36 lines
1.1 KiB
Elixir
Raw Normal View History

# Pleroma: A lightweight social networking server
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Mobilizon.Web.MediaProxyController do
use Mobilizon.Web, :controller
alias Mobilizon.Config
alias Mobilizon.Web.{MediaProxy, ReverseProxy}
alias Plug.Conn
# sobelow_skip ["XSS.SendResp"]
@spec remote(Plug.Conn.t(), map()) :: Plug.Conn.t()
def remote(conn, %{"sig" => sig64, "url" => url64}) do
with {_, true} <- {:enabled, MediaProxy.enabled?()},
{:ok, url} <- MediaProxy.decode_url(sig64, url64),
:ok <- MediaProxy.verify_request_path_and_url(conn, url) do
ReverseProxy.call(conn, url, media_proxy_opts())
else
{:enabled, false} ->
send_resp(conn, 404, Conn.Status.reason_phrase(404))
{:error, :invalid_signature} ->
send_resp(conn, 403, Conn.Status.reason_phrase(403))
{:wrong_filename, filename} ->
redirect(conn, external: MediaProxy.build_url(sig64, url64, filename))
end
end
@spec media_proxy_opts :: Keyword.t()
defp media_proxy_opts do
Config.get([:media_proxy, :proxy_opts], [])
end
end