0

I've got a little Django site in which users can link to images on other sites in their comments. It's by no means a core feature.

I've just moved the entire site to SSL. That has worked fine for the most part but remote images are obviously not always going to be available over SSL. Only the slightest number of domains have valid certificates.

What's the best way to funnel images through then?

  • Download them when the user posts and alter the URL to a local one?
  • Make a proxy that just proxies another URL?

The second seems like less work (I feel like it would be possible just with NGINX rules) but that it would also open the site up to people using my proxy for their own nefarious gain... Which I'd like to avoid.

What's the best compromise here?

Oli
  • 235,628
  • 64
  • 220
  • 299

1 Answers1

3

Github ran into this same issue when they moved to HTTPS everywhere and detailed it in their blog: https://github.com/blog/743-sidejack-prevention-phase-3-ssl-proxied-assets

Their solution was to create a proxy server which they open sourced as https://github.com/atmos/camo To address the same concerns about abuse of the proxy it is deployed with a shared secret with the application server. Integrating this would a Django project would be straight forward as you would just need to generate the digest from the shared key for the given image url.

Mark Lavin
  • 24,664
  • 5
  • 76
  • 70
  • Yeah that all makes far too much sense. And I thought I was going to have a quiet afternoon :) – Oli Nov 12 '13 at 16:29