2017-11-20 00:10:04 -05:00
|
|
|
// Copyright 2017 Frédéric Guillot. All rights reserved.
|
|
|
|
// Use of this source code is governed by the Apache 2.0
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
2018-10-07 21:42:43 -04:00
|
|
|
package ui // import "miniflux.app/ui"
|
2017-11-20 00:10:04 -05:00
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/base64"
|
|
|
|
"errors"
|
2018-04-29 19:35:04 -04:00
|
|
|
"net/http"
|
2017-11-20 00:10:04 -05:00
|
|
|
"time"
|
2017-11-22 02:09:01 -05:00
|
|
|
|
2019-08-14 11:54:02 -04:00
|
|
|
"miniflux.app/config"
|
2018-08-25 00:51:50 -04:00
|
|
|
"miniflux.app/crypto"
|
|
|
|
"miniflux.app/http/request"
|
|
|
|
"miniflux.app/http/response"
|
|
|
|
"miniflux.app/http/response/html"
|
2019-09-22 14:17:15 -04:00
|
|
|
"miniflux.app/logger"
|
2017-11-20 00:10:04 -05:00
|
|
|
)
|
|
|
|
|
2018-11-11 14:28:29 -05:00
|
|
|
func (h *handler) imageProxy(w http.ResponseWriter, r *http.Request) {
|
2018-10-07 21:42:43 -04:00
|
|
|
// If we receive a "If-None-Match" header, we assume the image is already stored in browser cache.
|
2018-04-29 19:35:04 -04:00
|
|
|
if r.Header.Get("If-None-Match") != "" {
|
2018-10-07 21:42:43 -04:00
|
|
|
w.WriteHeader(http.StatusNotModified)
|
2017-11-22 02:09:01 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2018-09-24 00:02:26 -04:00
|
|
|
encodedURL := request.RouteStringParam(r, "encodedURL")
|
2017-11-20 00:10:04 -05:00
|
|
|
if encodedURL == "" {
|
2018-10-07 21:42:43 -04:00
|
|
|
html.BadRequest(w, r, errors.New("No URL provided"))
|
2017-11-20 00:10:04 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-12-18 21:06:53 -05:00
|
|
|
decodedURL, err := base64.URLEncoding.DecodeString(encodedURL)
|
2017-11-20 00:10:04 -05:00
|
|
|
if err != nil {
|
2018-10-07 21:42:43 -04:00
|
|
|
html.BadRequest(w, r, errors.New("Unable to decode this URL"))
|
2017-11-20 00:10:04 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-09-22 14:17:15 -04:00
|
|
|
imageURL := string(decodedURL)
|
|
|
|
logger.Debug(`[Proxy] Fetching %q`, imageURL)
|
|
|
|
|
|
|
|
req, err := http.NewRequest("GET", imageURL, nil)
|
2017-11-20 00:10:04 -05:00
|
|
|
if err != nil {
|
2018-10-07 21:42:43 -04:00
|
|
|
html.ServerError(w, r, err)
|
2017-11-20 00:10:04 -05:00
|
|
|
return
|
|
|
|
}
|
2020-12-17 00:16:04 -05:00
|
|
|
req.Header.Add("User-Agent", config.Opts.HTTPClientUserAgent())
|
2019-08-14 11:54:02 -04:00
|
|
|
req.Header.Add("Connection", "close")
|
2017-11-20 00:10:04 -05:00
|
|
|
|
2019-08-14 11:54:02 -04:00
|
|
|
clt := &http.Client{
|
|
|
|
Timeout: time.Duration(config.Opts.HTTPClientTimeout()) * time.Second,
|
|
|
|
}
|
|
|
|
|
|
|
|
resp, err := clt.Do(req)
|
|
|
|
if err != nil {
|
|
|
|
html.ServerError(w, r, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer resp.Body.Close()
|
|
|
|
|
|
|
|
if resp.StatusCode != http.StatusOK {
|
2018-10-07 21:42:43 -04:00
|
|
|
html.NotFound(w, r)
|
2017-11-20 00:10:04 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-08-14 11:54:02 -04:00
|
|
|
etag := crypto.HashFromBytes(decodedURL)
|
2017-11-20 00:10:04 -05:00
|
|
|
|
2019-08-14 11:54:02 -04:00
|
|
|
response.New(w, r).WithCaching(etag, 72*time.Hour, func(b *response.Builder) {
|
2022-01-02 20:24:49 -05:00
|
|
|
b.WithHeader("Content-Security-Policy", `default-src 'self'`)
|
2019-08-14 11:54:02 -04:00
|
|
|
b.WithHeader("Content-Type", resp.Header.Get("Content-Type"))
|
|
|
|
b.WithBody(resp.Body)
|
2018-10-07 21:42:43 -04:00
|
|
|
b.WithoutCompression()
|
|
|
|
b.Write()
|
|
|
|
})
|
2017-11-20 00:10:04 -05:00
|
|
|
}
|