A secure image proxy server

Overview

go-camo

About

go-camo is a go version of a camo server.

A camo server is a special type of image proxy that proxies non-secure images over SSL/TLS, in order to prevent mixed content warnings on secure pages. The server works in conjunction with back-end code that rewrites image URLs and signs them with an HMAC.

How it works

The general steps are as follows:

  • A client requests a page from the web app.

  • The original URL in the content is parsed.

  • An HMAC signature of the url is generated.

  • The url and hmac are encoded.

  • The encoded url and hmac are placed into the expected format, creating the signed url.

  • The signed url replaces the original image URL.

  • The web app returns the content to the client.

  • The client requets the signed url from Go-Camo.

  • Go-Camo validates the HMAC, decodes the URL, then requests the content from the origin server and streams it to the client.

  +----------+           request            +-------------+
  |          |----------------------------->|             |
  |          |                              |             |
  |          |                              |   web-app   |
  |          | img src=https://go-camo/url  |             |
  |          |<-----------------------------|             |
  |          |                              +-------------+
  |  client  |
  |          |     https://go-camo/url      +-------------+ http://some/img
  |          |----------------------------->|             |--------------->
  |          |                              |             |
  |          |                              |   go-camo   |
  |          |           img data           |             |    img data
  |          |<-----------------------------|             |<---------------
  |          |                              +-------------+
  +----------+

Go-Camo supports both hex and base64 encoded urls at the same time.

encoding tradeoffs

hex

longer, case insensitive, slightly faster

base64

shorter, case sensitive, slightly slower

Benchmark results with go1.12.7:

BenchmarkHexEncoder-4           	 1000000	      1364 ns/op
BenchmarkB64Encoder-4           	 1000000	      1447 ns/op
BenchmarkHexDecoder-4           	 1000000	      1312 ns/op
BenchmarkB64Decoder-4           	 1000000	      1379 ns/op

For examples of url generation, see the examples directory.

While Go-Camo will support proxying HTTPS images as well, for performance reasons you may choose to filter HTTPS requests out from proxying, and let the client simply fetch those as they are. The linked code examples do this.

Note that it is recommended to front Go-Camo with a CDN when possible.

Differences from Camo

  • Go-Camo supports 'Path Format' url format only. Camo’s "Query String Format" is not supported.

  • Go-Camo supports some optional "allow/deny" origin filters.

  • Go-Camo supports client http keep-alives.

  • Go-Camo provides native SSL support.

  • Go-Camo provides native HTTP/2 support

  • Go-Camo supports using more than one os thread (via GOMAXPROCS) without the need of multiple instances or additional proxying.

  • Go-Camo builds to a static binary. This makes deploying to large numbers of servers a snap.

  • Go-Camo supports both Hex and Base64 urls. Base64 urls are smaller, but case sensitive.

  • Go-Camo supports HTTP HEAD requests.

  • Go-Camo allows custom default headers to be added — useful for things like adding HSTS headers.

Installing pre-built binaries

Download the tarball appropriate for your OS/ARCH from binary releases.
Extract, and copy files to desired locations.

Building

Building requires:

  • make

  • git

  • go (latest version recommended. At least version >= 1.13)

  • asciidoctor (for building man pages only)

Additionally required, if cross compiling:

Building:

# first clone the repo
$ git clone [email protected]:cactus/go-camo
$ cd go-camo

# show make targets
$ make
Available targets:
  help                this help
  clean               clean up
  all                 build binaries and man pages
  test                run tests
  cover               run tests with cover output
  build               build all
  man                 build all man pages
  tar                 build release tarball
  cross-tar           cross compile and build release tarballs

# build all binaries (into ./bin/) and man pages (into ./man/)
# strips debug symbols by default
$ make all

# do not strip debug symbols
$ make all GOBUILD_LDFLAGS=""

Running

$ go-camo -k "somekey"
# run the gc less frequently (a bit better performance, uses more memory)
$ env GOGC=300 go-camo -k "somekey"

Go-Camo does not daemonize on its own. For production usage, it is recommended to launch in a process supervisor, and drop privileges as appropriate.

Examples of supervisors include: daemontools, runit, upstart, launchd, systemd, and many more.

For the reasoning behind lack of daemonization, see daemontools/why. In addition, the code is much simpler because of it.

Running on Heroku

In order to use this on Heroku with the provided Procfile, you need to:

Securing an installation

go-camo will generally do what you tell it to with regard to fetching signed urls. There is some limited support for trying to prevent dns rebinding attacks.

go-camo will attempt to reject any address matching an rfc1918 network block, or a private scope ipv6 address, be it in the url or via resulting hostname resolution. Please note, however, that this does not provide protecton for a network that uses public address space (ipv4 or ipv6), or some of the more exotic ipv6 addresses.

The list of networks rejected include…​

Network Description

127.0.0.0/8

loopback

169.254.0.0/16

ipv4 link local

10.0.0.0/8

rfc1918

172.16.0.0/12

rfc1918

192.168.0.0/16

rfc1918

::1/128

ipv6 loopback

fe80::/10

ipv6 link local

fec0::/10

deprecated ipv6 site-local

fc00::/7

ipv6 ULA

::ffff:0:0/96

IPv4-mapped IPv6 address

More generally, it is recommended to either:

  • Run go-camo on an isolated instance (physical, vlans, firewall rules, etc).

  • Run a local resolver for go-camo that returns NXDOMAIN responses for addresses in deny-listed ranges (e.g. unbound’s private-address functionality). This is also useful to help prevent dns rebinding in general.

Configuring

Environment Vars

  • GOCAMO_HMAC - HMAC key to use.

  • HTTPS_PROXY - Configure an outbound proxy for HTTPS requests.
    Either a complete URL or a host[:port], in which case an HTTP scheme is assumed.

  • HTTP_PROXY - Configure an outbound proxy for HTTP requests.
    Either a complete URL or a host[:port], in which case an HTTP scheme is assumed.

Command line flags

$ go-camo -h
Usage:
  go-camo [OPTIONS]

Application Options:
  -k, --key=                   HMAC key
  -H, --header=                Add additional header to each response. This option can
                               be used multiple times to add multiple headers
      --listen=                Address:Port to bind to for HTTP (default: 0.0.0.0:8080)
      --ssl-listen=            Address:Port to bind to for HTTPS/SSL/TLS
      --ssl-key=               ssl private key (key.pem) path
      --ssl-cert=              ssl cert (cert.pem) path
      --max-size=              Max allowed response size (KB)
      --timeout=               Upstream request timeout (default: 4s)
      --max-redirects=         Maximum number of redirects to follow (default: 3)
      --metrics                Enable Prometheus compatible metrics endpoint
      --no-log-ts              Do not add a timestamp to logging
      --no-fk                  Disable frontend http keep-alive support
      --no-bk                  Disable backend http keep-alive support
      --allow-content-video    Additionally allow 'video/*' content
      --allow-content-audio    Additionally allow 'audio/*' content
      --allow-credential-urls  Allow urls to contain user/pass credentials
      --filter-ruleset=        Text file containing filtering rules (one per line)
      --server-name=           Value to use for the HTTP server field (default: go-camo)
      --expose-server-version  Include the server version in the HTTP server response header
      --enable-xfwd4           Enable x-forwarded-for passthrough/generation
  -v, --verbose                Show verbose (debug) log level output
  -V, --version                Print version and exit; specify twice to show license information

Help Options:
  -h, --help                   Show this help message

A few notes about specific flags:

  • --filter-ruleset

    If a filter-ruleset file is defined, that file is read and each line converted into a filter rule. See go-camo-filtering(5) for more information regarding the format for the filter file itself.

    Regarding evaluatation: The ruleset is NOT evaluated in-order. The rules process in two phases: "allow rule phase" where the allow rules are evaluated, and the "deny rule phase" where the deny rules are evaluated. First match in each phase "wins" that phase.

    In the "allow phase", an origin request must match at least one allow rule. The first rule to match "wins" and the request moves on to the next phase. If there are no allow rules supplied, this phase is skipped.

    In the deny rule phase, any rule that matches results in a rejection. The first match "wins" and the request is failed. If there are no deny rules supplied, this phase is skipped.

    💡

    It is always preferable to do filtering at the point of url generation and signing. The filter-ruleset functionality (both allow and deny) is supplied predominantly as a fallback safety measure, for cases where you have previously generated a url and you need a quick temporary fix, or where rolling keys takes a while and/or is difficult.

  • --max-size

    The --max-size value is defined in KB. Set to 0 to disable size restriction. The default is 0.

  • --metrics

    If the metrics flag is provided, then the service will expose a Prometheus /metrics endpoint.

  • -k, --key

    If the HMAC key is provided on the command line, it will override (if present), an HMAC key set in the environment var.

  • -H, --header

    Additional default headers (sent on every response) can also be set. This argument may be specified many times.

    The list of default headers sent are:

    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Content-Security-Policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'

    As an example, if you wanted to return a Strict-Transport-Security header by default, you could add this to the command line:

    -H "Strict-Transport-Security:  max-age=16070400"

Monitoring

Metrics

When the --metrics flag is used, the service will expose a Prometheus-compatible /metrics endpoint. This can be used by monitoring systems to gather data.

The endpoint includes all of the default go_ and process_. In addition, a number of custom metrics.

Name Type Help

camo_response_duration_seconds

Histogram

A histogram of latencies for proxy responses.

camo_response_size_bytes

Histogram

A histogram of sizes for proxy responses.

camo_proxy_content_length_exceeded_total

Counter

The number of requests where the content length was exceeded.

camo_proxy_reponses_failed_total

Counter

The number of responses that failed to send to the client.

camo_proxy_reponses_truncated_total

Counter

The number of responess that were too large to send.

camo_responses_total

Counter

Total HTTP requests processed by the go-camo, excluding scrapes.

It also includes a camo_build_info metric that exposes the version. In addition, you can expose some extra data to metrics via env vars, if desired:

  • Revision via APP_INFO_REVISION

  • Branch via APP_INFO_BRANCH

  • BuildDate via APP_INFO_BUILD_DATE

  • You can also override the version by setting APP_INFO_VERSION

Additional tools

Go-Camo includes a couple of additional tools.

url-tool

The url-tool utility provides a simple way to generate signed URLs from the command line.

$ url-tool -h
Usage:
  url-tool [OPTIONS] <decode | encode>

Application Options:
  -k, --key=    HMAC key
  -p, --prefix= Optional url prefix used by encode output

Help Options:
  -h, --help    Show this help message

Available commands:
  decode  Decode a url and print result
  encode  Encode a url and print result

Example usage:

# hex
$ url-tool -k "test" encode -p "https://img.example.org" "http://golang.org/doc/gopher/frontpage.png"
https://img.example.org/0f6def1cb147b0e84f39cbddc5ea10c80253a6f3/687474703a2f2f676f6c616e672e6f72672f646f632f676f706865722f66726f6e74706167652e706e67

$ url-tool -k "test" decode "https://img.example.org/0f6def1cb147b0e84f39cbddc5ea10c80253a6f3/687474703a2f2f676f6c616e672e6f72672f646f632f676f706865722f66726f6e74706167652e706e67"
http://golang.org/doc/gopher/frontpage.png

# base64
$ url-tool -k "test" encode -b base64 -p "https://img.example.org" "http://golang.org/doc/gopher/frontpage.png"
https://img.example.org/D23vHLFHsOhPOcvdxeoQyAJTpvM/aHR0cDovL2dvbGFuZy5vcmcvZG9jL2dvcGhlci9mcm9udHBhZ2UucG5n

$ url-tool -k "test" decode "https://img.example.org/D23vHLFHsOhPOcvdxeoQyAJTpvM/aHR0cDovL2dvbGFuZy5vcmcvZG9jL2dvcGhlci9mcm9udHBhZ2UucG5n"
http://golang.org/doc/gopher/frontpage.png

Containers

There are containers built automatically from version tags.

These containers are untested and provided only for those with specific containerization requirements. When in doubt, prefer the statically compiled binary releases, unless you specifically need a container.

Alternative Implementations

  • MrSaints' go-camo fork — supports proxying additional content types (fonts/css).

Changelog

See CHANGELOG.

License

Released under the MIT license. See LICENSE file for details.

Issues
  • Provide an explicit deny URL option

    Provide an explicit deny URL option

    Camo currently ships with the option to provide a file path containing a number of hostnames to --allow-list which limits where images will be proxied from. This works great for restricting the source if you control the origin or have a small number of origins.

    What it doesn't cover very well is to explicitly deny access to a resource on a fine grained level. Take for example, you use Camo to proxy all third party assets to put a CDN in front of them and then one of the origins used via Camo is hosting malicious or inappropriate material. There currently isn't a sane way of preventing access to this particular resource once anyone has the signed HMAC URL. There are work arounds to kill the connection however they require drastic action like rolling the HMAC which unless co-ordinated well, results in a service interruption.

    This change aims to address the above scenario by exposing a way to define the inverse, an explicit deny list. It works on a similar principle to the allow-list with one notable exception; it loosely matches the outgoing URL. Instead of restricting based on hostname or asset filename, it can match anywhere using string.Contains. This brings with it great power and a potential to shoot yourself in the foot if misconfigured. The thought behind this is that Re2 is pretty poor at operations like negative lookaheads (specifically because it conflicts with the O(n)-time guarantees of the library) and I didn't want to overload options with variants for hostname, path, etc. An added benefit to this approach is that you're able to deny a single resource on a domain and not the whole domain which is useful for shared image hosting services.

    opened by jacobbednarz 25
  • Eventually stops working

    Eventually stops working

    Hi again! Performance is great, but occasionally the server will just stop serving images, giving "Error Fetching Resource" errors. RAM usage also seems to increase gradually in this state. Restarting the server fixes it, and this only happens after 12-24 hours of serving:

    ClientsServed, BytesServed
    825656, 28116134997
    

    Here's the information I gathered:

    Console output before I restarted https://gist.github.com/586b121c3fba40d8796b Memory usage vs traffic throughput: http://puu.sh/968Og/f48ce431fb.png Response headers of a failed request in this state: http://puu.sh/968QM/e0fb98fece.png

    opened by peppy 15
  • runtime error: slice bounds out of range

    runtime error: slice bounds out of range

    Running under some degree of load (30-40mbit) I occasionally get the following error. I believe after some period this affects the server's ability to process requests at all. It seems like it could be a go-level issue, and on reading up it may be related to keepalives. I'll try some other options, but here is the exception for the time being:

    2014/05/26 14:03:20 http: panic serving 141.101.96.59:21920: runtime error: slice bounds out of range
    goroutine 437 [running]:
    net/http.func·009()
            /usr/lib/go/src/pkg/net/http/server.go:1093 +0xae
    runtime.panic(0x657800, 0x95af4a)
            /usr/lib/go/src/pkg/runtime/panic.c:248 +0x106
    github.com/cactus/go-camo/camo.(*Proxy).ServeHTTP(0xc210051400, 0x7fa83d0c9720, 0xc210623000, 0xc2105e1a90)
            /root/go-camo/build/src/github.com/cactus/go-camo/camo/proxy.go:196 +0x1b25
    github.com/gorilla/mux.(*Router).ServeHTTP(0xc21000a550, 0x7fa83d0c9720, 0xc210623000, 0xc2105e1a90)
            /root/go-camo/build/src/github.com/gorilla/mux/mux.go:98 +0x217
    net/http.(*ServeMux).ServeHTTP(0xc2100376c0, 0x7fa83d0c9720, 0xc210623000, 0xc2105e1a90)
            /usr/lib/go/src/pkg/net/http/server.go:1496 +0x163
    net/http.serverHandler.ServeHTTP(0xc21000a1e0, 0x7fa83d0c9720, 0xc210623000, 0xc2105e1a90)
            /usr/lib/go/src/pkg/net/http/server.go:1597 +0x16e
    net/http.(*conn).serve(0xc2105f7180)
            /usr/lib/go/src/pkg/net/http/server.go:1167 +0x7b7
    created by net/http.(*Server).Serve
            /usr/lib/go/src/pkg/net/http/server.go:1644 +0x28b
    

    Running with fairly basic options: go-camo --max-size=2048 --listen=:80 -k <key>

    bug 
    opened by peppy 11
  • Allow server name configuration

    Allow server name configuration

    This introduces a couple of changes related to the server name.

    The first is that it allows you to override the server name of go-camo using a start up flag of --server-name. The second is that it will now append the git sha of the latest build to the server name if it is defined and this has been great for us to perform some debugging/comparison between versions and be certain we are getting the correct outcomes.

    Finally, this also updates the root route to return a 404 instead of a 200 with the server name. The thinking here is that as an image proxy, it should 404 unless it finds a resource to proxy (unless explicitly intended).

    opened by jacobbednarz 10
  • Responsible Vulnerability Disclosure

    Responsible Vulnerability Disclosure

    Specifications

    Version: go-camo 1.1.4 Platform: Any

    Behavior

    I would like to report a security vulnerability in go-camo. Is there a prefered (and confidentially) way of receiving more details?

    accepted security 
    opened by dappelt 9
  • build failed with incorrect import?

    build failed with incorrect import?

    can't load package: package github.com/cactus/go-camo/cmd/go-camo: code in directory /go/src/github.com/cactus/go-camo/cmd/go-camo expects import "github.com/cactus/go-camo"
    can't load package: package github.com/cactus/go-camo/cmd/url-tool: code in directory /go/src/github.com/cactus/go-camo/cmd/url-tool expects import "github.com/cactus/go-camo"
    

    I think the directory structure is changed, but not the import path hint.

    opened by h8liu 8
  • Making content-type configurable

    Making content-type configurable

    Is it possible to make content type configurable so that we can use go-camo to proxy non image resources also? Right now it is hardcoded here - https://github.com/cactus/go-camo/blob/3a39055ae5e56c443cd7cbc688ac6734073745ee/src/go-camo/camo/proxy.go#L207

    opened by j-manu 8
  • Please implement caching

    Please implement caching

    Someone, please tell me why on Earth Camo decides to fetch the same effing file 30 times (and counting, I should say!) in the matter of just 43 seconds?

    15/Feb/2017:09:12:10 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	#go-camo
    15/Feb/2017:09:12:11 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:12 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:13 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:14 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:15 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:17 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:18 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:19 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:20 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:21 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:27 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:28 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:29 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:30 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:30 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:32 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:33 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:34 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:35 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:37 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:38 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:39 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:41 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:42 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:45 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:46 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:50 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:51 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    15/Feb/2017:09:12:53 +0100	176.9.43.119	https://${hostname}/0d61156a-f0a4-5383-9ae8-b72430f3fa50.png	GET HTTP/1.1 200 92320	go-camo
    

    Ever heard about If-Modified-Since? Or Etag?

    Seriously guys, please implement some caching!

    opened by kseistrup 8
  • Connection to an internal proxy does not work

    Connection to an internal proxy does not work

    Specifications

    Please list the go-camo version, as well as the Operation System (and version) that go-camo is running on. The go-camo version can be found by go-camo -V.

    Version: 2.3.0 Platform: Ubuntu 20.04 Container

    Expected Behavior

    When a proxy is configured and it normally (enterprise environment) has an internal ip, camo should be able to connect to the proxy.

    Actual Behavior

    from the log:

    time="2022-01-13T08:27:36.137103866Z" level="D" msg="ip filter rejection from dial.control" err="Get \"someUrl\": proxyconnect tcp: dial tcp [::1]:4750: ip rejection"
    

    In the case above a proxy on localhost is used.

    Steps to reproduce

    Configure camo to use a proxy with a private ip.

    bug 
    opened by sll552 7
  • Add additional metrics

    Add additional metrics

    Description

    Add additional metrics:

    • Response counter with code/method labels.
    • Content length exceeded counter.
    • Failed proxy responses.
    • Truncated proxy responses.
    • Build + version info.

    Example output:

    # HELP camo_build_info A metric with a constant '1' value labeled by version, revision, branch, and goversion from which camo was built.
    # TYPE camo_build_info gauge
    camo_build_info{branch="more_metrics",goversion="go1.13",revision="17c52efa9e174dbcefe8a3403aa915d9fb8ca16d",version="2.0.1-18-g17c52ef"} 1
    # HELP camo_proxy_content_length_exceeded_total The number of requests where the content length was exceeded.
    # TYPE camo_proxy_content_length_exceeded_total counter
    camo_proxy_content_length_exceeded_total 0
    # HELP camo_proxy_reponses_failed_total The number of responses that failed to send to the client.
    # TYPE camo_proxy_reponses_failed_total counter
    camo_proxy_reponses_failed_total 0
    # HELP camo_proxy_reponses_truncated_total The number of responess that were too large to send.
    # TYPE camo_proxy_reponses_truncated_total counter
    camo_proxy_reponses_truncated_total 0
    # HELP camo_responses_total Total HTTP requests processed by the go-camo, excluding scrapes.
    # TYPE camo_responses_total counter
    camo_responses_total{code="404",method="get"} 1
    

    Checklist

    • [x] Code compiles correctly
    • [ ] Created tests (if appropriate)
    • [x] All tests passing
    • [ ] Extended the README / documentation (if necessary)
    enhancement accepted 
    opened by SuperQ 7
  • Allow use with non-image files?

    Allow use with non-image files?

    Is there a particular reason this is limited to image files? I am using it on a service where I also proxy video files. It was easiest for me to disable the check for the image header and allow anything through. It might be nice if this was a config option to either allow proxying anything, or lock down by type.

    opened by aaronpk 7
  • Download

    Download

    Description

    If go-camo is served from its own hostname, one cannot use <a href="..." download> to proxy download links through Camo, since the download attribute is limited to same-origin links.

    Extend the URL schema to allow for a /download trailer, which, if set, override Content-Disposition to attachment, as well as providing a hint at the filename, either from the remote Content-Disposition header, or from the original URL.

    Checklist

    • [x] Code compiles correctly
    • [x] Created tests (if appropriate)
    • [x] All tests passing
    • [x] Extended the README / documentation (if necessary)
    opened by alexmv 9
Releases(v2.4.0)
Owner
A place for code
null
Tcp-proxy - A dead simple reverse proxy server.

tcp-proxy A proxy that forwords from a host to another. Building go build -ldflags="-X 'main.Version=$(git describe --tags $(git rev-list --tags --max

Injamul Mohammad Mollah 0 Jan 2, 2022
“Dear Port80” is a zero-config TCP proxy server that hides SSH connection behind a HTTP server!

Dear Port80 About The Project: “Dear Port80” is a zero-config TCP proxy server that hides SSH connection behind a HTTP server! +---------------------

Abbas Gheydi 6 Jun 29, 2022
Simple, secure and modern Go HTTP server to serve static sites, single-page applications or a file with ease

srv srv is a simple, secure and modern HTTP server, written in Go, to serve static sites, single-page applications or a file with ease. You can use it

Kevin Pollet 55 May 23, 2022
A simple UDP server to make a virtual secure channel with the clients

udpsocket I made this package to make a virtual stateful connection between the client & server using the UDP protocol for a golang game server (as yo

TheRedRad 5 Jun 18, 2022
An experimental Tor-Proxy serivce written in Go using Go-proxy and Go-libtor.

tor-proxy An experimental standalone tor-proxy service built with Go, using go-proxy, go-libtor and bine. This is a simple replacement to Tor's origin

Narasimha Prasanna HN 35 Jul 5, 2022
mt-multiserver-proxy is a reverse proxy designed for linking multiple Minetest servers together

mt-multiserver-proxy mt-multiserver-proxy is a reverse proxy designed for linking multiple Minetest servers together. It is the successor to multiserv

null 11 Jul 31, 2022
A simple tool to convert socket5 proxy protocol to http proxy protocol

Socket5 to HTTP 这是一个超简单的 Socket5 代理转换成 HTTP 代理的小工具。 如何安装? Golang 用户 # Required Go 1.17+ go install github.com/mritd/[email protected] Docker 用户 docker pull m

mritd 7 Jul 10, 2022
IP2Proxy Go package allows users to query an IP address to determine if it was being used as open proxy, web proxy, VPN anonymizer and TOR exits.

IP2Proxy Go Package This package allows user to query an IP address if it was being used as VPN anonymizer, open proxies, web proxies, Tor exits, data

IP2Location 12 Aug 3, 2022
Proxy - Minimalistic TCP relay proxy.

Proxy Minimalistic TCP relay proxy. Installation ensure you have go >= 1.17 installed clone the repo cd proxy go install main.go Examples Listen on po

null 1 May 22, 2022
Http-logging-proxy - A HTTP Logging Proxy For Golang

http-logging-proxy HTTP Logging Proxy Description This project builds a simple r

null 3 Aug 1, 2022
Battlesnake-logging-proxy - A little proxy between the internet and your battlesnake

battlesnake-logging-proxy a little proxy between the internet and your battlesna

Penelope Phippen 3 Feb 11, 2022
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

frp README | 中文文档 What is frp? frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the Internet. As of now, it s

null 58.8k Aug 9, 2022
Simple edge server / reverse proxy

reproxy Reproxy is simple edge HTTP(s) sever / reverse proxy supporting various providers (docker, static, file). One or more providers supply informa

Umputun 994 Jul 26, 2022
Smocker is a simple and efficient HTTP mock server and proxy.

Smocker (server mock) is a simple and efficient HTTP mock server. The documentation is available on smocker.dev. Table of contents Installation With D

Thibaut Rousseau 856 Jul 28, 2022
A deployable proxy server and tunnel written in go

Tunnelify Tunnelify is a deployable proxy server and tunnel written in go Installing | Quickstart | Configuration Installing Direct download You can i

Kofo Okesola 30 Apr 29, 2022
4chain is a simple、fast reverse proxy to help you expose a local server behind a NAT or firewall to the Internet.

4Chain What is 4chain? 4chain is a simple、fast reverse proxy to help you expose a local server behind a NAT or firewall to the Internet. Using the ssh

null 6 Jan 4, 2022
A http proxy server chaining a upstream which needs authentication headers.

Normalize HTTP Proxy A http proxy server chaining a upstream which needs authentication headers. local -> [np] -> upstream -> destination Usage Norma

LOGI 14 May 23, 2022