Infrastructure/imageproxy
0
Fork 0
mirror of https://github.com/willnorris/imageproxy.git synced 2024-12-16 21:56:43 -05:00
Code Issues Activity

include referer header in remote requests

Browse source 
this is an optional feature which is disabled by default, since it is
only needed in a few select cases and risks accidentally exposing
internal URLs.

Fixes #216
This commit is contained in:
Will Norris 2020-02-21 08:24:23 +00:00
parent edd9dbac2d
commit 8c28dca762
3 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cmd/imageproxy/main.go
View file

@ -46,6 +46,7 @@ var addr = flag.String("addr", "localhost:8080", "TCP address to listen on")
var allowHosts = flag.String("allowHosts", "", "comma separated list of allowed remote hosts") var allowHosts = flag.String("allowHosts", "", "comma separated list of allowed remote hosts")
var denyHosts = flag.String("denyHosts", "", "comma separated list of denied remote hosts") var denyHosts = flag.String("denyHosts", "", "comma separated list of denied remote hosts")
var referrers = flag.String("referrers", "", "comma separated list of allowed referring hosts") var referrers = flag.String("referrers", "", "comma separated list of allowed referring hosts")
var includeReferer = flag.Bool("includeReferer", false, "include referer header in remote requests")
var baseURL = flag.String("baseURL", "", "default base URL for relative remote URLs") var baseURL = flag.String("baseURL", "", "default base URL for relative remote URLs")
var cache tieredCache var cache tieredCache
var signatureKeys signatureKeyList var signatureKeys signatureKeyList
@ -87,6 +88,7 @@ func main() {
} }
} }
p.IncludeReferer = *includeReferer
p.Timeout = *timeout p.Timeout = *timeout
p.ScaleUp = *scaleUp p.ScaleUp = *scaleUp
p.Verbose = *verbose p.Verbose = *verbose

2
docs/changelog.md
View file

@ -7,6 +7,8 @@ adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased] ## [Unreleased]
[Unreleased]: https://github.com/willnorris/imageproxy/compare/v0.9.0...HEAD [Unreleased]: https://github.com/willnorris/imageproxy/compare/v0.9.0...HEAD
- added option to include referer header in remote requests
([#216](https://github.com/willnorris/imageproxy/issues/216))
## [0.9.0] (2019-06-10) ## [0.9.0] (2019-06-10)
[0.9.0]: https://github.com/willnorris/imageproxy/compare/v0.8.0...v0.9.0 [0.9.0]: https://github.com/willnorris/imageproxy/compare/v0.8.0...v0.9.0

8
imageproxy.go
View file

@ -56,6 +56,10 @@ type Proxy struct {
// hosts are allowed. // hosts are allowed.
Referrers []string Referrers []string
// IncludeReferer controls whether the original Referer request header
// is included in remote requests.
IncludeReferer bool
// DefaultBaseURL is the URL that relative remote URLs are resolved in // DefaultBaseURL is the URL that relative remote URLs are resolved in
// reference to. If nil, all remote URLs specified in requests must be // reference to. If nil, all remote URLs specified in requests must be
// absolute. // absolute.
@ -166,6 +170,10 @@ func (p *Proxy) serveImage(w http.ResponseWriter, r *http.Request) {
if len(p.ContentTypes) != 0 { if len(p.ContentTypes) != 0 {
actualReq.Header.Set("Accept", strings.Join(p.ContentTypes, ", ")) actualReq.Header.Set("Accept", strings.Join(p.ContentTypes, ", "))
} }
if p.IncludeReferer {
// pass along the referer header from the original request
copyHeader(actualReq.Header, r.Header, "referer")
}
resp, err := p.Client.Do(actualReq) resp, err := p.Client.Do(actualReq)
if err != nil { if err != nil {