forked from mirrors/akkoma
Never forward the client's user-agent through the media proxy
This commit is contained in:
parent
4cb166e979
commit
1dc5794e29
|
@ -4,7 +4,7 @@
|
||||||
|
|
||||||
defmodule Pleroma.ReverseProxy do
|
defmodule Pleroma.ReverseProxy do
|
||||||
@range_headers ~w(range if-range)
|
@range_headers ~w(range if-range)
|
||||||
@keep_req_headers ~w(accept user-agent accept-encoding cache-control if-modified-since) ++
|
@keep_req_headers ~w(accept accept-encoding cache-control if-modified-since) ++
|
||||||
~w(if-unmodified-since if-none-match) ++ @range_headers
|
~w(if-unmodified-since if-none-match) ++ @range_headers
|
||||||
@resp_cache_headers ~w(etag date last-modified)
|
@resp_cache_headers ~w(etag date last-modified)
|
||||||
@keep_resp_headers @resp_cache_headers ++
|
@keep_resp_headers @resp_cache_headers ++
|
||||||
|
@ -57,9 +57,6 @@ def default_cache_control_header, do: @default_cache_control_header
|
||||||
* `false` will add `content-disposition: attachment` to any request,
|
* `false` will add `content-disposition: attachment` to any request,
|
||||||
* a list of whitelisted content types
|
* a list of whitelisted content types
|
||||||
|
|
||||||
* `keep_user_agent` will forward the client's user-agent to the upstream. This may be useful if the upstream is
|
|
||||||
doing content transformation (encoding, …) depending on the request.
|
|
||||||
|
|
||||||
* `req_headers`, `resp_headers` additional headers.
|
* `req_headers`, `resp_headers` additional headers.
|
||||||
|
|
||||||
* `http`: options for [hackney](https://github.com/benoitc/hackney) or [gun](https://github.com/ninenines/gun).
|
* `http`: options for [hackney](https://github.com/benoitc/hackney) or [gun](https://github.com/ninenines/gun).
|
||||||
|
@ -84,8 +81,7 @@ def default_cache_control_header, do: @default_cache_control_header
|
||||||
import Plug.Conn
|
import Plug.Conn
|
||||||
|
|
||||||
@type option() ::
|
@type option() ::
|
||||||
{:keep_user_agent, boolean}
|
{:max_read_duration, :timer.time() | :infinity}
|
||||||
| {:max_read_duration, :timer.time() | :infinity}
|
|
||||||
| {:max_body_length, non_neg_integer() | :infinity}
|
| {:max_body_length, non_neg_integer() | :infinity}
|
||||||
| {:failed_request_ttl, :timer.time() | :infinity}
|
| {:failed_request_ttl, :timer.time() | :infinity}
|
||||||
| {:http, []}
|
| {:http, []}
|
||||||
|
@ -291,17 +287,13 @@ defp build_req_range_or_encoding_header(headers, _opts) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp build_req_user_agent_header(headers, opts) do
|
defp build_req_user_agent_header(headers, _opts) do
|
||||||
if Keyword.get(opts, :keep_user_agent, false) do
|
|
||||||
List.keystore(
|
List.keystore(
|
||||||
headers,
|
headers,
|
||||||
"user-agent",
|
"user-agent",
|
||||||
0,
|
0,
|
||||||
{"user-agent", Pleroma.Application.user_agent()}
|
{"user-agent", Pleroma.Application.user_agent()}
|
||||||
)
|
)
|
||||||
else
|
|
||||||
headers
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
defp build_resp_headers(headers, opts) do
|
defp build_resp_headers(headers, opts) do
|
||||||
|
|
|
@ -18,24 +18,23 @@ defmodule Pleroma.ReverseProxyTest do
|
||||||
|
|
||||||
setup :verify_on_exit!
|
setup :verify_on_exit!
|
||||||
|
|
||||||
defp user_agent_mock(user_agent, invokes) do
|
defp user_agent_mock(invokes) do
|
||||||
json = Jason.encode!(%{"user-agent": user_agent})
|
|
||||||
|
|
||||||
ClientMock
|
ClientMock
|
||||||
|> expect(:request, fn :get, url, _, _, _ ->
|
|> expect(:request, fn :get, url, headers, _body, _opts ->
|
||||||
Registry.register(ClientMock, url, 0)
|
Registry.register(ClientMock, url, 0)
|
||||||
|
body = headers |> Enum.into(%{}) |> Jason.encode!()
|
||||||
|
|
||||||
{:ok, 200,
|
{:ok, 200,
|
||||||
[
|
[
|
||||||
{"content-type", "application/json"},
|
{"content-type", "application/json"},
|
||||||
{"content-length", byte_size(json) |> to_string()}
|
{"content-length", byte_size(body) |> to_string()}
|
||||||
], %{url: url}}
|
], %{url: url, body: body}}
|
||||||
end)
|
end)
|
||||||
|> expect(:stream_body, invokes, fn %{url: url} = client ->
|
|> expect(:stream_body, invokes, fn %{url: url, body: body} = client ->
|
||||||
case Registry.lookup(ClientMock, url) do
|
case Registry.lookup(ClientMock, url) do
|
||||||
[{_, 0}] ->
|
[{_, 0}] ->
|
||||||
Registry.update_value(ClientMock, url, &(&1 + 1))
|
Registry.update_value(ClientMock, url, &(&1 + 1))
|
||||||
{:ok, json, client}
|
{:ok, body, client}
|
||||||
|
|
||||||
[{_, 1}] ->
|
[{_, 1}] ->
|
||||||
Registry.unregister(ClientMock, url)
|
Registry.unregister(ClientMock, url)
|
||||||
|
@ -46,7 +45,7 @@ defp user_agent_mock(user_agent, invokes) do
|
||||||
|
|
||||||
describe "reverse proxy" do
|
describe "reverse proxy" do
|
||||||
test "do not track successful request", %{conn: conn} do
|
test "do not track successful request", %{conn: conn} do
|
||||||
user_agent_mock("hackney/1.15.1", 2)
|
user_agent_mock(2)
|
||||||
url = "/success"
|
url = "/success"
|
||||||
|
|
||||||
conn = ReverseProxy.call(conn, url)
|
conn = ReverseProxy.call(conn, url)
|
||||||
|
@ -56,19 +55,16 @@ test "do not track successful request", %{conn: conn} do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "user-agent" do
|
test "use Pleroma's user agent in the request; don't pass the client's", %{conn: conn} do
|
||||||
test "don't keep", %{conn: conn} do
|
user_agent_mock(2)
|
||||||
user_agent_mock("hackney/1.15.1", 2)
|
|
||||||
conn = ReverseProxy.call(conn, "/user-agent")
|
conn =
|
||||||
assert json_response(conn, 200) == %{"user-agent" => "hackney/1.15.1"}
|
conn
|
||||||
end
|
|> Plug.Conn.put_req_header("user-agent", "fake/1.0")
|
||||||
|
|> ReverseProxy.call("/user-agent")
|
||||||
|
|
||||||
test "keep", %{conn: conn} do
|
|
||||||
user_agent_mock(Pleroma.Application.user_agent(), 2)
|
|
||||||
conn = ReverseProxy.call(conn, "/user-agent-keep", keep_user_agent: true)
|
|
||||||
assert json_response(conn, 200) == %{"user-agent" => Pleroma.Application.user_agent()}
|
assert json_response(conn, 200) == %{"user-agent" => Pleroma.Application.user_agent()}
|
||||||
end
|
end
|
||||||
end
|
|
||||||
|
|
||||||
test "closed connection", %{conn: conn} do
|
test "closed connection", %{conn: conn} do
|
||||||
ClientMock
|
ClientMock
|
||||||
|
@ -114,7 +110,7 @@ defp stream_mock(invokes, with_close? \\ false) do
|
||||||
|
|
||||||
describe "max_body" do
|
describe "max_body" do
|
||||||
test "length returns error if content-length more than option", %{conn: conn} do
|
test "length returns error if content-length more than option", %{conn: conn} do
|
||||||
user_agent_mock("hackney/1.15.1", 0)
|
user_agent_mock(0)
|
||||||
|
|
||||||
assert capture_log(fn ->
|
assert capture_log(fn ->
|
||||||
ReverseProxy.call(conn, "/huge-file", max_body_length: 4)
|
ReverseProxy.call(conn, "/huge-file", max_body_length: 4)
|
||||||
|
|
Loading…
Reference in a new issue