1
0
mirror of https://github.com/imgproxy/imgproxy.git synced 2024-12-09 09:56:01 +02:00
imgproxy/server.go

361 lines
8.0 KiB
Go
Raw Normal View History

2017-06-27 11:00:33 +02:00
package main
import (
2019-02-25 14:26:51 +02:00
"bytes"
2018-09-10 08:17:00 +02:00
"context"
"crypto/subtle"
2017-06-27 11:00:33 +02:00
"fmt"
"net/http"
2019-01-10 07:49:17 +02:00
"net/url"
"path/filepath"
2019-05-06 10:42:30 +02:00
"regexp"
"strings"
2017-07-03 06:08:47 +02:00
"time"
2018-03-15 18:58:11 +02:00
nanoid "github.com/matoous/go-nanoid"
2019-02-25 14:26:51 +02:00
"github.com/valyala/fasthttp"
2017-06-27 11:00:33 +02:00
)
2019-01-10 07:49:17 +02:00
const (
contextDispositionFilenameFallback = "image"
2019-05-06 10:42:30 +02:00
xRequestIDHeader = "X-Request-ID"
2019-01-10 07:49:17 +02:00
)
2018-10-05 17:17:36 +02:00
var (
mimes = map[imageType]string{
imageTypeJPEG: "image/jpeg",
imageTypePNG: "image/png",
imageTypeWEBP: "image/webp",
2018-11-08 12:34:21 +02:00
imageTypeGIF: "image/gif",
2018-12-02 15:02:19 +02:00
imageTypeICO: "image/x-icon",
2018-10-05 17:17:36 +02:00
}
2019-01-10 07:49:17 +02:00
contentDispositionsFmt = map[imageType]string{
imageTypeJPEG: "inline; filename=\"%s.jpg\"",
imageTypePNG: "inline; filename=\"%s.png\"",
imageTypeWEBP: "inline; filename=\"%s.webp\"",
imageTypeGIF: "inline; filename=\"%s.gif\"",
imageTypeICO: "inline; filename=\"%s.ico\"",
2018-11-01 16:34:28 +02:00
}
2018-10-05 17:17:36 +02:00
authHeaderMust []byte
2017-06-27 11:00:33 +02:00
2019-02-25 14:26:51 +02:00
healthPath = []byte("/health")
imgproxyIsRunningMsg = []byte("imgproxy is running")
2018-10-05 22:29:55 +02:00
errInvalidMethod = newError(422, "Invalid request method", "Method doesn't allowed")
errInvalidSecret = newError(403, "Invalid secret", "Forbidden")
2018-10-05 17:17:36 +02:00
2019-02-25 14:26:51 +02:00
responseGzipPool *gzipPool
2019-05-06 10:42:30 +02:00
requestIDRe = regexp.MustCompile(`^[A-Za-z0-9_\-]+$`)
)
type httpHandler struct {
sem chan struct{}
}
2018-09-10 08:17:00 +02:00
func newHTTPHandler() *httpHandler {
return &httpHandler{make(chan struct{}, conf.Concurrency)}
}
2019-02-25 14:26:51 +02:00
func startServer() *fasthttp.Server {
handler := newHTTPHandler()
server := &fasthttp.Server{
Name: "imgproxy",
Handler: handler.ServeHTTP,
Concurrency: conf.MaxClients,
ReadTimeout: time.Duration(conf.ReadTimeout) * time.Second,
2018-09-10 08:17:00 +02:00
}
if conf.GZipCompression > 0 {
responseGzipPool = newGzipPool(conf.Concurrency)
}
2019-02-25 14:26:51 +02:00
if conf.ETagEnabled {
eTagCalcPool = newEtagPool(conf.Concurrency)
}
2018-09-10 08:17:00 +02:00
go func() {
2019-01-11 17:01:48 +02:00
logNotice("Starting server at %s", conf.Bind)
2019-02-25 14:26:51 +02:00
if err := server.ListenAndServe(conf.Bind); err != nil {
2019-01-11 17:01:48 +02:00
logFatal(err.Error())
2018-10-05 17:17:36 +02:00
}
2018-09-10 08:17:00 +02:00
}()
2019-02-25 14:26:51 +02:00
return server
2018-09-10 08:17:00 +02:00
}
2019-02-25 14:26:51 +02:00
func shutdownServer(s *fasthttp.Server) {
2019-01-11 17:01:48 +02:00
logNotice("Shutting down the server...")
2019-02-25 14:26:51 +02:00
s.Shutdown()
2018-09-10 08:17:00 +02:00
}
2019-02-25 14:26:51 +02:00
func writeCORS(rctx *fasthttp.RequestCtx) {
2018-04-26 13:22:31 +02:00
if len(conf.AllowOrigin) > 0 {
2019-02-25 14:26:51 +02:00
rctx.Response.Header.Set("Access-Control-Allow-Origin", conf.AllowOrigin)
rctx.Response.Header.Set("Access-Control-Allow-Methods", "GET, OPTIONs")
2018-04-26 13:22:31 +02:00
}
}
2019-01-10 07:49:17 +02:00
func contentDisposition(imageURL string, imgtype imageType) string {
url, err := url.Parse(imageURL)
if err != nil {
return fmt.Sprintf(contentDispositionsFmt[imgtype], contextDispositionFilenameFallback)
}
_, filename := filepath.Split(url.Path)
if len(filename) == 0 {
return fmt.Sprintf(contentDispositionsFmt[imgtype], contextDispositionFilenameFallback)
}
return fmt.Sprintf(contentDispositionsFmt[imgtype], strings.TrimSuffix(filename, filepath.Ext(filename)))
}
2019-02-25 14:26:51 +02:00
func respondWithImage(ctx context.Context, reqID string, rctx *fasthttp.RequestCtx, data []byte) {
2018-10-05 18:20:29 +02:00
po := getProcessingOptions(ctx)
2018-04-26 14:17:08 +02:00
2019-02-25 14:26:51 +02:00
rctx.SetStatusCode(200)
2018-04-26 14:17:08 +02:00
2019-02-25 14:26:51 +02:00
rctx.Response.Header.Set("Expires", time.Now().Add(time.Second*time.Duration(conf.TTL)).Format(http.TimeFormat))
rctx.Response.Header.Set("Cache-Control", fmt.Sprintf("max-age=%d, public", conf.TTL))
rctx.Response.Header.Set("Content-Type", mimes[po.Format])
rctx.Response.Header.Set("Content-Disposition", contentDisposition(getImageURL(ctx), po.Format))
2019-01-17 15:00:33 +02:00
2019-02-25 14:26:51 +02:00
addVaryHeader(rctx)
2019-02-25 14:26:51 +02:00
if conf.GZipCompression > 0 && rctx.Request.Header.HasAcceptEncoding("gzip") {
gz := responseGzipPool.Get(rctx)
2019-01-30 12:31:00 +02:00
defer responseGzipPool.Put(gz)
2019-01-09 14:41:00 +02:00
gz.Write(data)
gz.Close()
2017-07-03 06:08:47 +02:00
2019-02-25 14:26:51 +02:00
rctx.Response.Header.Set("Content-Encoding", "gzip")
2019-01-09 14:41:00 +02:00
} else {
2019-02-25 14:26:51 +02:00
rctx.SetBody(data)
2019-01-09 14:41:00 +02:00
}
2019-01-11 17:01:48 +02:00
logResponse(reqID, 200, fmt.Sprintf("Processed in %s: %s; %+v", getTimerSince(ctx), getImageURL(ctx), po))
2017-06-27 11:00:33 +02:00
}
2019-02-25 14:26:51 +02:00
func addVaryHeader(rctx *fasthttp.RequestCtx) {
vary := make([]string, 0, 5)
2019-01-17 15:00:33 +02:00
if conf.EnableWebpDetection || conf.EnforceWebp {
vary = append(vary, "Accept")
}
if conf.GZipCompression > 0 {
vary = append(vary, "Accept-Encoding")
}
if conf.EnableClientHints {
vary = append(vary, "DPR", "Viewport-Width", "Width")
}
if len(vary) > 0 {
2019-02-25 14:26:51 +02:00
rctx.Response.Header.Set("Vary", strings.Join(vary, ", "))
2019-01-17 15:00:33 +02:00
}
}
2019-02-25 14:26:51 +02:00
func respondWithError(reqID string, rctx *fasthttp.RequestCtx, err *imgproxyError) {
2019-01-11 17:01:48 +02:00
logResponse(reqID, err.StatusCode, err.Message)
2017-06-27 11:00:33 +02:00
2019-02-25 14:26:51 +02:00
rctx.SetStatusCode(err.StatusCode)
rctx.SetBodyString(err.PublicMessage)
}
2019-02-25 14:26:51 +02:00
func respondWithOptions(reqID string, rctx *fasthttp.RequestCtx) {
2019-01-11 17:01:48 +02:00
logResponse(reqID, 200, "Respond with options")
2019-02-25 14:26:51 +02:00
rctx.SetStatusCode(200)
2018-04-26 13:22:31 +02:00
}
2019-02-25 14:26:51 +02:00
func respondWithNotModified(reqID string, rctx *fasthttp.RequestCtx) {
logResponse(reqID, 304, "Not modified")
rctx.SetStatusCode(304)
2018-11-20 14:53:44 +02:00
}
2019-05-06 10:42:30 +02:00
func generateRequestID(rctx *fasthttp.RequestCtx) (reqID string) {
reqIDb := rctx.Request.Header.Peek(xRequestIDHeader)
if len(reqIDb) > 0 && requestIDRe.Match(reqIDb) {
reqID = string(reqIDb)
} else {
reqID, _ = nanoid.Nanoid()
}
rctx.Response.Header.Set(xRequestIDHeader, reqID)
return
}
2018-10-05 17:17:36 +02:00
func prepareAuthHeaderMust() []byte {
if len(authHeaderMust) == 0 {
2018-10-05 18:10:17 +02:00
authHeaderMust = []byte(fmt.Sprintf("Bearer %s", conf.Secret))
2017-07-03 11:36:37 +02:00
}
2018-10-05 17:17:36 +02:00
return authHeaderMust
2017-07-04 16:05:53 +02:00
}
2019-02-25 14:26:51 +02:00
func checkSecret(rctx *fasthttp.RequestCtx) bool {
2018-10-05 17:17:36 +02:00
if len(conf.Secret) == 0 {
return true
}
return subtle.ConstantTimeCompare(
2019-02-25 14:26:51 +02:00
rctx.Request.Header.Peek("Authorization"),
2018-10-05 17:17:36 +02:00
prepareAuthHeaderMust(),
) == 1
2017-07-04 16:05:53 +02:00
}
2019-02-25 14:26:51 +02:00
func requestCtxToRequest(rctx *fasthttp.RequestCtx) *http.Request {
if r, ok := rctx.UserValue("httpRequest").(*http.Request); ok {
return r
}
reqURL, _ := url.Parse(rctx.Request.URI().String())
r := &http.Request{
Method: http.MethodGet, // Only GET is supported
URL: reqURL,
Proto: "HTTP/1.0",
ProtoMajor: 1,
ProtoMinor: 0,
Header: make(http.Header),
Body: http.NoBody,
Host: reqURL.Host,
RequestURI: reqURL.RequestURI(),
RemoteAddr: rctx.RemoteAddr().String(),
}
rctx.Request.Header.VisitAll(func(key, value []byte) {
r.Header.Add(string(key), string(value))
})
rctx.SetUserValue("httpRequest", r)
return r
}
func (h *httpHandler) lock() {
h.sem <- struct{}{}
}
func (h *httpHandler) unlock() {
<-h.sem
}
2019-02-25 14:26:51 +02:00
func (h *httpHandler) ServeHTTP(rctx *fasthttp.RequestCtx) {
2019-05-06 10:42:30 +02:00
reqID := generateRequestID(rctx)
2018-03-15 18:58:11 +02:00
2017-10-04 21:44:58 +02:00
defer func() {
2018-11-14 15:41:16 +02:00
if rerr := recover(); rerr != nil {
if err, ok := rerr.(error); ok {
2019-02-25 14:26:51 +02:00
reportError(err, requestCtxToRequest(rctx))
2018-11-14 15:41:16 +02:00
2018-11-20 14:53:44 +02:00
if ierr, ok := err.(*imgproxyError); ok {
2019-02-25 14:26:51 +02:00
respondWithError(reqID, rctx, ierr)
2018-11-14 15:41:16 +02:00
} else {
2019-02-25 14:26:51 +02:00
respondWithError(reqID, rctx, newUnexpectedError(err, 4))
2018-11-14 15:41:16 +02:00
}
2017-10-04 21:44:58 +02:00
} else {
2018-11-14 15:41:16 +02:00
panic(rerr)
2017-10-04 21:44:58 +02:00
}
}
}()
2017-07-04 16:05:53 +02:00
2019-02-25 14:26:51 +02:00
logRequest(reqID, rctx)
2018-04-26 13:22:31 +02:00
2019-02-25 14:26:51 +02:00
writeCORS(rctx)
2018-04-26 13:22:31 +02:00
2019-02-25 14:26:51 +02:00
if rctx.Request.Header.IsOptions() {
respondWithOptions(reqID, rctx)
2018-04-26 13:22:31 +02:00
return
}
2019-02-25 14:26:51 +02:00
if !rctx.Request.Header.IsGet() {
2018-10-05 22:29:55 +02:00
panic(errInvalidMethod)
2018-04-26 13:22:31 +02:00
}
if bytes.Equal(rctx.RequestURI(), healthPath) {
2019-02-25 14:26:51 +02:00
rctx.SetStatusCode(200)
rctx.SetBody(imgproxyIsRunningMsg)
2018-11-16 12:07:30 +02:00
return
}
2019-02-25 14:26:51 +02:00
if !checkSecret(rctx) {
panic(errInvalidSecret)
}
2018-10-25 15:24:34 +02:00
ctx := context.Background()
if newRelicEnabled {
var newRelicCancel context.CancelFunc
2019-02-25 14:26:51 +02:00
ctx, newRelicCancel = startNewRelicTransaction(ctx, requestCtxToRequest(rctx))
2018-10-25 15:24:34 +02:00
defer newRelicCancel()
}
2018-10-29 14:04:47 +02:00
if prometheusEnabled {
prometheusRequestsTotal.Inc()
defer startPrometheusDuration(prometheusRequestDuration)()
}
h.lock()
defer h.unlock()
2017-07-03 06:08:47 +02:00
2018-10-25 15:24:34 +02:00
ctx, timeoutCancel := startTimer(ctx, time.Duration(conf.WriteTimeout)*time.Second)
2018-10-05 17:17:36 +02:00
defer timeoutCancel()
2018-03-19 10:58:52 +02:00
2019-02-25 14:26:51 +02:00
ctx, err := parsePath(ctx, rctx)
2017-06-27 11:00:33 +02:00
if err != nil {
2018-11-20 14:53:44 +02:00
panic(err)
2017-06-27 11:00:33 +02:00
}
2018-10-05 17:17:36 +02:00
ctx, downloadcancel, err := downloadImage(ctx)
defer downloadcancel()
2017-06-27 11:00:33 +02:00
if err != nil {
2018-10-25 15:24:34 +02:00
if newRelicEnabled {
sendErrorToNewRelic(ctx, err)
}
2018-10-29 14:04:47 +02:00
if prometheusEnabled {
incrementPrometheusErrorsTotal("download")
}
2018-11-20 14:53:44 +02:00
panic(err)
2017-06-27 11:00:33 +02:00
}
2018-10-05 17:17:36 +02:00
checkTimeout(ctx)
2017-10-04 21:44:58 +02:00
2018-10-05 18:20:29 +02:00
if conf.ETagEnabled {
2019-02-25 14:26:51 +02:00
eTag, etagcancel := calcETag(ctx)
defer etagcancel()
rctx.Response.Header.SetBytesV("ETag", eTag)
2018-02-26 11:41:37 +02:00
if bytes.Equal(eTag, rctx.Request.Header.Peek("If-None-Match")) {
2019-02-25 14:26:51 +02:00
respondWithNotModified(reqID, rctx)
2018-11-20 14:53:44 +02:00
return
2018-10-05 18:20:29 +02:00
}
}
2018-10-05 17:17:36 +02:00
checkTimeout(ctx)
2018-02-26 11:41:37 +02:00
imageData, processcancel, err := processImage(ctx)
defer processcancel()
2017-06-27 11:00:33 +02:00
if err != nil {
2018-10-25 15:24:34 +02:00
if newRelicEnabled {
sendErrorToNewRelic(ctx, err)
}
2018-10-29 14:04:47 +02:00
if prometheusEnabled {
incrementPrometheusErrorsTotal("processing")
}
2018-11-20 14:53:44 +02:00
panic(err)
2017-06-27 11:00:33 +02:00
}
2018-10-05 17:17:36 +02:00
checkTimeout(ctx)
2017-10-04 21:44:58 +02:00
2019-02-25 14:26:51 +02:00
respondWithImage(ctx, reqID, rctx, imageData)
2017-06-27 11:00:33 +02:00
}