0
Fork 0
mirror of https://github.com/willnorris/imageproxy.git synced 2025-01-20 22:53:00 -05:00
Commit graph

56 commits

Author SHA1 Message Date
Will Norris
3e9a5ddc3e cmd/imageproxy-sign: remove broken test
This has begun failing with the error:

    error generating coverage report: write |1: file already closed

I'm not 100% sure what's causing this, but this test isn't actually
covering very much, and trying to test a main function is often fraught
anyway, so it's not worth the hassle.
2023-04-03 17:17:31 -07:00
Will Norris
5ffd8db241 all: remove deprecated use of io/ioutil 2023-01-31 20:32:45 -08:00
Will Norris
59aad26e29 cmd/imageproxy: add proper server timeouts 2022-11-08 17:04:39 -08:00
Will Norris
a81add5d96 lint: improve error handling 2022-02-16 11:15:36 -08:00
Geras Ghulyan
d94e5610d6 Add support for passing headers to remote server
Add a new passRequestHeaders field to Proxy that identifies headers to
pass from inbound request to remote servers.  Also add associated flag
to imageproxy CLI.

This is initially added to support remote servers that require an
authorization token.

Fixes #321
2021-11-05 08:32:59 -07:00
Will Norris
66818a786d
change envy package to avoid replace directive 2021-10-12 20:26:12 -07:00
Will Norris
7ba3f124eb cleanup license headers and contributing docs
- switch to "project authors" style copyright.  Instead of an AUTHORS
  file (https://opensource.google/docs/releasing/authors/), I just list
  Google as a major copyright holder in the README.
- use SPDX style license headers in source files
- remove CLA requirement from contributing docs
2021-03-10 12:24:13 -08:00
Blake Stoddard
52f4360543
Add option to disable following redirects (#237)
When redirects are followed, ensure that they are still allowed per AllowHosts/DenyHosts
2020-09-10 01:40:59 -07:00
Will Norris
32a8bea35f switch to supported version of redigo package
fixes #244
2020-09-10 00:53:51 -07:00
Will Norris
067500cd7d add more golangci-lint checks 2020-09-10 00:30:25 -07:00
Will Norris
fc79b851b2 fix go lint warnings
- handle errors where possible
- explicitly ignore errors where it makes sense to
- fix deprecations and unused var
2020-09-09 15:44:09 -07:00
Will Norris
3589510f2c use gorilla/mux for routing requests
Thanks to @Fieldistor for the reminder that gorilla/mux allows you to
disable cleaning request URLs, which was causing problems with signature
verification for some URLs.

Fixes #215
Fixes #212
2020-04-02 22:29:10 +00:00
Will Norris
8c28dca762 include referer header in remote requests
this is an optional feature which is disabled by default, since it is
only needed in a few select cases and risks accidentally exposing
internal URLs.

Fixes #216
2020-02-21 08:24:23 +00:00
Will Norris
edd9dbac2d allow space-separated list of signature keys
This is necessary when specifying options as environment variables.
Also add documentation for using multiple signature keys.
2020-02-02 18:45:39 +00:00
Will Norris
403735c8e2 no need to export signatureKeyList type 2020-02-02 01:28:18 +00:00
Mauro Ciancio
ef09c1ba31
add support for multiple signature keys (#209) 2020-02-01 17:03:59 -08:00
Will Norris
7eeacfca7a standardize copyright statements (Inc -> LLC) 2019-11-30 10:04:17 -08:00
Will Norris
3b850734af cmd/imageproxy: use http.DefaultServeMux
this allows using the net/http/pprof package, and any other similar
package that registers handlers on the default ServerMux.
2019-10-13 11:16:34 -07:00
Will Norris
6975320eb4 additional tests for imageproxy-sign 2019-06-11 11:16:01 -07:00
Will Norris
ca8fe71a0a refactor imageproxy-sign to make testing easier 2019-06-11 17:45:25 +00:00
Will Norris
50866d9f70 default to using cache value as provided
when parsing cache values, if the values doesn't match a recognized URL
pattern, we treat it as a filepath for an on-disk cache.  However, this
doesn't appear to be working on Windows.  I don't have easy access to a
Windows box to test this on, but I *think* this should fix it.

Refs #181
2019-06-11 04:39:47 +00:00
Will Norris
fe437a0b8c allow specifying multiple cache with spaces
this is necessary for the new environment variable support for config
values.  I don't love that allowHosts is comma separated and cache is
space separated :(
2019-06-09 22:09:55 +00:00
Will Norris
50e0d1104d allow using environment vars for configuration
fixes #151
2019-06-09 21:11:01 +00:00
Will Norris
e1558d5626 add imageproxy-sign tool for calculating signatures
it's a little bit rough, but seems to work pretty well.

Ref #145
2019-03-27 21:56:21 +00:00
Will Norris
a5297ae319 remove deprecated whitelist flag and struct field 2019-03-22 07:36:41 +00:00
yvind Ngai Johnsen
7264d177a1 Add denyHosts flag to deny URLs for certain hosts
For example, when running in a Docker swarm cluster we dont want it to
have access to our internal services available under *.weave.local

Closes #85
2019-03-22 04:44:08 +00:00
Will Norris
5eab3024c6 rename RemoteHosts to AllowHosts
This is what I probably should have called this when I renamed it back
in 70276f36, since this makes it more obvious that it's a list of
allowed hosts.  Renaming now to make room for a `DenyHosts` variable as
part of #85.
2019-03-17 03:05:13 +00:00
Hugues Alary
3444fd9cb4 allow custom User-Agent when fetching remote image
Closes #83
2019-03-17 01:24:41 +00:00
Will Norris
70276f36bc rename 'Whitelist' to 'RemoteHosts"
This better describes what exactly is being allowed.
2018-09-15 05:55:02 +00:00
Will Norris
0370572130 change how content-type enforcement is handled
If no content types are specified, then accept all responses, regardless
of content type (this is the behavior imageproxy has historically had).
Change default value for the contentTypes flag to be "image/*", so that
the new default when running cmd/imageproxy is that only images will be
proxied.  The old default behavior can be achieved by passing an empty
string for the contentTypes flag:

    imageproxy -contentTypes ""

Do not send the "XCTO: nosniff" header, since all documentation that I
can find still says that it can cause problems when served with images.
If it's effectively a noop when an explicit content-type is specified in
the response, then this shouldn't actually matter for us either way.
But in the absence of certainty, I'd rather err on the side of following
the spec.

Also add documentation for the new functionality.

Fixes #141
2018-09-15 05:36:25 +00:00
Christopher Brown
39a4e1813d content-type checking 2018-09-15 04:00:34 +00:00
Will Norris
0c20cbe5b5 switch to use internal gcscache 2018-02-02 10:05:56 +00:00
Will Norris
13409fd7c6 add support for tiered caches
The -cache flag can be specified multiple times to create a tier of
caches.  Typically this would be used to be put a small in-memory cache
in front of a slower on-disk cache.

Fixes #111
2017-09-17 11:20:04 +00:00
Will Norris
a57047ff22 replace in-memory cache with size-limited lrucache
Fixes #4
2017-09-17 11:13:22 +00:00
Will Norris
db55cb60f8 sort cache select cases 2017-09-17 11:12:11 +00:00
Will Norris
7338ef68ef switch from glog to standard log library
add "-verbose" flag for more logging.

fixes #105
2017-09-12 05:14:46 +00:00
Will Norris
0ee5167444 switch to official AWS Go SDK
This uses the official Go SDK from Amazon, which supports the newer v4
authentication method.  Fixes #74.  Doing so also required adding a new
s3cache package which uses the official SDK.

THIS IS A BREAKING CHANGE for anyone that uses s3, since the syntax of
the command line flag is now different.  This is unfortunately necessary
because aws-sdk-go always requires the region to be explicitly declared,
which wasn't always the case with the previous format.  This breaking
change is unfortunate, but given that the other s3 package hasn't seen
updates in years, and so many new S3 regions only support the newer v4
authentication method, it's necessary.
2017-09-12 04:44:43 +00:00
Will Norris
5264eb6db0 remove long-deprecated cacheDir and cacheSize flags 2017-09-09 08:33:06 +00:00
Will Norris
955ea12402 remove goxc stuff and update deploy docs
I don't use goxc anymore, and it hasn't been an active project in a
really long time, so there's no need in referencing it.
2017-09-09 08:14:25 +00:00
Will Norris
dbfc693aea add support for redis cache backend
fixes #49
2017-09-09 07:14:44 +00:00
Paul Roy
f1ef8af9ec adding azure support 2017-09-08 15:47:35 +00:00
Diego Marangoni
4b637567e3 add GCS cache 2017-09-01 20:46:05 +00:00
Will Norris
93166a5b20 add support for per-request timeout
Adds a -timeout flag for specifying the timeout.  Currently, this
returns a 503 response on timeout, though it should really be a 504,
since imageproxy is acting as a gateway.

Ref: #75
2016-11-29 15:42:07 -08:00
Will Norris
810ecedd69 deprecate cacheSize flag and remove docs
this flag was never actually doing what I thought it was in the first
place.

Also fix up a few instances of cacheDir still be used in config files

fixes #45
2015-12-07 21:09:56 -08:00
Will Norris
355a00f7b6 cmd: use trie for caching files on disk (fixes #50) 2015-12-07 20:20:42 -08:00
Victor Trac
ec96fcbc90 using s3 as caching store 2015-12-07 19:50:00 -08:00
Will Norris
b88f2b70e5 add -cache flag and default to no cache
The imageproxy command no longer uses the in-memory cache by default.
Instead, no caching is enabled by default and the in-memory cache can be
enabled by passing `-cache memory`.

The -cache flag also supports specifying directories, and therefore
replaces hte older -cacheDir flag.  cacheDir is still supported for
compatibility, but is deprecated and will be removed in the future.

This also sets us up to add support for additional caching backends in
the future.

Partial fix for #49.
2015-12-04 15:54:00 -08:00
Will Norris
9d4058ca58 directly wrap ListenAndServe in log.Fatal call 2015-12-04 15:36:04 -08:00
Connor Peet
9213c93c94 Add ability to restrict http referrer 2015-08-15 10:36:07 -07:00
Rune Madsen
4e60c683b0 scaleup flag 2015-08-12 14:39:38 -04:00