1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
package koushinviewhtml
import (
"io"
"mime"
"net/http"
"net/url"
"strconv"
"strings"
"git.sr.ht/~emersion/koushin"
"github.com/labstack/echo/v4"
)
var (
proxyEnabled = true
proxyMaxSize = 5 * 1024 * 1024 // 5 MiB
)
func init() {
p := koushin.GoPlugin{Name: "viewhtml"}
p.GET("/proxy", func(ctx *koushin.Context) error {
if !proxyEnabled {
return echo.NewHTTPError(http.StatusForbidden, "proxy disabled")
}
u, err := url.Parse(ctx.QueryParam("src"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "invalid URL")
}
if u.Scheme != "https" {
return echo.NewHTTPError(http.StatusBadRequest, "invalid scheme")
}
resp, err := http.Get(u.String())
if err != nil {
return err
}
defer resp.Body.Close()
mediaType, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
if err != nil || !strings.HasPrefix(mediaType, "image/") {
return echo.NewHTTPError(http.StatusBadRequest, "invalid resource type")
}
size, err := strconv.Atoi(resp.Header.Get("Content-Length"))
if err != nil || size > proxyMaxSize {
return echo.NewHTTPError(http.StatusBadRequest, "invalid resource length")
}
ctx.Response().Header().Set("Content-Length", strconv.Itoa(size))
lr := io.LimitedReader{resp.Body, int64(proxyMaxSize)}
return ctx.Stream(http.StatusOK, mediaType, &lr)
})
koushin.RegisterPluginLoader(p.Loader())
}
|
