1
0
mirror of https://github.com/imgproxy/imgproxy.git synced 2025-01-23 11:14:48 +02:00

IMGPROXY_IGNORE_SSL_VERIFICATION option

This commit is contained in:
DarthSim 2018-09-26 19:00:37 +06:00
parent 4208756321
commit b9cf4a054a
2 changed files with 27 additions and 11 deletions

View File

@ -98,6 +98,8 @@ type config struct {
AllowOrigin string
IgnoreSslVerification bool
LocalFileSystemRoot string
ETagEnabled bool
@ -106,17 +108,18 @@ type config struct {
}
var conf = config{
Bind: ":8080",
ReadTimeout: 10,
WriteTimeout: 10,
DownloadTimeout: 5,
Concurrency: runtime.NumCPU() * 2,
TTL: 3600,
MaxSrcDimension: 8192,
MaxSrcResolution: 16800000,
Quality: 80,
GZipCompression: 5,
ETagEnabled: false,
Bind: ":8080",
ReadTimeout: 10,
WriteTimeout: 10,
DownloadTimeout: 5,
Concurrency: runtime.NumCPU() * 2,
TTL: 3600,
IgnoreSslVerification: false,
MaxSrcDimension: 8192,
MaxSrcResolution: 16800000,
Quality: 80,
GZipCompression: 5,
ETagEnabled: false,
}
func init() {
@ -161,6 +164,8 @@ func init() {
strEnvConfig(&conf.AllowOrigin, "IMGPROXY_ALLOW_ORIGIN")
boolEnvConfig(&conf.IgnoreSslVerification, "IMGPROXY_IGNORE_SSL_VERIFICATION")
strEnvConfig(&conf.LocalFileSystemRoot, "IMGPROXY_LOCAL_FILESYSTEM_ROOT")
boolEnvConfig(&conf.ETagEnabled, "IMGPROXY_USE_ETAG")
@ -222,6 +227,10 @@ func init() {
log.Fatalf("GZip compression can't be greater than 9, now - %d\n", conf.GZipCompression)
}
if conf.IgnoreSslVerification {
log.Println("Ignoring SSL verification is very unsafe. Hope you know what you're doing")
}
if conf.LocalFileSystemRoot != "" {
stat, err := os.Stat(conf.LocalFileSystemRoot)
if err != nil {

View File

@ -3,6 +3,7 @@ package main
import (
"bufio"
"bytes"
"crypto/tls"
"errors"
"fmt"
"image"
@ -59,9 +60,15 @@ func initDownloading() {
transport := &http.Transport{
Proxy: http.ProxyFromEnvironment,
}
if conf.IgnoreSslVerification {
transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
}
if conf.LocalFileSystemRoot != "" {
transport.RegisterProtocol("local", http.NewFileTransport(http.Dir(conf.LocalFileSystemRoot)))
}
downloadClient = &http.Client{
Timeout: time.Duration(conf.DownloadTimeout) * time.Second,
Transport: transport,