diff options
| -rw-r--r-- | README.md | 3 | ||||
| -rw-r--r-- | installation/pleroma.service | 1 | ||||
| -rw-r--r-- | lib/pleroma/web/endpoint.ex | 7 | ||||
| -rw-r--r-- | lib/pleroma/web/media_proxy/controller.ex | 44 | ||||
| -rw-r--r-- | lib/pleroma/web/media_proxy/media_proxy.ex | 5 | ||||
| -rw-r--r-- | lib/pleroma/web/router.ex | 2 |
6 files changed, 55 insertions, 7 deletions
@@ -8,7 +8,7 @@ Pleroma is written in Elixir, high-performance and can run on small devices like For clients it supports both the [GNU Social API with Qvitter extensions](https://twitter-api.readthedocs.io/en/latest/index.html) and the [Mastodon client API](https://github.com/tootsuite/documentation/blob/master/Using-the-API/API.md). -Mobile clients that are known to work well: +Client applications that are known to work well: * Twidere * Tusky @@ -17,6 +17,7 @@ Mobile clients that are known to work well: * Amaroq (iOS) * Tootdon (Android + iOS) * Tootle (iOS) +* Whalebird (Windows + Mac + Linux) No release has been made yet, but several servers have been online for months already. If you want to run your own server, feel free to contact us at @lain@pleroma.soykaf.com or in our dev chat at #pleroma on freenode or via matrix at https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org. diff --git a/installation/pleroma.service b/installation/pleroma.service index 84747d952..6955e5cc6 100644 --- a/installation/pleroma.service +++ b/installation/pleroma.service @@ -6,6 +6,7 @@ After=network.target postgresql.service User=pleroma WorkingDirectory=/home/pleroma/pleroma Environment="HOME=/home/pleroma" +Environment="MIX_ENV=prod" ExecStart=/usr/local/bin/mix phx.server ExecReload=/bin/kill $MAINPID KillMode=process diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex index 7783b8e5c..85bb4ff5f 100644 --- a/lib/pleroma/web/endpoint.ex +++ b/lib/pleroma/web/endpoint.ex @@ -46,13 +46,18 @@ defmodule Pleroma.Web.Endpoint do plug(Plug.MethodOverride) plug(Plug.Head) + cookie_name = + if Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag), + do: "__Host-pleroma_key", + else: "pleroma_key" + # The session will be stored in the cookie and signed, # this means its contents can be read but not tampered with. # Set :encryption_salt if you would also like to encrypt it. plug( Plug.Session, store: :cookie, - key: "_pleroma_key", + key: cookie_name, signing_salt: "CqaoopA2", http_only: true, secure: diff --git a/lib/pleroma/web/media_proxy/controller.ex b/lib/pleroma/web/media_proxy/controller.ex index 8195a665e..10e6b4e52 100644 --- a/lib/pleroma/web/media_proxy/controller.ex +++ b/lib/pleroma/web/media_proxy/controller.ex @@ -11,15 +11,47 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do error: "public, must-revalidate, max-age=160" } - def remote(conn, %{"sig" => sig, "url" => url}) do + # Content-types that will not be returned as content-disposition attachments + # Override with :media_proxy, :safe_content_types in the configuration + @safe_content_types [ + "image/gif", + "image/jpeg", + "image/jpg", + "image/png", + "image/svg+xml", + "audio/mpeg", + "audio/mp3", + "video/webm", + "video/mp4" + ] + + def remote(conn, params = %{"sig" => sig, "url" => url}) do config = Application.get_env(:pleroma, :media_proxy, []) with true <- Keyword.get(config, :enabled, false), {:ok, url} <- Pleroma.Web.MediaProxy.decode_url(sig, url), - {:ok, content_type, body} <- proxy_request(url) do + filename <- Path.basename(url), + true <- + if(Map.get(params, "filename"), + do: filename == Path.basename(conn.request_path), + else: true + ), + {:ok, content_type, body} <- proxy_request(url), + safe_content_type <- + Enum.member?( + Keyword.get(config, :safe_content_types, @safe_content_types), + content_type + ) do conn |> put_resp_content_type(content_type) |> set_cache_header(:default) + |> put_resp_header( + "content-security-policy", + "default-src 'none'; style-src 'unsafe-inline'; media-src data:; img-src 'self' data:" + ) + |> put_resp_header("x-xss-protection", "1; mode=block") + |> put_resp_header("x-content-type-options", "nosniff") + |> put_attachement_header(safe_content_type, filename) |> send_resp(200, body) else false -> @@ -92,6 +124,12 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do # TODO: the body is passed here as well because some hosts do not provide a content-type. # At some point we may want to use magic numbers to discover the content-type and reply a proper one. defp proxy_request_content_type(headers, _body) do - headers["Content-Type"] || headers["content-type"] || "image/jpeg" + headers["Content-Type"] || headers["content-type"] || "application/octet-stream" + end + + defp put_attachement_header(conn, true, _), do: conn + + defp put_attachement_header(conn, false, filename) do + put_resp_header(conn, "content-disposition", "attachment; filename='#{filename}'") end end diff --git a/lib/pleroma/web/media_proxy/media_proxy.ex b/lib/pleroma/web/media_proxy/media_proxy.ex index 37718f48b..6819c0917 100644 --- a/lib/pleroma/web/media_proxy/media_proxy.ex +++ b/lib/pleroma/web/media_proxy/media_proxy.ex @@ -15,7 +15,10 @@ defmodule Pleroma.Web.MediaProxy do base64 = Base.url_encode64(url, @base64_opts) sig = :crypto.hmac(:sha, secret, base64) sig64 = sig |> Base.url_encode64(@base64_opts) - Keyword.get(config, :base_url, Pleroma.Web.base_url()) <> "/proxy/#{sig64}/#{base64}" + filename = Path.basename(url) + + Keyword.get(config, :base_url, Pleroma.Web.base_url()) <> + "/proxy/#{sig64}/#{base64}/#{filename}" end end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index 7384f054b..5e81db00b 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -379,12 +379,12 @@ defmodule Pleroma.Web.Router do end pipeline :remote_media do - plug(:accepts, ["html"]) end scope "/proxy/", Pleroma.Web.MediaProxy do pipe_through(:remote_media) get("/:sig/:url", MediaProxyController, :remote) + get("/:sig/:url/:filename", MediaProxyController, :remote) end scope "/", Fallback do |