mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-14 02:42:40 +01:00
Delete PhabricatorRemarkupRuleProxyImage
Summary: don't need it now that uploading files is so easy. Plus it made for some buggy jonx if / when there were bad image links coupled with caching. In theory this is a lot less pretty though if folks linked to a bunch of files served elsewhere using images. Test Plan: http://does-not-exist.com/imaginary.jpg rendered as a link! Reviewers: epriestley Reviewed By: epriestley CC: aran, Korvin Maniphest Tasks: T2000 Differential Revision: https://secure.phabricator.com/D3908
This commit is contained in:
parent
7332599e03
commit
9966af50dd
9 changed files with 10 additions and 147 deletions
|
@ -856,17 +856,6 @@ return array(
|
||||||
'image/vnd.microsoft.icon' => true,
|
'image/vnd.microsoft.icon' => true,
|
||||||
),
|
),
|
||||||
|
|
||||||
// Phabricator can proxy images from other servers so you can paste the URI
|
|
||||||
// to a funny picture of a cat into the comment box and have it show up as an
|
|
||||||
// image. However, this means the webserver Phabricator is running on will
|
|
||||||
// make HTTP requests to arbitrary URIs. If the server has access to internal
|
|
||||||
// resources, this could be a security risk. You should only enable it if you
|
|
||||||
// are installed entirely a VPN and VPN access is required to access
|
|
||||||
// Phabricator, or if the webserver has no special access to anything. If
|
|
||||||
// unsure, it is safer to leave this disabled.
|
|
||||||
'files.enable-proxy' => false,
|
|
||||||
|
|
||||||
|
|
||||||
// -- Storage --------------------------------------------------------------- //
|
// -- Storage --------------------------------------------------------------- //
|
||||||
|
|
||||||
// Phabricator allows users to upload files, and can keep them in various
|
// Phabricator allows users to upload files, and can keep them in various
|
||||||
|
|
1
resources/sql/patches/dropfileproxyimage.sql
Normal file
1
resources/sql/patches/dropfileproxyimage.sql
Normal file
|
@ -0,0 +1 @@
|
||||||
|
DROP TABLE {$NAMESPACE}_file.file_proxyimage;
|
|
@ -744,8 +744,6 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorFileLinkListView' => 'view/layout/PhabricatorFileLinkListView.php',
|
'PhabricatorFileLinkListView' => 'view/layout/PhabricatorFileLinkListView.php',
|
||||||
'PhabricatorFileLinkView' => 'view/layout/PhabricatorFileLinkView.php',
|
'PhabricatorFileLinkView' => 'view/layout/PhabricatorFileLinkView.php',
|
||||||
'PhabricatorFileListController' => 'applications/files/controller/PhabricatorFileListController.php',
|
'PhabricatorFileListController' => 'applications/files/controller/PhabricatorFileListController.php',
|
||||||
'PhabricatorFileProxyController' => 'applications/files/controller/PhabricatorFileProxyController.php',
|
|
||||||
'PhabricatorFileProxyImage' => 'applications/files/storage/PhabricatorFileProxyImage.php',
|
|
||||||
'PhabricatorFileQuery' => 'applications/files/query/PhabricatorFileQuery.php',
|
'PhabricatorFileQuery' => 'applications/files/query/PhabricatorFileQuery.php',
|
||||||
'PhabricatorFileShortcutController' => 'applications/files/controller/PhabricatorFileShortcutController.php',
|
'PhabricatorFileShortcutController' => 'applications/files/controller/PhabricatorFileShortcutController.php',
|
||||||
'PhabricatorFileSideNavView' => 'applications/files/view/PhabricatorFileSideNavView.php',
|
'PhabricatorFileSideNavView' => 'applications/files/view/PhabricatorFileSideNavView.php',
|
||||||
|
@ -987,7 +985,6 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorRemarkupRuleObjectName' => 'infrastructure/markup/rule/PhabricatorRemarkupRuleObjectName.php',
|
'PhabricatorRemarkupRuleObjectName' => 'infrastructure/markup/rule/PhabricatorRemarkupRuleObjectName.php',
|
||||||
'PhabricatorRemarkupRulePaste' => 'infrastructure/markup/rule/PhabricatorRemarkupRulePaste.php',
|
'PhabricatorRemarkupRulePaste' => 'infrastructure/markup/rule/PhabricatorRemarkupRulePaste.php',
|
||||||
'PhabricatorRemarkupRulePhriction' => 'infrastructure/markup/rule/PhabricatorRemarkupRulePhriction.php',
|
'PhabricatorRemarkupRulePhriction' => 'infrastructure/markup/rule/PhabricatorRemarkupRulePhriction.php',
|
||||||
'PhabricatorRemarkupRuleProxyImage' => 'infrastructure/markup/rule/PhabricatorRemarkupRuleProxyImage.php',
|
|
||||||
'PhabricatorRemarkupRuleYoutube' => 'infrastructure/markup/rule/PhabricatorRemarkupRuleYoutube.php',
|
'PhabricatorRemarkupRuleYoutube' => 'infrastructure/markup/rule/PhabricatorRemarkupRuleYoutube.php',
|
||||||
'PhabricatorRepository' => 'applications/repository/storage/PhabricatorRepository.php',
|
'PhabricatorRepository' => 'applications/repository/storage/PhabricatorRepository.php',
|
||||||
'PhabricatorRepositoryArcanistProject' => 'applications/repository/storage/PhabricatorRepositoryArcanistProject.php',
|
'PhabricatorRepositoryArcanistProject' => 'applications/repository/storage/PhabricatorRepositoryArcanistProject.php',
|
||||||
|
@ -1955,8 +1952,6 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorFileLinkListView' => 'AphrontView',
|
'PhabricatorFileLinkListView' => 'AphrontView',
|
||||||
'PhabricatorFileLinkView' => 'AphrontView',
|
'PhabricatorFileLinkView' => 'AphrontView',
|
||||||
'PhabricatorFileListController' => 'PhabricatorFileController',
|
'PhabricatorFileListController' => 'PhabricatorFileController',
|
||||||
'PhabricatorFileProxyController' => 'PhabricatorFileController',
|
|
||||||
'PhabricatorFileProxyImage' => 'PhabricatorFileDAO',
|
|
||||||
'PhabricatorFileQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
|
'PhabricatorFileQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
|
||||||
'PhabricatorFileShortcutController' => 'PhabricatorFileController',
|
'PhabricatorFileShortcutController' => 'PhabricatorFileController',
|
||||||
'PhabricatorFileSideNavView' => 'AphrontView',
|
'PhabricatorFileSideNavView' => 'AphrontView',
|
||||||
|
@ -2172,7 +2167,6 @@ phutil_register_library_map(array(
|
||||||
'PhabricatorRemarkupRuleObjectName' => 'PhutilRemarkupRule',
|
'PhabricatorRemarkupRuleObjectName' => 'PhutilRemarkupRule',
|
||||||
'PhabricatorRemarkupRulePaste' => 'PhabricatorRemarkupRuleObjectName',
|
'PhabricatorRemarkupRulePaste' => 'PhabricatorRemarkupRuleObjectName',
|
||||||
'PhabricatorRemarkupRulePhriction' => 'PhutilRemarkupRule',
|
'PhabricatorRemarkupRulePhriction' => 'PhutilRemarkupRule',
|
||||||
'PhabricatorRemarkupRuleProxyImage' => 'PhutilRemarkupRule',
|
|
||||||
'PhabricatorRemarkupRuleYoutube' => 'PhutilRemarkupRule',
|
'PhabricatorRemarkupRuleYoutube' => 'PhutilRemarkupRule',
|
||||||
'PhabricatorRepository' => 'PhabricatorRepositoryDAO',
|
'PhabricatorRepository' => 'PhabricatorRepositoryDAO',
|
||||||
'PhabricatorRepositoryArcanistProject' => 'PhabricatorRepositoryDAO',
|
'PhabricatorRepositoryArcanistProject' => 'PhabricatorRepositoryDAO',
|
||||||
|
|
|
@ -1,54 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
final class PhabricatorFileProxyController extends PhabricatorFileController {
|
|
||||||
|
|
||||||
private $uri;
|
|
||||||
|
|
||||||
public function processRequest() {
|
|
||||||
|
|
||||||
if (!PhabricatorEnv::getEnvConfig('files.enable-proxy')) {
|
|
||||||
return new Aphront400Response();
|
|
||||||
}
|
|
||||||
|
|
||||||
$request = $this->getRequest();
|
|
||||||
$uri = $request->getStr('uri');
|
|
||||||
|
|
||||||
$proxy = id(new PhabricatorFileProxyImage())->loadOneWhere(
|
|
||||||
'uri = %s',
|
|
||||||
$uri);
|
|
||||||
|
|
||||||
if (!$proxy) {
|
|
||||||
// This write is fine to skip CSRF checks for, we're just building a
|
|
||||||
// cache of some remote image.
|
|
||||||
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
|
|
||||||
|
|
||||||
$file = PhabricatorFile::newFromFileDownload(
|
|
||||||
$uri,
|
|
||||||
nonempty(basename($uri), 'proxied-file'));
|
|
||||||
if ($file) {
|
|
||||||
$proxy = new PhabricatorFileProxyImage();
|
|
||||||
$proxy->setURI($uri);
|
|
||||||
$proxy->setFilePHID($file->getPHID());
|
|
||||||
$proxy->save();
|
|
||||||
}
|
|
||||||
|
|
||||||
unset($unguarded);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($proxy) {
|
|
||||||
$file = id(new PhabricatorFile())->loadOneWhere('phid = %s',
|
|
||||||
$proxy->getFilePHID());
|
|
||||||
if ($file) {
|
|
||||||
$view_uri = $file->getBestURI();
|
|
||||||
} else {
|
|
||||||
$bad_phid = $proxy->getFilePHID();
|
|
||||||
throw new Exception(
|
|
||||||
"Unable to load file with phid {$bad_phid}."
|
|
||||||
);
|
|
||||||
}
|
|
||||||
return id(new AphrontRedirectResponse())->setURI($view_uri);
|
|
||||||
}
|
|
||||||
|
|
||||||
return new Aphront400Response();
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,18 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
final class PhabricatorFileProxyImage extends PhabricatorFileDAO {
|
|
||||||
|
|
||||||
protected $uri;
|
|
||||||
protected $filePHID;
|
|
||||||
|
|
||||||
public function getConfiguration() {
|
|
||||||
return array(
|
|
||||||
self::CONFIG_TIMESTAMPS => false,
|
|
||||||
) + parent::getConfiguration();
|
|
||||||
}
|
|
||||||
|
|
||||||
static public function getProxyImageURI($uri) {
|
|
||||||
return '/file/proxy/?uri='.phutil_escape_uri($uri);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
|
@ -307,16 +307,14 @@ Valid options are:
|
||||||
|
|
||||||
= Embedding Media =
|
= Embedding Media =
|
||||||
|
|
||||||
If you set configuration flags, you can embed media directly in text:
|
If you set a configuration flag, you can embed media directly in text:
|
||||||
|
|
||||||
- **files.enable-proxy**: allows you to paste in image URLs and have them
|
|
||||||
render inline.
|
|
||||||
- **remarkup.enable-embedded-youtube**: allows you to paste in YouTube videos
|
- **remarkup.enable-embedded-youtube**: allows you to paste in YouTube videos
|
||||||
and have them render inline.
|
and have them render inline.
|
||||||
|
|
||||||
These options are disabled by default because they have security and/or
|
This option is disabled by default because it has security and/or
|
||||||
silliness implications, read their descriptions in ##default.conf.php## before
|
silliness implications. Read the description in ##default.conf.php## before
|
||||||
enabling them.
|
enabling it.
|
||||||
|
|
||||||
= Image Macros =
|
= Image Macros =
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,7 @@ final class PhabricatorMarkupEngine {
|
||||||
|
|
||||||
private $objects = array();
|
private $objects = array();
|
||||||
private $viewer;
|
private $viewer;
|
||||||
private $version = 0;
|
private $version = 1;
|
||||||
|
|
||||||
|
|
||||||
/* -( Markup Pipeline )---------------------------------------------------- */
|
/* -( Markup Pipeline )---------------------------------------------------- */
|
||||||
|
@ -286,7 +286,6 @@ final class PhabricatorMarkupEngine {
|
||||||
return self::newMarkupEngine(
|
return self::newMarkupEngine(
|
||||||
array(
|
array(
|
||||||
'macros' => false,
|
'macros' => false,
|
||||||
'fileproxy' => false,
|
|
||||||
'youtube' => false,
|
'youtube' => false,
|
||||||
|
|
||||||
));
|
));
|
||||||
|
@ -345,7 +344,6 @@ final class PhabricatorMarkupEngine {
|
||||||
private static function getMarkupEngineDefaultConfiguration() {
|
private static function getMarkupEngineDefaultConfiguration() {
|
||||||
return array(
|
return array(
|
||||||
'pygments' => PhabricatorEnv::getEnvConfig('pygments.enabled'),
|
'pygments' => PhabricatorEnv::getEnvConfig('pygments.enabled'),
|
||||||
'fileproxy' => PhabricatorEnv::getEnvConfig('files.enable-proxy'),
|
|
||||||
'youtube' => PhabricatorEnv::getEnvConfig(
|
'youtube' => PhabricatorEnv::getEnvConfig(
|
||||||
'remarkup.enable-embedded-youtube'),
|
'remarkup.enable-embedded-youtube'),
|
||||||
'custom-inline' => array(),
|
'custom-inline' => array(),
|
||||||
|
@ -394,10 +392,6 @@ final class PhabricatorMarkupEngine {
|
||||||
|
|
||||||
$rules[] = new PhutilRemarkupRuleDocumentLink();
|
$rules[] = new PhutilRemarkupRuleDocumentLink();
|
||||||
|
|
||||||
if ($options['fileproxy']) {
|
|
||||||
$rules[] = new PhabricatorRemarkupRuleProxyImage();
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($options['youtube']) {
|
if ($options['youtube']) {
|
||||||
$rules[] = new PhabricatorRemarkupRuleYoutube();
|
$rules[] = new PhabricatorRemarkupRuleYoutube();
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,45 +0,0 @@
|
||||||
<?php
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @group markup
|
|
||||||
*/
|
|
||||||
final class PhabricatorRemarkupRuleProxyImage
|
|
||||||
extends PhutilRemarkupRule {
|
|
||||||
|
|
||||||
public function apply($text) {
|
|
||||||
|
|
||||||
$filetypes = '\.(?:jpe?g|png|gif)';
|
|
||||||
|
|
||||||
$text = preg_replace_callback(
|
|
||||||
'@[<](\w{3,}://.+?'.$filetypes.')[>]@',
|
|
||||||
array($this, 'markupProxyImage'),
|
|
||||||
$text);
|
|
||||||
|
|
||||||
$text = preg_replace_callback(
|
|
||||||
'@(?<=^|\s)(\w{3,}://\S+'.$filetypes.')(?=\s|$)@',
|
|
||||||
array($this, 'markupProxyImage'),
|
|
||||||
$text);
|
|
||||||
|
|
||||||
return $text;
|
|
||||||
}
|
|
||||||
|
|
||||||
public function markupProxyImage($matches) {
|
|
||||||
|
|
||||||
$uri = PhabricatorFileProxyImage::getProxyImageURI($matches[1]);
|
|
||||||
|
|
||||||
return $this->getEngine()->storeText(
|
|
||||||
phutil_render_tag(
|
|
||||||
'a',
|
|
||||||
array(
|
|
||||||
'href' => $uri,
|
|
||||||
'target' => '_blank',
|
|
||||||
),
|
|
||||||
phutil_render_tag(
|
|
||||||
'img',
|
|
||||||
array(
|
|
||||||
'src' => $uri,
|
|
||||||
'class' => 'remarkup-proxy-image',
|
|
||||||
))));
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1020,6 +1020,10 @@ final class PhabricatorBuiltinPatchList extends PhabricatorSQLPatchList {
|
||||||
'type' => 'php',
|
'type' => 'php',
|
||||||
'name' => $this->getPatchPath('liskcounters.php'),
|
'name' => $this->getPatchPath('liskcounters.php'),
|
||||||
),
|
),
|
||||||
|
'dropfileproxyimage.sql' => array(
|
||||||
|
'type' => 'sql',
|
||||||
|
'name' => $this->getPatchPath('dropfileproxyimage.sql'),
|
||||||
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue