Skip to content
This repository has been archived by the owner on Apr 7, 2021. It is now read-only.

Commit

Permalink
dest_url needs to be defined, it's undefined on poorly formatted imag…
Browse files Browse the repository at this point in the history 
…e urls
  • Loading branch information
@atmos
atmos committed Jul 1, 2011
1 parent 39f6078 commit 4bc6d00
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 32 deletions.
10 changes: 3 additions & 7 deletions server.coffee
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,8 +66,7 @@ server = Http.createServer (req, resp) ->

delete(req.headers.cookie)

pathname = url.pathname.replace(/&/, '&')
[query_digest, encoded_url] = pathname.replace(/^\//, '').split("/", 2)
[query_digest, encoded_url] = url.pathname.replace(/^\//, '').split("/", 2)
if encoded_url = hexdec(encoded_url)
url_type = 'path'
dest_url = encoded_url
Expand All @@ -83,12 +82,9 @@ server = Http.createServer (req, resp) ->
digest: query_digest
})

if url.pathname?
if url.pathname? && dest_url
hmac = Crypto.createHmac("sha1", shared_key)
try
hmac.update(dest_url)
catch error
console.log "Error on #{req.url} - #{dest_url}"
hmac.update(dest_url)

hmac_digest = hmac.digest('hex')

Expand Down
13 changes: 4 additions & 9 deletions server.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

28 changes: 12 additions & 16 deletions test/proxy_test.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,17 +28,6 @@ def test_proxy_valid_google_chart_url
assert_equal(200, response.code)
end

def test_hmac_update_obscure_error
urls = [
"http://share.kyleneath.com/captures/Testing_-_TestingAppDelegate.m-20110309-142723.png",
"http://cdn.shopify.com/s/files/1/0051/4802/products/featured_2.jpg?1287582804"
]
urls.each do |url|
response = request(url)
assert_equal(200, response.code)
end
end

def test_404s_on_urls_without_an_http_host
assert_raise RestClient::ResourceNotFound do
request('/picture/Mincemeat/Pimp.jpg')
Expand Down Expand Up @@ -105,14 +94,18 @@ def test_404s_on_environmental_excludes
class CamoProxyQueryStringTest < Test::Unit::TestCase
include CamoProxyTests

def request(image_url)
def request_uri(image_url)
hexdigest = OpenSSL::HMAC.hexdigest(
OpenSSL::Digest::Digest.new('sha1'), config['key'], image_url)

uri = Addressable::URI.parse("#{config['host']}/#{hexdigest}")
uri.query_values = { 'url' => image_url, 'repo' => '', 'path' => '' }

RestClient.get(uri.to_s)
uri.to_s
end

def request(image_url)
RestClient.get(request_uri(image_url))
end
end

Expand All @@ -123,11 +116,14 @@ def hexenc(image_url)
image_url.to_enum(:each_byte).map { |byte| "%02x" % byte }.join
end

def request(image_url)
def request_uri(image_url)
hexdigest = OpenSSL::HMAC.hexdigest(
OpenSSL::Digest::Digest.new('sha1'), config['key'], image_url)
encoded_image_url = hexenc(image_url)
uri = "#{config['host']}/#{hexdigest}/#{encoded_image_url}"
RestClient.get(uri)
"#{config['host']}/#{hexdigest}/#{encoded_image_url}"
end

def request(image_url)
RestClient.get(request_uri(image_url))
end
end

0 comments on commit 4bc6d00

Please sign in to comment.