Provide configuration to allow camo-media proxying (#12802)

* Provide configuration to allow camo-media proxying

Fix #916

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

modules/markup/camo.go

@@ -0,0 +1,47 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package markup
+
+import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"encoding/base64"
+	"net/url"
+	"strings"
+
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
+)
+
+// CamoEncode encodes a lnk to fit with the go-camo and camo proxy links. The purposes of camo-proxy are:
+// 1. Allow accessing "http://" images on a HTTPS site by using the "https://" URLs provided by camo-proxy.
+// 2. Hide the visitor's real IP (protect privacy) when accessing external images.
+func CamoEncode(link string) string {
+	if strings.HasPrefix(link, setting.Camo.ServerURL) {
+		return link
+	}
+
+	mac := hmac.New(sha1.New, []byte(setting.Camo.HMACKey))
+	_, _ = mac.Write([]byte(link)) // hmac does not return errors
+	macSum := b64encode(mac.Sum(nil))
+	encodedURL := b64encode([]byte(link))
+
+	return util.URLJoin(setting.Camo.ServerURL, macSum, encodedURL)
+}
+
+func b64encode(data []byte) string {
+	return strings.TrimRight(base64.URLEncoding.EncodeToString(data), "=")
+}
+
+func camoHandleLink(link string) string {
+	if setting.Camo.Enabled {
+		lnkURL, err := url.Parse(link)
+		if err == nil && lnkURL.IsAbs() && !strings.HasPrefix(link, setting.AppURL) &&
+			(setting.Camo.Allways || lnkURL.Scheme != "https") {
+			return CamoEncode(link)
+		}
+	}
+	return link
+}

modules/markup/camo_test.go

@@ -0,0 +1,45 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package markup
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/modules/setting"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestCamoHandleLink(t *testing.T) {
+	setting.AppURL = "https://gitea.com"
+	// Test media proxy
+	setting.Camo.Enabled = true
+	setting.Camo.ServerURL = "https://image.proxy"
+	setting.Camo.HMACKey = "geheim"
+
+	assert.Equal(t,
+		"https://gitea.com/img.jpg",
+		camoHandleLink("https://gitea.com/img.jpg"))
+	assert.Equal(t,
+		"https://testimages.org/img.jpg",
+		camoHandleLink("https://testimages.org/img.jpg"))
+	assert.Equal(t,
+		"https://image.proxy/eivin43gJwGVIjR9MiYYtFIk0mw/aHR0cDovL3Rlc3RpbWFnZXMub3JnL2ltZy5qcGc",
+		camoHandleLink("http://testimages.org/img.jpg"))
+
+	setting.Camo.Allways = true
+	assert.Equal(t,
+		"https://gitea.com/img.jpg",
+		camoHandleLink("https://gitea.com/img.jpg"))
+	assert.Equal(t,
+		"https://image.proxy/tkdlvmqpbIr7SjONfHNgEU622y0/aHR0cHM6Ly90ZXN0aW1hZ2VzLm9yZy9pbWcuanBn",
+		camoHandleLink("https://testimages.org/img.jpg"))
+	assert.Equal(t,
+		"https://image.proxy/eivin43gJwGVIjR9MiYYtFIk0mw/aHR0cDovL3Rlc3RpbWFnZXMub3JnL2ltZy5qcGc",
+		camoHandleLink("http://testimages.org/img.jpg"))
+
+	// Restore previous settings
+	setting.Camo.Enabled = false
+}

modules/markup/html.go

@@ -386,6 +386,7 @@ func visitNode(ctx *RenderContext, procs, textProcs []processor, node *html.Node
 
 					attr.Val = util.URLJoin(prefix, attr.Val)
 				}
+				attr.Val = camoHandleLink(attr.Val)
 				node.Attr[i] = attr
 			}
 		} else if node.Data == "a" {