Add a minimal image proxy #1
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
To provide some safety when linking to user-supplied external images, we
provide a simple image proxy handler. Images accessed through this proxy
will only be served if they meet the following criteria:
- Appear to be valid image files
- Are in a permitted format: GIF, JPEG, PNG or WebP
- Do not have an excessive width or height (5000 pixels max, by default)
To serve an image through this proxy, its URL should be passed to the
handler's path as a `src` query param. The path is supplied to the
application in the `IMAGE_PROXY_PATH` environment variable.
We also provide a helper method to make forming the proxy links easier:
Thruster.image_proxy_path('https://example.com/image.jpg')
kevinmcconnell
force-pushed
the
image-proxy
branch
from
eda3d10 to
9608862
Compare
I would suggest integrating with Active Storage instead (so no application changes would be required, just a configuration one); see, for example, https://github.com/imgproxy/imgproxy-rails |
|
ooo, is this gonna be used in HEY? |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To provide some safety when linking to user-supplied external images, we can provide a simple image proxy handler. Images accessed through this proxy will only be served if they meet the following criteria:
To serve an image through this proxy, its URL should be passed to the handler's path as a
srcquery param. The path is supplied to the application in theIMAGE_PROXY_PATHenvironment variable.We'll also provide a helper method to make forming the proxy links easier:
This will result in a URL something like the following, which will route the image request through Thruster's proxy handler: