mirror of
https://github.com/willnorris/imageproxy.git
synced 2024-12-16 21:56:43 -05:00
include referer header in remote requests
this is an optional feature which is disabled by default, since it is only needed in a few select cases and risks accidentally exposing internal URLs. Fixes #216
This commit is contained in:
parent
edd9dbac2d
commit
8c28dca762
3 changed files with 12 additions and 0 deletions
|
@ -46,6 +46,7 @@ var addr = flag.String("addr", "localhost:8080", "TCP address to listen on")
|
|||
var allowHosts = flag.String("allowHosts", "", "comma separated list of allowed remote hosts")
|
||||
var denyHosts = flag.String("denyHosts", "", "comma separated list of denied remote hosts")
|
||||
var referrers = flag.String("referrers", "", "comma separated list of allowed referring hosts")
|
||||
var includeReferer = flag.Bool("includeReferer", false, "include referer header in remote requests")
|
||||
var baseURL = flag.String("baseURL", "", "default base URL for relative remote URLs")
|
||||
var cache tieredCache
|
||||
var signatureKeys signatureKeyList
|
||||
|
@ -87,6 +88,7 @@ func main() {
|
|||
}
|
||||
}
|
||||
|
||||
p.IncludeReferer = *includeReferer
|
||||
p.Timeout = *timeout
|
||||
p.ScaleUp = *scaleUp
|
||||
p.Verbose = *verbose
|
||||
|
|
|
@ -7,6 +7,8 @@ adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|||
|
||||
## [Unreleased]
|
||||
[Unreleased]: https://github.com/willnorris/imageproxy/compare/v0.9.0...HEAD
|
||||
- added option to include referer header in remote requests
|
||||
([#216](https://github.com/willnorris/imageproxy/issues/216))
|
||||
|
||||
## [0.9.0] (2019-06-10)
|
||||
[0.9.0]: https://github.com/willnorris/imageproxy/compare/v0.8.0...v0.9.0
|
||||
|
|
|
@ -56,6 +56,10 @@ type Proxy struct {
|
|||
// hosts are allowed.
|
||||
Referrers []string
|
||||
|
||||
// IncludeReferer controls whether the original Referer request header
|
||||
// is included in remote requests.
|
||||
IncludeReferer bool
|
||||
|
||||
// DefaultBaseURL is the URL that relative remote URLs are resolved in
|
||||
// reference to. If nil, all remote URLs specified in requests must be
|
||||
// absolute.
|
||||
|
@ -166,6 +170,10 @@ func (p *Proxy) serveImage(w http.ResponseWriter, r *http.Request) {
|
|||
if len(p.ContentTypes) != 0 {
|
||||
actualReq.Header.Set("Accept", strings.Join(p.ContentTypes, ", "))
|
||||
}
|
||||
if p.IncludeReferer {
|
||||
// pass along the referer header from the original request
|
||||
copyHeader(actualReq.Header, r.Header, "referer")
|
||||
}
|
||||
resp, err := p.Client.Do(actualReq)
|
||||
|
||||
if err != nil {
|
||||
|
|
Loading…
Reference in a new issue