go/imgproxy
1
0
Fork 0
mirror of https://github.com/imgproxy/imgproxy.git synced 2025-06-17 22:37:33 +02:00
Code Releases Activity

Fix path before signature check

Browse Source
This commit is contained in:
DarthSim
2022-09-15 22:36:47 +06:00
parent 30f744e116
commit 0dc16ba76b
2 changed files with 4 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -6,7 +6,7 @@
- (pro) Add encrypted source URL support. - (pro) Add encrypted source URL support.
### Changed ### Changed
- Fix some invalid signature cases that happen because of URL normalization. - Try to fix some invalid source URL cases that happen because of URL normalization.
## [3.7.2] - 2022-08-22 ## [3.7.2] - 2022-08-22
### Changed ### Changed

6
processing_handler.go
View File

@ -217,15 +217,11 @@ func handleProcessing(reqID string, rw http.ResponseWriter, r *http.Request) {
)) ))
} }
if err := security.VerifySignature(signature, path); err != nil {
// Some proxy servers may normalize URL and make signature invalid.
// Try to fix the path and repeat the check
path = fixPath(path) path = fixPath(path)
if err = security.VerifySignature(signature, path); err != nil { if err := security.VerifySignature(signature, path); err != nil {
sendErrAndPanic(ctx, "security", ierrors.New(403, err.Error(), "Forbidden")) sendErrAndPanic(ctx, "security", ierrors.New(403, err.Error(), "Forbidden"))
} }
}
po, imageURL, err := options.ParsePath(path, r.Header) po, imageURL, err := options.ParsePath(path, r.Header)
checkErr(ctx, "path_parsing", err) checkErr(ctx, "path_parsing", err)