Feature request: Image Proxy March 26, 2016, 06:18:59 pm Hi, I;ve just activated HTTPS on my Elkarte forum using Let's Encrypt. The problem is if a post contains images that hosted on non-https sites there will be mixed content warning. I'm requesting a feature/addon for Elkarte to cache the non-secured image.Some references:http://www.simplemachines.org/community/index.php?topic=527996.0http://www.vbulletin.org/forum/showthread.php?t=316826https://www.phpbb.com/community/viewtopic.php?f=496&t=2271541http://community.mybb.com/thread-162572.htmlhttps://invisionpower.com/forums/topic/416988-image-proxy/https://xenforo.com/community/threads/what-is-proxy-links-and-proxy-images.81020/http://arstechnica.com/information-technology/2015/10/chrome-finally-kills-off-the-http-https-mixed-content-warning/https://support.mozilla.org/en-US/kb/mixed-content-blocking-firefoxhttps://www.chromium.org/Home/chromium-security/marking-http-as-non-secureThanks!
Re: Feature request: Image Proxy Reply #1 – March 26, 2016, 08:45:59 pm I am not using https and I never test it, but this should work: http://addons.elkarte.net/enhancement/Image-Cache.html
Re: Feature request: Image Proxy Reply #2 – March 27, 2016, 05:01:17 am Quote from: radu81 – March 26, 2016, 08:45:59 pmI am not using https and I never test it, but this should work: http://addons.ElkArte.net/enhancement/Image-Cache.htmlthanks @radu81 my search skill sucks. haha. i will try it later.
Re: Feature request: Image Proxy Reply #3 – March 27, 2016, 05:36:51 am I knew I wrote something!! xDI wasn't able to find it as well... LOL
Re: Feature request: Image Proxy Reply #4 – December 14, 2016, 02:05:09 pm Time for a bump!I think we finally need to pull this into the 1.1 core (and possibly for 1.0.10) as the Chrome mandate is just about here. As I understand it Chrome will begin to flag screens with password inputs, on non-https servers, as insecure. Thats not really an ElkArte issue but a server / site issue. However once someone enables https, they will need the image proxy to still allow links to http sites from your https site, something ElkArte should support out of the box.
Re: Feature request: Image Proxy Reply #6 – December 15, 2016, 03:08:58 am Quick&dirty we can simply package the addon. I wish I were able to finish what I had in mind in terms of addons... actually... I may have already finished, but I don't remember.This evening I'll give it a try, if I did what I wanted to do, pack the "installed" addon is the easiest thing.
Re: Feature request: Image Proxy Reply #7 – December 15, 2016, 12:01:31 pm If you get that in a branch somewhere that would be cool. I'm looking to beef up the proxy a bit so have been working on that.
Re: Feature request: Image Proxy Reply #8 – December 16, 2016, 11:29:09 am Here is a first pass at updating this for 1.1 .... I changed a few things in the proxy and the proxy-ed "link" which now both use a hash code, this should prevent someone from adding image and then being able to use the proxy from another site. Some restructure etc.Found a kind of a bug in the Elk code due to an update in the way Imagic deals with a parameter.Some things to consider .... Adding a scheduled task to purge old image cache files.Using a library to prevent some potential abuse here. One could to link a massive image file, which the site would have to download, try to cache, etc. There are smarter getimagesize functions that we could use to help prevent this. Adding a new db table to track last access (to help with scheduled task vs touching) but also to track success in downloading, a protected image may not download, and we don't want to continually try to get it each page load.One other thing, where to put the settings (basically on /off) ... core feature page, attachment settings page, other suggestions ?
Re: Feature request: Image Proxy Reply #9 – December 17, 2016, 04:12:33 pm Quote from: Spuds – December 16, 2016, 11:29:09 amOne other thing, where to put the settings (basically on /off) ... core feature page, attachment settings page, other suggestions ?Core feature page should be fine, attachment settings I'd say no since the images are embeded and not attachments. As a suggestion I could say ACP->Forum-> Posts and topics since is related to messages and images embeded with IMG tag.My doubts regarding the proxy image:1. how will deal with external avatars? 2. Gravatar is using an ssl connection? On elkarte.net existing gravatar images are not https3. what about images inserted into signatures?I'm planing to switch next year to https connection and I will use a free certificate from let's encrypt
Re: Feature request: Image Proxy Reply #10 – December 17, 2016, 05:35:53 pm Right now the proxy only works with images wrapped in [img]...[/img] tags ... so in theory I think it would work fine with signatures. Gravatar using http is frankly a bug that should be fixed, no reason not to use https. External avatars have not looked at, have to leave something for eman to do
Re: Feature request: Image Proxy Reply #11 – December 17, 2016, 06:09:27 pm I've added the basics for retry on fail for images that don't fetch properly. It will try 10 times to get the image on a ^4 based timer curve. Nothing fancy but basically waits longer each time it fails until it trys again. On failure it just shows the default mime thumbnail.To do the above I added a new table to track the image / time / failures to the db, so 1.1 will need a new table for this. This same table will be used for prune operations so "old" images (ones that have not been accessed in X time) can be removed from the cache. Thats the next bit to do.
Re: Feature request: Image Proxy Reply #12 – December 17, 2016, 06:22:59 pm I don't think https image shown in http site is a problem, however, the vice versa is i.e. http image in https site.
Re: Feature request: Image Proxy Reply #13 – December 17, 2016, 06:34:03 pm Quote from: Spuds – December 17, 2016, 06:09:27 pmTo do the above I added a new table to track the image / time / failures to the db, so 1.1 will need a new table for this.Then, I'd say let's do the same we did with the likes stats: 1.1.1?
Re: Feature request: Image Proxy Reply #14 – December 17, 2016, 06:46:51 pm I thought like stats are already in 1.1.0, did I miss something I'm good with waiting until 1.1.1 for this proxy (since I know how to incorporate this ) although it should probably be addon-ized for 1.1.0 so it can be used.