex index c98db2d94..eed5b5786 100644 --- a/lib/pleroma/formatter.ex +++ b/lib/pleroma/formatter.ex @@ -1,5 +1,6 @@ defmodule Pleroma.Formatter do alias Pleroma.User + alias Pleroma.Web.MediaProxy @link_regex ~r/https?:\/\/[\w\.\/?=\-#%&@~\(\)]+[\w\/]/u def linkify(text) do @@ -125,7 +126,7 @@ defmodule Pleroma.Formatter do end Enum.reduce(all_emoji, text, fn ({emoji, file}, text) -> - String.replace(text, ":#{emoji}:", "#{emoji}") + String.replace(text, ":#{emoji}:", "#{emoji}") end) end diff --git a/lib/pleroma/web/media_proxy/media_proxy.ex b/lib/pleroma/web/media_proxy/media_proxy.ex index 21ebdfbbc..23efc18fa 100644 --- a/lib/pleroma/web/media_proxy/media_proxy.ex +++ b/lib/pleroma/web/media_proxy/media_proxy.ex @@ -3,6 +3,8 @@ defmodule Pleroma.Web.MediaProxy do def url(nil), do: nil + def url(url = "/" <> _), do: url + def url(url) do config = Application.get_env(:pleroma, :media_proxy, []) if !Keyword.get(config, :enabled, false) or String.starts_with?(url, Pleroma.Web.base_url) do