Mercurial > prosody-modules

annotate mod_http_avatar/mod_http_avatar.lua @ 5401:c8d04ac200fc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Reject loopback URIs as client_uri This really should be a proper website with info, https://localhost is not good enough. Ideally we'd validate that it's got proper DNS and is actually reachable, but triggering HTTP or even DNS lookups seems like it would carry abuse potential that would best to avoid.
author Kim Alvefur <zash@zash.se>
date Tue, 02 May 2023 16:20:55 +0200
parents 5b4e7db5943c
children 0f103a6e9ba4
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3082
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
1 -- Prosody IM
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
2 -- Copyright (C) 2018 Emmanuel Gil Peyrot
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
3 --
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
4 -- This project is MIT/X11 licensed. Please see the
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
5 -- COPYING file in the source package for more information.
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
6
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
7 local base64 = require"util.encodings".base64;
3084
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
8 local sha1 = require"util.hashes".sha1;
3082
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
9 local st = require"util.stanza";
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
10 module:depends"http";
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
11
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
12 local vcard_storage = module:open_store"vcard";
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
13
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
14 local default_avatar = [[<svg xmlns='http://www.w3.org/2000/svg' version='1.1' viewBox='0 0 150 150'>
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
15 <rect width='150' height='150' fill='#888' stroke-width='1' stroke='#000'/>
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
16 <text x='75' y='100' text-anchor='middle' font-size='100'>?</text>
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
17 </svg>]];
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
18
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
19 local function get_avatar(event, path)
3084
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
20 local request, response = event.request, event.response;
3082
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
21 local photo_type, binval;
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
22 local vcard, err = vcard_storage:get(path);
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
23 if vcard then
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
24 vcard = st.deserialize(vcard);
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
25 local photo = vcard:get_child("PHOTO", "vcard-temp");
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
26 if photo then
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
27 photo_type = photo:get_child_text("TYPE", "vcard-temp");
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
28 binval = photo:get_child_text("BINVAL", "vcard-temp");
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
29 end
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
30 end
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
31 if not photo_type or not binval then
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
32 response.status_code = 404;
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
33 response.headers.content_type = "image/svg+xml";
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
34 return default_avatar;
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
35 end
3084
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
36 local avatar = base64.decode(binval);
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
37 local hash = sha1(avatar, true);
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
38 if request.headers.if_none_match == hash then
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
39 return 304;
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
40 end
3082
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
41 response.headers.content_type = photo_type;
3084
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
42 response.headers.etag = hash;
5b4e7db5943c mod_http_avatar: Add caching support.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents: 3083
diff changeset
43 return avatar;
3082
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
44 end
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
45
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
46 module:provides("http", {
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
47 route = {
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
48 ["GET /*"] = get_avatar;
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
49 };
1cff081abbed mod_http_avatar: Add a module to serve vCard-temp avatars over HTTP.
Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
parents:
diff changeset
50 });