go/imgproxy
1
0
Fork 0
mirror of https://github.com/imgproxy/imgproxy.git synced 2024-11-24 08:12:38 +02:00
Code Releases Activity

IMGPROXY_MAX_REDIRECTS config (#797)

Browse Source 
* IMGPROXY_MAX_REDIRECTS config

* Apply suggestions from code review

Co-authored-by: Travis-Turner <32389151+Travis-Turner@users.noreply.github.com>

Co-authored-by: Travis-Turner <32389151+Travis-Turner@users.noreply.github.com>
This commit is contained in:
Sergey Alexandrovich 2022-02-16 15:42:09 +06:00 committed by GitHub
parent 3997a0fea0
commit ec02fc53a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -1,6 +1,8 @@
# Changelog # Changelog
## [Unreleased] ## [Unreleased]
### Added
- Add the `IMGPROXY_MAX_REDIRECTS` config.
## [3.2.2] - 2022-02-08 ## [3.2.2] - 2022-02-08
### Fix ### Fix

4
config/config.go
View File

@ -37,6 +37,7 @@ var (
MaxSrcFileSize int MaxSrcFileSize int
MaxAnimationFrames int MaxAnimationFrames int
MaxSvgCheckBytes int MaxSvgCheckBytes int
MaxRedirects int
JpegProgressive bool JpegProgressive bool
PngInterlaced bool PngInterlaced bool
@ -174,6 +175,7 @@ func Reset() {
MaxSrcFileSize = 0 MaxSrcFileSize = 0
MaxAnimationFrames = 1 MaxAnimationFrames = 1
MaxSvgCheckBytes = 32 * 1024 MaxSvgCheckBytes = 32 * 1024
MaxRedirects = 10
JpegProgressive = false JpegProgressive = false
PngInterlaced = false PngInterlaced = false
@ -303,6 +305,8 @@ func Configure() error {
configurators.Int(&MaxAnimationFrames, "IMGPROXY_MAX_ANIMATION_FRAMES") configurators.Int(&MaxAnimationFrames, "IMGPROXY_MAX_ANIMATION_FRAMES")
configurators.Int(&MaxRedirects, "IMGPROXY_MAX_REDIRECTS")
configurators.Patterns(&AllowedSources, "IMGPROXY_ALLOWED_SOURCES") configurators.Patterns(&AllowedSources, "IMGPROXY_ALLOWED_SOURCES")
configurators.Bool(&JpegProgressive, "IMGPROXY_JPEG_PROGRESSIVE") configurators.Bool(&JpegProgressive, "IMGPROXY_JPEG_PROGRESSIVE")

4
docs/configuration.md
View File

@ -67,6 +67,10 @@ To check if the source image is SVG, imgproxy reads some amount of bytes; by def
* `IMGPROXY_MAX_SVG_CHECK_BYTES`: the maximum number of bytes imgproxy will read to recognize SVG files. If imgproxy is unable to recognize your SVG, try increasing this number. Default: `32768` (32KB) * `IMGPROXY_MAX_SVG_CHECK_BYTES`: the maximum number of bytes imgproxy will read to recognize SVG files. If imgproxy is unable to recognize your SVG, try increasing this number. Default: `32768` (32KB)
Requests to some image sources may go through too many redirects or enter an infinite loop. You can limit the number of allowed redirects:
* `IMGPROXY_MAX_REDIRECTS`: the max number of redirects imgproxy can follow while requesting the source image
You can also specify a secret key to enable authorization with the HTTP `Authorization` header for use in production environments: You can also specify a secret key to enable authorization with the HTTP `Authorization` header for use in production environments:
* `IMGPROXY_SECRET`: the authorization token. If specified, the HTTP request should contain the `Authorization: Bearer %secret%` header. * `IMGPROXY_SECRET`: the authorization token. If specified, the HTTP request should contain the `Authorization: Bearer %secret%` header.

7
imagedata/download.go
View File

@ -97,6 +97,13 @@ func initDownloading() error {
downloadClient = &http.Client{ downloadClient = &http.Client{
Timeout: time.Duration(config.DownloadTimeout) * time.Second, Timeout: time.Duration(config.DownloadTimeout) * time.Second,
Transport: transport, Transport: transport,
CheckRedirect: func(req *http.Request, via []*http.Request) error {
redirects := len(via)
if redirects >= config.MaxRedirects {
return fmt.Errorf("stopped after %d redirects", redirects)
}
return nil
},
} }
return nil return nil