From bfbc8ff5ee37ca96a61c4948373616579d0c059a Mon Sep 17 00:00:00 2001 From: Will Norris Date: Wed, 6 Aug 2014 08:47:41 -0700 Subject: [PATCH] remove MaxWidth and MaxHeight options These were originally added to prevent a denial of service caused by requesting very large images, but are no longer needed since we no longer resize images larger than their original size. --- cmd/imageproxy/main.go | 2 -- proxy.go | 10 ---------- 2 files changed, 12 deletions(-) diff --git a/cmd/imageproxy/main.go b/cmd/imageproxy/main.go index 66c1315..d365eb3 100644 --- a/cmd/imageproxy/main.go +++ b/cmd/imageproxy/main.go @@ -57,8 +57,6 @@ func main() { } p := imageproxy.NewProxy(nil, c) - p.MaxWidth = 2000 - p.MaxHeight = 2000 if *whitelist != "" { p.Whitelist = strings.Split(*whitelist, ",") } diff --git a/proxy.go b/proxy.go index 9f4a5ae..22f8201 100644 --- a/proxy.go +++ b/proxy.go @@ -38,9 +38,6 @@ type Proxy struct { // Whitelist specifies a list of remote hosts that images can be proxied from. An empty list means all hosts are allowed. Whitelist []string - - MaxWidth int - MaxHeight int } // NewProxy constructs a new proxy. The provided http Client will be used to @@ -75,13 +72,6 @@ func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } - if p.MaxWidth > 0 && int(req.Options.Width) > p.MaxWidth { - req.Options.Width = float64(p.MaxWidth) - } - if p.MaxHeight > 0 && int(req.Options.Height) > p.MaxHeight { - req.Options.Height = float64(p.MaxHeight) - } - if !p.allowed(req.URL) { glog.Errorf("remote URL is not for an allowed host: %v", req.URL) http.Error(w, fmt.Sprintf("remote URL is not for an allowed host: %v", req.URL), http.StatusBadRequest)