mirror of
https://git.pleroma.social/sjw/pleroma.git
synced 2024-11-16 22:26:16 +01:00
Validate Host header matches expected value before allowing access to MediaProxy
This commit is contained in:
parent
506a1c98e7
commit
843fcca5b4
@ -12,6 +12,7 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do
|
||||
alias Pleroma.Web.MediaProxy
|
||||
alias Plug.Conn
|
||||
|
||||
plug(:validate_host)
|
||||
plug(:sandbox)
|
||||
|
||||
def remote(conn, %{"sig" => sig64, "url" => url64}) do
|
||||
@ -205,6 +206,17 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyController do
|
||||
Config.get([:media_proxy, :proxy_opts], [])
|
||||
end
|
||||
|
||||
defp validate_host(conn, _params) do
|
||||
proxy_host = MediaProxy.base_url() |> URI.parse() |> Map.get(:host)
|
||||
|
||||
if match?(^proxy_host, conn.host) do
|
||||
conn
|
||||
else
|
||||
send_resp(conn, 400, Conn.Status.reason_phrase(400))
|
||||
|> halt()
|
||||
end
|
||||
end
|
||||
|
||||
defp sandbox(conn, _params) do
|
||||
conn
|
||||
|> merge_resp_headers([{"content-security-policy", "sandbox;"}])
|
||||
|
@ -54,6 +54,23 @@ defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do
|
||||
} = get(conn, "/proxy/hhgfh/eeee/fff")
|
||||
end
|
||||
|
||||
test "it returns a 400 for invalid host", %{conn: conn} do
|
||||
clear_config([:media_proxy, :base_url], "http://mp.localhost/")
|
||||
|
||||
url =
|
||||
MediaProxy.encode_url("https://pleroma.social/logo.jpeg")
|
||||
|> URI.parse()
|
||||
|> Map.put(:host, "wronghost")
|
||||
|> URI.to_string()
|
||||
|
||||
with_mock Pleroma.ReverseProxy,
|
||||
call: fn _conn, _url, _opts -> %Conn{status: :success} end do
|
||||
%{status: status} = get(conn, url)
|
||||
|
||||
assert status == 400
|
||||
end
|
||||
end
|
||||
|
||||
test "redirects to valid url when filename is invalidated", %{conn: conn, url: url} do
|
||||
invalid_url = String.replace(url, "test.png", "test-file.png")
|
||||
response = get(conn, invalid_url)
|
||||
|
Loading…
Reference in New Issue
Block a user