Permalink
Browse files

Merge pull request #498 from rails-girls-summer-of-code/feature/camo

Proxy images through camo
  • Loading branch information...
carpodaster committed Jul 15, 2016
2 parents 6af237a + 467bce0 commit 8ef9f0c92d78bc06ef42bff9aac52723a00693cd
Showing with 91 additions and 1 deletion.
  1. +4 −0 .env-example
  2. +1 −0 Gemfile
  3. +2 −0 Gemfile.lock
  4. +3 −0 README.md
  5. +3 −1 app/helpers/markdown_helper.rb
  6. +20 −0 lib/redcarpet_camo_renderer.rb
  7. +58 −0 spec/lib/redcarpet_camo_renderer.rb
@@ -1,2 +1,6 @@
MAILTRAP_USER=InboxUsername
MAILTRAP_PASSWORD=InboxPassword

# Camo proxies insecure images in students' status updates
CAMO_HOST=https://rgsoc-teams-camo.herokuapp.com
CAMO_KEY=supersecret
@@ -36,6 +36,7 @@ gem 'rollbar'

gem 'aasm'
gem 'acts_as_list'
gem 'camo'

group :production do
gem 'unicorn'
@@ -61,6 +61,7 @@ GEM
sass (>= 3.3.4)
builder (3.2.2)
byebug (9.0.5)
camo (0.0.2)
cancancan (1.15.0)
codeclimate-test-reporter (0.6.0)
simplecov (>= 0.7.1, < 1.0.0)
@@ -338,6 +339,7 @@ DEPENDENCIES
bootstrap-kaminari-views
bootstrap-sass
byebug
camo
cancancan
codeclimate-test-reporter
coffee-rails
@@ -160,6 +160,9 @@ at http://teams.railsgirlssummerofcode.org.

Append `-r staging` or `-r production` to any `heroku` command in order to specify the app.

This app uses [camo](https://github.com/atmos/camo) to proxy insecure images in activity logs
when `CAMO_HOST` and `CAMO_KEY` environment variables are set.

### Cron jobs

Set up the Heroku scheduler to run these tasks:
@@ -1,6 +1,8 @@
require 'redcarpet_camo_renderer'

module MarkdownHelper
def render_markdown(source)
renderer = Redcarpet::Render::HTML.new(
renderer = Redcarpet::Render::Camo.new(
filter_html: true,
safe_links_only: true,
hard_wrap: true
@@ -0,0 +1,20 @@
module Redcarpet
module Render
class Camo < Redcarpet::Render::HTML
include ::Camo

def image(link, title, alt_text)
if camo_configured? and link.starts_with?('http:')
link = camo(link)
end
"<img src=\"#{link}\" alt=\"#{alt_text}\" title=\"#{title}\">"
end

private

def camo_configured?
[ENV["CAMO_HOST"], ENV["CAMO_KEY"]].all?(&:present?)
end
end
end
end
@@ -0,0 +1,58 @@
require 'spec_helper'

RSpec.describe Redcarpet::Render::Camo do
describe '#image' do
let(:markdown) { "![hello](#{image})" }

subject { Redcarpet::Markdown.new(described_class).render(markdown) }

context 'with camo environment variables not set' do
before do
allow(ENV).to receive(:[]).with('CAMO_HOST')
allow(ENV).to receive(:[]).with('CAMO_KEY')
end

context 'for a secure image' do
let(:image) { "https://something.securely.funny/foo.gif" }

it 'renders the image as-is' do
expect(subject).to match %r[src="https://something.securely.funny/foo.gif"]
end
end

context 'for an insecure image' do
let(:image) { "http://something.funny/foo.gif" }

it 'renders the image as-is' do
expect(subject).to match %r[src="http://something.funny/foo.gif"]
end
end

end

context 'with camo environment variables set' do
let(:camo_host) { 'https://rgsoc-teams-camo.herokuapp.com' }

before do
allow(ENV).to receive(:[]).with('CAMO_HOST') { camo_host }
allow(ENV).to receive(:[]).with('CAMO_KEY') { SecureRandom.hex }
end

context 'for a secure image' do
let(:image) { "https://something.securely.funny/foo.gif" }

it 'renders the image as-is' do
expect(subject).to match %r[src="https://something.securely.funny/foo.gif"]
end
end

context 'for an insecure image' do
let(:image) { "http://something.funny/foo.gif" }

it 'renders the image as-is' do
expect(subject).to match %r[src="#{camo_host}]
end
end
end
end
end

0 comments on commit 8ef9f0c

Please sign in to comment.