Home Explore Help
Register Sign In
lqb
/
imgproxy
mirror of https://github.com/imgproxy/imgproxy.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

IMGPROXY_MAX_REDIRECTS config (#797)

* IMGPROXY_MAX_REDIRECTS config

* Apply suggestions from code review

Co-authored-by: Travis-Turner <32389151+Travis-Turner@users.noreply.github.com>

Co-authored-by: Travis-Turner <32389151+Travis-Turner@users.noreply.github.com>
Sergey Alexandrovich 3 years ago
parent
3997a0fea0
commit
ec02fc53a5
4 changed files with 17 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      CHANGELOG.md
  2. 4 0
      config/config.go
  3. 4 0
      docs/configuration.md
  4. 7 0
      imagedata/download.go

+ 2 - 0
CHANGELOG.md
View File 

@@ -1,6 +1,8 @@
 
 # Changelog
 
 
 ## [Unreleased]
 
+### Added
 
+- Add the `IMGPROXY_MAX_REDIRECTS` config.
 
 
 ## [3.2.2] - 2022-02-08
 
 ### Fix

+ 4 - 0
config/config.go
View File 

@@ -37,6 +37,7 @@ var (
 
 	MaxSrcFileSize     int
 
 	MaxAnimationFrames int
 
 	MaxSvgCheckBytes   int
 
+	MaxRedirects       int
 
 
 	JpegProgressive       bool
 
 	PngInterlaced         bool
 
@@ -174,6 +175,7 @@ func Reset() {
 
 	MaxSrcFileSize = 0
 
 	MaxAnimationFrames = 1
 
 	MaxSvgCheckBytes = 32 * 1024
 
+	MaxRedirects = 10
 
 
 	JpegProgressive = false
 
 	PngInterlaced = false
 
@@ -303,6 +305,8 @@ func Configure() error {
 
 
 	configurators.Int(&MaxAnimationFrames, "IMGPROXY_MAX_ANIMATION_FRAMES")
 
 
+	configurators.Int(&MaxRedirects, "IMGPROXY_MAX_REDIRECTS")
 
+
 
 	configurators.Patterns(&AllowedSources, "IMGPROXY_ALLOWED_SOURCES")
 
 
 	configurators.Bool(&JpegProgressive, "IMGPROXY_JPEG_PROGRESSIVE")

+ 4 - 0
docs/configuration.md
View File 

@@ -67,6 +67,10 @@ To check if the source image is SVG, imgproxy reads some amount of bytes; by def
 
 
 * `IMGPROXY_MAX_SVG_CHECK_BYTES`: the maximum number of bytes imgproxy will read to recognize SVG files. If imgproxy is unable to recognize your SVG, try increasing this number. Default: `32768` (32KB)
 
 
+Requests to some image sources may go through too many redirects or enter an infinite loop. You can limit the number of allowed redirects:
 
+
 
+* `IMGPROXY_MAX_REDIRECTS`: the max number of redirects imgproxy can follow while requesting the source image
 
+
 
 You can also specify a secret key to enable authorization with the HTTP `Authorization` header for use in production environments:
 
 
 * `IMGPROXY_SECRET`: the authorization token. If specified, the HTTP request should contain the `Authorization: Bearer %secret%` header.

+ 7 - 0
imagedata/download.go
View File 

@@ -97,6 +97,13 @@ func initDownloading() error {
 
 	downloadClient = &http.Client{
 
 		Timeout:   time.Duration(config.DownloadTimeout) * time.Second,
 
 		Transport: transport,
 
+		CheckRedirect: func(req *http.Request, via []*http.Request) error {
 
+			redirects := len(via)
 
+			if redirects >= config.MaxRedirects {
 
+				return fmt.Errorf("stopped after %d redirects", redirects)
 
+			}
 
+			return nil
 
+		},
 
 	}
 
 
 	return nil