logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git

uploaded_media.ex (2984B)

    

  1. # Pleroma: A lightweight social networking server
  2. # Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
  3. # SPDX-License-Identifier: AGPL-3.0-only
  5. defmodule Pleroma.Web.Plugs.UploadedMedia do
  6.   @moduledoc """
  7.   """
  9.   import Plug.Conn
  10.   import Pleroma.Web.Gettext
  11.   require Logger
  13.   alias Pleroma.Web.MediaProxy
  15.   @behaviour Plug
  16.   # no slashes
  17.   @path "media"
  19.   @default_cache_control_header "public, max-age=1209600"
  21.   def init(_opts) do
  22.     static_plug_opts =
  23.       [
  24.         headers: %{"cache-control" => @default_cache_control_header},
  25.         cache_control_for_etags: @default_cache_control_header
  26.       ]
  27.       |> Keyword.put(:from, "__unconfigured_media_plug")
  28.       |> Keyword.put(:at, "/__unconfigured_media_plug")
  29.       |> Plug.Static.init()
  31.     %{static_plug_opts: static_plug_opts}
  32.   end
  34.   def call(%{request_path: <<"/", @path, "/", file::binary>>} = conn, opts) do
  35.     conn =
  36.       case fetch_query_params(conn) do
  37.         %{query_params: %{"name" => name}} = conn ->
  38.           name = String.replace(name, ~s["], ~s[\\"])
  40.           put_resp_header(conn, "content-disposition", ~s[inline; filename="#{name}"])
  42.         conn ->
  43.           conn
  44.       end
  45.       |> merge_resp_headers([{"content-security-policy", "sandbox"}])
  47.     config = Pleroma.Config.get(Pleroma.Upload)
  49.     with uploader <- Keyword.fetch!(config, :uploader),
  50.          proxy_remote = Keyword.get(config, :proxy_remote, false),
  51.          {:ok, get_method} <- uploader.get_file(file),
  52.          false <- media_is_banned(conn, get_method) do
  53.       get_media(conn, get_method, proxy_remote, opts)
  54.     else
  55.       _ ->
  56.         conn
  57.         |> send_resp(:internal_server_error, dgettext("errors", "Failed"))
  58.         |> halt()
  59.     end
  60.   end
  62.   def call(conn, _opts), do: conn
  64.   defp media_is_banned(%{request_path: path} = _conn, {:static_dir, _}) do
  65.     MediaProxy.in_banned_urls(Pleroma.Upload.base_url() <> path)
  66.   end
  68.   defp media_is_banned(_, {:url, url}), do: MediaProxy.in_banned_urls(url)
  70.   defp media_is_banned(_, _), do: false
  72.   defp get_media(conn, {:static_dir, directory}, _, opts) do
  73.     static_opts =
  74.       Map.get(opts, :static_plug_opts)
  75.       |> Map.put(:at, [@path])
  76.       |> Map.put(:from, directory)
  78.     conn = Plug.Static.call(conn, static_opts)
  80.     if conn.halted do
  81.       conn
  82.     else
  83.       conn
  84.       |> send_resp(:not_found, dgettext("errors", "Not found"))
  85.       |> halt()
  86.     end
  87.   end
  89.   defp get_media(conn, {:url, url}, true, _) do
  90.     proxy_opts = [
  91.       http: [
  92.         follow_redirect: true,
  93.         pool: :upload
  94.       ]
  95.     ]
  97.     conn
  98.     |> Pleroma.ReverseProxy.call(url, proxy_opts)
  99.   end
  101.   defp get_media(conn, {:url, url}, _, _) do
  102.     conn
  103.     |> Phoenix.Controller.redirect(external: url)
  104.     |> halt()
  105.   end
  107.   defp get_media(conn, unknown, _, _) do
  108.     Logger.error("#{__MODULE__}: Unknown get strategy: #{inspect(unknown)}")
  110.     conn
  111.     |> send_resp(:internal_server_error, dgettext("errors", "Internal Error"))
  112.     |> halt()
  113.   end
  114. end