Merge remote-tracking branch 'origin/develop' into matrixmatrix

author: Alex Gleason <alex@alexgleason.me> 2022-01-03 13:40:19 -0600
committer: Alex Gleason <alex@alexgleason.me> 2022-01-03 13:40:19 -0600
commit: 4081be0001332bac402faec7565807df088b0117 (patch)
tree: a5305404e9bb31b3613dbc9631d36f8827be81c2 /lib/pleroma/web/media_proxy
parent: d00f74e036735c1c238f661076f2925b39daa6ac (diff)
parent: a3094b64df344622f1bcb03091ef2ff4dce6da82 (diff)
download: pleroma-matrix.tar.gz
5 files changed, 203 insertions, 152 deletions
diff --git a/lib/pleroma/web/media_proxy/invalidation.ex b/lib/pleroma/web/media_proxy/invalidation.ex
index 5808861e6..cb2db5ce9 100644
--- a/lib/pleroma/web/media_proxy/invalidation.ex
+++ b/lib/pleroma/web/media_proxy/invalidation.ex
@@ -1,5 +1,5 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MediaProxy.Invalidation do
@@ -33,6 +33,8 @@ defmodule Pleroma.Web.MediaProxy.Invalidation do
   def prepare_urls(urls) do
     urls
     |> List.wrap()
-    |> Enum.map(&MediaProxy.url/1)
+    |> Enum.map(fn url -> [MediaProxy.url(url), MediaProxy.preview_url(url)] end)
+    |> List.flatten()
+    |> Enum.uniq()
   end
 end
diff --git a/lib/pleroma/web/media_proxy/invalidations/http.ex b/lib/pleroma/web/media_proxy/invalidation/http.ex
index bb81d8888..0b2a45518 100644
--- a/lib/pleroma/web/media_proxy/invalidations/http.ex
+++ b/lib/pleroma/web/media_proxy/invalidation/http.ex
@@ -1,5 +1,5 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MediaProxy.Invalidation.Http do
@@ -30,7 +30,7 @@ defmodule Pleroma.Web.MediaProxy.Invalidation.Http do
       {:ok, %{status: status} = env} when 400 <= status and status < 500 ->
         {:error, env}
 
-      {:error, error} = error ->
+      {:error, _} = error ->
         error
 
       _ ->
diff --git a/lib/pleroma/web/media_proxy/invalidations/script.ex b/lib/pleroma/web/media_proxy/invalidation/script.ex
index d32ffc50b..87a21166c 100644
--- a/lib/pleroma/web/media_proxy/invalidations/script.ex
+++ b/lib/pleroma/web/media_proxy/invalidation/script.ex
@@ -1,5 +1,5 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MediaProxy.Invalidation.Script do
@@ -13,6 +13,7 @@ defmodule Pleroma.Web.MediaProxy.Invalidation.Script do
   def purge(urls, opts \\ []) do
     args =
       urls
+      |> maybe_format_urls(Keyword.get(opts, :url_format))
       |> List.wrap()
       |> Enum.uniq()
       |> Enum.join(" ")
@@ -40,4 +41,22 @@ defmodule Pleroma.Web.MediaProxy.Invalidation.Script do
     Logger.error("Error while cache purge: #{inspect(error)}")
     {:error, inspect(error)}
   end
+
+  def maybe_format_urls(urls, :htcacheclean) do
+    urls
+    |> Enum.map(fn url ->
+      uri = URI.parse(url)
+
+      query =
+        if !is_nil(uri.query) do
+          "?" <> uri.query
+        else
+          "?"
+        end
+
+      uri.scheme <> "://" <> uri.host <> ":#{inspect(uri.port)}" <> uri.path <> query
+    end)
+  end
+
+  def maybe_format_urls(urls, _), do: urls
 end
diff --git a/lib/pleroma/web/media_proxy/media_proxy.ex b/lib/pleroma/web/media_proxy/media_proxy.ex
deleted file mode 100644
index e18dd8224..000000000
--- a/lib/pleroma/web/media_proxy/media_proxy.ex
+++ /dev/null
@@ -1,127 +0,0 @@
-# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
-# SPDX-License-Identifier: AGPL-3.0-only
-
-defmodule Pleroma.Web.MediaProxy do
-  alias Pleroma.Config
-  alias Pleroma.Upload
-  alias Pleroma.Web
-  alias Pleroma.Web.MediaProxy.Invalidation
-
-  @base64_opts [padding: false]
-  @cache_table :banned_urls_cache
-
-  def cache_table, do: @cache_table
-
-  @spec in_banned_urls(String.t()) :: boolean()
-  def in_banned_urls(url), do: elem(Cachex.exists?(@cache_table, url(url)), 1)
-
-  def remove_from_banned_urls(urls) when is_list(urls) do
-    Cachex.execute!(@cache_table, fn cache ->
-      Enum.each(Invalidation.prepare_urls(urls), &Cachex.del(cache, &1))
-    end)
-  end
-
-  def remove_from_banned_urls(url) when is_binary(url) do
-    Cachex.del(@cache_table, url(url))
-  end
-
-  def put_in_banned_urls(urls) when is_list(urls) do
-    Cachex.execute!(@cache_table, fn cache ->
-      Enum.each(Invalidation.prepare_urls(urls), &Cachex.put(cache, &1, true))
-    end)
-  end
-
-  def put_in_banned_urls(url) when is_binary(url) do
-    Cachex.put(@cache_table, url(url), true)
-  end
-
-  def url(url) when is_nil(url) or url == "", do: nil
-  def url("/" <> _ = url), do: url
-
-  def url(url) do
-    if disabled?() or not url_proxiable?(url) do
-      url
-    else
-      encode_url(url)
-    end
-  end
-
-  @spec url_proxiable?(String.t()) :: boolean()
-  def url_proxiable?(url) do
-    if local?(url) or whitelisted?(url) do
-      false
-    else
-      true
-    end
-  end
-
-  defp disabled?, do: !Config.get([:media_proxy, :enabled], false)
-
-  defp local?(url), do: String.starts_with?(url, Pleroma.Web.base_url())
-
-  defp whitelisted?(url) do
-    %{host: domain} = URI.parse(url)
-
-    mediaproxy_whitelist_domains =
-      [:media_proxy, :whitelist]
-      |> Config.get()
-      |> Enum.map(&maybe_get_domain_from_url/1)
-
-    whitelist_domains =
-      if base_url = Config.get([Upload, :base_url]) do
-        %{host: base_domain} = URI.parse(base_url)
-        [base_domain | mediaproxy_whitelist_domains]
-      else
-        mediaproxy_whitelist_domains
-      end
-
-    domain in whitelist_domains
-  end
-
-  defp maybe_get_domain_from_url("http" <> _ = url) do
-    URI.parse(url).host
-  end
-
-  defp maybe_get_domain_from_url(domain), do: domain
-
-  def encode_url(url) do
-    base64 = Base.url_encode64(url, @base64_opts)
-
-    sig64 =
-      base64
-      |> signed_url
-      |> Base.url_encode64(@base64_opts)
-
-    build_url(sig64, base64, filename(url))
-  end
-
-  def decode_url(sig, url) do
-    with {:ok, sig} <- Base.url_decode64(sig, @base64_opts),
-         signature when signature == sig <- signed_url(url) do
-      {:ok, Base.url_decode64!(url, @base64_opts)}
-    else
-      _ -> {:error, :invalid_signature}
-    end
-  end
-
-  defp signed_url(url) do
-    :crypto.hmac(:sha, Config.get([Web.Endpoint, :secret_key_base]), url)
-  end
-
-  def filename(url_or_path) do
-    if path = URI.parse(url_or_path).path, do: Path.basename(path)
-  end
-
-  def build_url(sig_base64, url_base64, filename \\ nil) do
-    [
-      Config.get([:media_proxy, :base_url], Web.base_url()),
-      "proxy",
-      sig_base64,
-      url_base64,
-      filename
-    ]
-    |> Enum.filter(& &1)
-    |> Path.join()
-  end
-end
diff --git a/lib/pleroma/web/media_proxy/media_proxy_controller.ex b/lib/pleroma/web/media_proxy/media_proxy_controller.ex
index 9a64b0ef3..c74eaaf93 100644
--- a/lib/pleroma/web/media_proxy/media_proxy_controller.ex
+++ b/lib/pleroma/web/media_proxy/media_proxy_controller.ex
@@ -1,48 +1,205 @@
 # Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
 # SPDX-License-Identifier: AGPL-3.0-only
 
 defmodule Pleroma.Web.MediaProxy.MediaProxyController do
   use Pleroma.Web, :controller
 
+  alias Pleroma.Config
+  alias Pleroma.Helpers.MediaHelper
+  alias Pleroma.Helpers.UriHelper
   alias Pleroma.ReverseProxy
   alias Pleroma.Web.MediaProxy
+  alias Plug.Conn
 
-  @default_proxy_opts [max_body_length: 25 * 1_048_576, http: [follow_redirect: true]]
-
-  def remote(conn, %{"sig" => sig64, "url" => url64} = params) do
-    with config <- Pleroma.Config.get([:media_proxy], []),
-         true <- Keyword.get(config, :enabled, false),
+  def remote(conn, %{"sig" => sig64, "url" => url64}) do
+    with {_, true} <- {:enabled, MediaProxy.enabled?()},
          {:ok, url} <- MediaProxy.decode_url(sig64, url64),
          {_, false} <- {:in_banned_urls, MediaProxy.in_banned_urls(url)},
-         :ok <- filename_matches(params, conn.request_path, url) do
-      ReverseProxy.call(conn, url, Keyword.get(config, :proxy_opts, @default_proxy_opts))
+         :ok <- MediaProxy.verify_request_path_and_url(conn, url) do
+      ReverseProxy.call(conn, url, media_proxy_opts())
     else
-      error when error in [false, {:in_banned_urls, true}] ->
-        send_resp(conn, 404, Plug.Conn.Status.reason_phrase(404))
+      {:enabled, false} ->
+        send_resp(conn, 404, Conn.Status.reason_phrase(404))
+
+      {:in_banned_urls, true} ->
+        send_resp(conn, 404, Conn.Status.reason_phrase(404))
 
       {:error, :invalid_signature} ->
-        send_resp(conn, 403, Plug.Conn.Status.reason_phrase(403))
+        send_resp(conn, 403, Conn.Status.reason_phrase(403))
 
       {:wrong_filename, filename} ->
         redirect(conn, external: MediaProxy.build_url(sig64, url64, filename))
     end
   end
 
-  def filename_matches(%{"filename" => _} = _, path, url) do
-    filename = MediaProxy.filename(url)
+  def preview(%Conn{} = conn, %{"sig" => sig64, "url" => url64}) do
+    with {_, true} <- {:enabled, MediaProxy.preview_enabled?()},
+         {:ok, url} <- MediaProxy.decode_url(sig64, url64),
+         :ok <- MediaProxy.verify_request_path_and_url(conn, url) do
+      handle_preview(conn, url)
+    else
+      {:enabled, false} ->
+        send_resp(conn, 404, Conn.Status.reason_phrase(404))
+
+      {:error, :invalid_signature} ->
+        send_resp(conn, 403, Conn.Status.reason_phrase(403))
+
+      {:wrong_filename, filename} ->
+        redirect(conn, external: MediaProxy.build_preview_url(sig64, url64, filename))
+    end
+  end
+
+  defp handle_preview(conn, url) do
+    media_proxy_url = MediaProxy.url(url)
+
+    with {:ok, %{status: status} = head_response} when status in 200..299 <-
+           Pleroma.HTTP.request("head", media_proxy_url, [], [], pool: :media) do
+      content_type = Tesla.get_header(head_response, "content-type")
+      content_length = Tesla.get_header(head_response, "content-length")
+      content_length = content_length && String.to_integer(content_length)
+      static = conn.params["static"] in ["true", true]
+
+      cond do
+        static and content_type == "image/gif" ->
+          handle_jpeg_preview(conn, media_proxy_url)
+
+        static ->
+          drop_static_param_and_redirect(conn)
+
+        content_type == "image/gif" ->
+          redirect(conn, external: media_proxy_url)
+
+        min_content_length_for_preview() > 0 and content_length > 0 and
+            content_length < min_content_length_for_preview() ->
+          redirect(conn, external: media_proxy_url)
+
+        true ->
+          handle_preview(content_type, conn, media_proxy_url)
+      end
+    else
+      # If HEAD failed, redirecting to media proxy URI doesn't make much sense; returning an error
+      {_, %{status: status}} ->
+        send_resp(conn, :failed_dependency, "Can't fetch HTTP headers (HTTP #{status}).")
+
+      {:error, :recv_response_timeout} ->
+        send_resp(conn, :failed_dependency, "HEAD request timeout.")
+
+      _ ->
+        send_resp(conn, :failed_dependency, "Can't fetch HTTP headers.")
+    end
+  end
+
+  defp handle_preview("image/png" <> _ = _content_type, conn, media_proxy_url) do
+    handle_png_preview(conn, media_proxy_url)
+  end
+
+  defp handle_preview("image/" <> _ = _content_type, conn, media_proxy_url) do
+    handle_jpeg_preview(conn, media_proxy_url)
+  end
+
+  defp handle_preview("video/" <> _ = _content_type, conn, media_proxy_url) do
+    handle_video_preview(conn, media_proxy_url)
+  end
+
+  defp handle_preview(_unsupported_content_type, conn, media_proxy_url) do
+    fallback_on_preview_error(conn, media_proxy_url)
+  end
+
+  defp handle_png_preview(conn, media_proxy_url) do
+    quality = Config.get!([:media_preview_proxy, :image_quality])
+    {thumbnail_max_width, thumbnail_max_height} = thumbnail_max_dimensions()
+
+    with {:ok, thumbnail_binary} <-
+           MediaHelper.image_resize(
+             media_proxy_url,
+             %{
+               max_width: thumbnail_max_width,
+               max_height: thumbnail_max_height,
+               quality: quality,
+               format: "png"
+             }
+           ) do
+      conn
+      |> put_preview_response_headers(["image/png", "preview.png"])
+      |> send_resp(200, thumbnail_binary)
+    else
+      _ ->
+        fallback_on_preview_error(conn, media_proxy_url)
+    end
+  end
+
+  defp handle_jpeg_preview(conn, media_proxy_url) do
+    quality = Config.get!([:media_preview_proxy, :image_quality])
+    {thumbnail_max_width, thumbnail_max_height} = thumbnail_max_dimensions()
 
-    if filename && does_not_match(path, filename) do
-      {:wrong_filename, filename}
+    with {:ok, thumbnail_binary} <-
+           MediaHelper.image_resize(
+             media_proxy_url,
+             %{max_width: thumbnail_max_width, max_height: thumbnail_max_height, quality: quality}
+           ) do
+      conn
+      |> put_preview_response_headers()
+      |> send_resp(200, thumbnail_binary)
     else
-      :ok
+      _ ->
+        fallback_on_preview_error(conn, media_proxy_url)
     end
   end
 
-  def filename_matches(_, _, _), do: :ok
+  defp handle_video_preview(conn, media_proxy_url) do
+    with {:ok, thumbnail_binary} <-
+           MediaHelper.video_framegrab(media_proxy_url) do
+      conn
+      |> put_preview_response_headers()
+      |> send_resp(200, thumbnail_binary)
+    else
+      _ ->
+        fallback_on_preview_error(conn, media_proxy_url)
+    end
+  end
+
+  defp drop_static_param_and_redirect(conn) do
+    uri_without_static_param =
+      conn
+      |> current_url()
+      |> UriHelper.modify_uri_params(%{}, ["static"])
+
+    redirect(conn, external: uri_without_static_param)
+  end
+
+  defp fallback_on_preview_error(conn, media_proxy_url) do
+    redirect(conn, external: media_proxy_url)
+  end
+
+  defp put_preview_response_headers(
+         conn,
+         [content_type, filename] = _content_info \\ ["image/jpeg", "preview.jpg"]
+       ) do
+    conn
+    |> put_resp_header("content-type", content_type)
+    |> put_resp_header("content-disposition", "inline; filename=\"#{filename}\"")
+    |> put_resp_header("cache-control", ReverseProxy.default_cache_control_header())
+  end
+
+  defp thumbnail_max_dimensions do
+    config = media_preview_proxy_config()
+
+    thumbnail_max_width = Keyword.fetch!(config, :thumbnail_max_width)
+    thumbnail_max_height = Keyword.fetch!(config, :thumbnail_max_height)
+
+    {thumbnail_max_width, thumbnail_max_height}
+  end
+
+  defp min_content_length_for_preview do
+    Keyword.get(media_preview_proxy_config(), :min_content_length, 0)
+  end
+
+  defp media_preview_proxy_config do
+    Config.get!([:media_preview_proxy])
+  end
 
-  defp does_not_match(path, filename) do
-    basename = Path.basename(path)
-    basename != filename and URI.decode(basename) != filename and URI.encode(basename) != filename
+  defp media_proxy_opts do
+    Config.get([:media_proxy, :proxy_opts], [])
   end
 end
author	Alex Gleason <alex@alexgleason.me>	2022-01-03 13:40:19 -0600
committer	Alex Gleason <alex@alexgleason.me>	2022-01-03 13:40:19 -0600
commit	4081be0001332bac402faec7565807df088b0117 (patch)
tree	a5305404e9bb31b3613dbc9631d36f8827be81c2 /lib/pleroma/web/media_proxy
parent	d00f74e036735c1c238f661076f2925b39daa6ac (diff)
parent	a3094b64df344622f1bcb03091ef2ff4dce6da82 (diff)
download	pleroma-matrix.tar.gz