-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfeature_counter_app.rb
90 lines (66 loc) · 2.24 KB
/
feature_counter_app.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#!/usr/bin/env ruby
# feature_counter_app.rb
# Copyright 2012 Robert Jones ([email protected]) Craic Computing LLC
# This code and associated data files are distributed freely under the terms of the MIT license
require 'erb'
require 'open-uri'
require 'base64'
$:.unshift File.join(File.dirname(__FILE__))
class FeatureCounterApp < Sinatra::Base
set :root, File.dirname(__FILE__)
set :static, true
get '/' do
@error = ''
@url = ''
@image_type = ''
if params['url']
@url = params['url']
if not @url =~ /^http/
@error = "You did not enter a valid URL"
end
if @url =~ /\.jpe?g\s*$/i
@image_type = 'jpeg'
elsif @url =~ /\.png\s*$/i
@image_type = 'png'
elsif @url =~ /\.gif\s*$/i
@image_type = 'gif'
else
@error = "Image URLs must end with jpg, png or gif - note that some web images use non-standard URLs" if @error == ''
end
# add the request IP before encoding to prevent direct use of the proxy action (s)
@proxy_url = "/s?q=" + Base64.urlsafe_encode64(params['url'] + request.ip())
end
@url = '' if @error != ''
erb :index
end
# proxy method to fetch images - this gets over the security restriction
# that prevents saving the modified image if the original image comes from a different server
# called 's' just to avoid obvious names like 'proxy'
# BUT be very careful with a proxy - it could be used for nasty images, etc.
get '/s' do
valid_content_types = { "image/jpeg" => 1, "image/png" => 1, "image/gif" => 1 }
@url = ''
if params['q']
str = Base64.urlsafe_decode64(params['q'])
# this will only work if the current request IP is the same as the one used to create the url
secret = request.ip()
@url = str.sub!(/#{secret}$/, '')
# STDERR.puts "URL #{params['q']}"
# STDERR.puts "decoded URL #{@url}"
end
ct = ''
data = open(@url, 'rb') {|f|
ct = f.content_type
f.read
}
# validate the content_type
if valid_content_types[ct]
content_type ct # use the content_type helper
data
else
# error message if an invalid type
"Error: invalid image type"
# return a error message image ?
end
end
end