Add ability to require client request signing #68
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
👍 This is a feature I would use! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I'm not sure if anyone is interested in this functionality but will add a PR in case people are.
I've added the ability to force clients to pass a signature in with all requests.
This is a cheap way to validate that requests are coming form trusted sources. It's not completely foolproof and is a bit of security through obscurity however it will stop someone from looping through every possible modifier and requesting sizes that differ by 1px. This would put a lot of load on the server and if done by a botnet could DDoS the service.
Simply set a REQUEST_SIGNING_KEY to be a long string. Share this key with your clients and the algorithm used to create signatures.
If image-resizer sees that a REQUEST_SIGNING_KEY is set it will compare the signature with the requested image/modifier options and make sure there is a match. If no match is found a 404 is returned.
I've also changed image.js to return a 404 if a request comes in for an unsupported format. This seems more logical to me than returning a 500.