summaryrefslogtreecommitdiff
path: root/lib/gitlab/asset_proxy.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/asset_proxy.rb')
-rw-r--r--lib/gitlab/asset_proxy.rb33
1 files changed, 33 insertions, 0 deletions
diff --git a/lib/gitlab/asset_proxy.rb b/lib/gitlab/asset_proxy.rb
new file mode 100644
index 00000000000..fd7c58ba68f
--- /dev/null
+++ b/lib/gitlab/asset_proxy.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+# This is based on https://github.com/jch/html-pipeline/blob/v2.12.2/lib/html/pipeline/camo_filter.rb
+# and Banzai::Filter::AssetProxyFilter which we use to proxy images in Markdown
+
+module Gitlab
+ module AssetProxy
+ class << self
+ def proxy_url(url)
+ return url unless Gitlab.config.asset_proxy.enabled
+ return url if asset_host_whitelisted?(url)
+
+ "#{Gitlab.config.asset_proxy.url}/#{asset_url_hash(url)}/#{hexencode(url)}"
+ end
+
+ private
+
+ def asset_host_whitelisted?(url)
+ parsed_url = URI.parse(url)
+
+ Gitlab.config.asset_proxy.domain_regexp&.match?(parsed_url.host)
+ end
+
+ def asset_url_hash(url)
+ OpenSSL::HMAC.hexdigest('sha1', Gitlab.config.asset_proxy.secret_key, url)
+ end
+
+ def hexencode(str)
+ str.unpack1('H*')
+ end
+ end
+ end
+end
View Lorry Controller Status