Skip to content

iSC-Host/mozillawebmakerproxy.net

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

311 Commits

log

log

 
 

tasks

tasks

 
 

test

test

 
 

tmp

tmp

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

AUTHORS

AUTHORS

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE.md

LICENSE.md

 
 

Procfile

Procfile

 
 

README.md

README.md

 
 

Rakefile

Rakefile

 
 

mime-types.json

mime-types.json

 
 

package.json

package.json

 
 

server.coffee

server.coffee

 
 

server.js

server.js

 
 

test.gemfile

test.gemfile

 
 

test.gemfile.lock

test.gemfile.lock

 
 

Repository files navigation

Camo is all about making insecure assets look secure. This is an SSL image proxy to prevent mixed content warnings on secure pages served from GitHub.

camo

We want to allow people to keep embedding images in comments/issues/READMEs.

There's more info on the GitHub blog.

Using a shared key, proxy URLs are encrypted with hmac so we can bust caches/ban/rate limit if needed.

Camo currently runs on node version 0.10.26 at GitHub on heroku.

Features

  • Max size for proxied images
  • Follow redirects to a certain depth
  • Restricts proxied images content-types to a whitelist
  • 404s for anything other than a 200, 301, 302, 303, 304 or 307 HTTP response

At GitHub we render markdown and replace all of the src attributes on the img tags with the appropriate URL to hit the proxies. There's example code for creating URLs in the tests.

URL Formats

Camo supports two distinct URL formats:

http://example.org/<digest>?url=<image-url>
http://example.org/<digest>/<image-url>

The <digest> is a 40 character hex encoded HMAC digest generated with a shared secret key and the unescaped <image-url> value. The <image-url> is the absolute URL locating an image. In the first format, the <image-url> should be URL escaped aggressively to ensure the original value isn't mangled in transit. In the second format, each byte of the <image-url> should be hex encoded such that the resulting value includes only characters [0-9a-f].

Configuration

Camo is configured through environment variables.

  • PORT: The port number Camo should listen on. (default: 8081)
  • CAMO_HEADER_VIA: The string for Camo to include in the Via and User-Agent headers it sends in requests to origin servers. (default: Camo Asset Proxy <version>)
  • CAMO_KEY: The shared key used to generate the HMAC digest.
  • CAMO_LENGTH_LIMIT: The maximum Content-Length Camo will proxy. (default: 5242880)
  • CAMO_LOGGING_ENABLED: The logging level used for reporting debug or error information. Options are debug and disabled. (default: disabled)
  • CAMO_MAX_REDIRECTS: The maximum number of redirects Camo will follow while fetching an image. (default: 4)
  • CAMO_SOCKET_TIMEOUT: The maximum number of seconds Camo will wait before giving up on fetching an image. (default: 10)
  • CAMO_TIMING_ALLOW_ORIGIN: The string for Camo to include in the Timing-Allow-Origin header it sends in responses to clients. The header is omitted if this environment variable is not set. (default: not set)

Testing Functionality

Bundle Everything

% rake bundle

Start the server

% coffee server.coffee

In another shell

% rake

Debugging

To see the full URL restclient is hitting etc, try this.

% RESTCLIENT_LOG=stdout rake

Deployment

You can see an example god config here.

To enable useful line numbers in stacktraces you probably want to compile the server.coffee file to native javascript when deploying.

% coffee -c server.coffee
% /usr/bin/env PORT=9090 CAMO_KEY="<my application key>" node server.js

About

a small http proxy to simplify routing images through an SSL host

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

43 tags

Packages

No packages published

Languages

  • CoffeeScript 52.2%
  • Ruby 47.8%