Merge pull request #11119 from nanaya/media-url-middleware

notbakaneko · web-flow · commit 813cccbecd9c · 2024-04-09T16:49:54.000+09:00
Clean up media/wiki image url handling
diff --git a/app/Http/Controllers/BeatmapDiscussionsController.php b/app/Http/Controllers/BeatmapDiscussionsController.php
@@ -120,7 +120,11 @@ public function index()
 
     public function mediaUrl()
     {
-        $url = get_string(request('url'));
+        $url = presence(get_string(request('url')));
+
+        if (!isset($url)) {
+            return response('Missing url parameter', 422);
+        }
 
         // Tell browser not to request url for a while.
         return redirect(proxy_media($url))->header('Cache-Control', 'max-age=600');
diff --git a/app/Http/Controllers/WikiController.php b/app/Http/Controllers/WikiController.php
@@ -123,16 +123,16 @@ public function image($path)
             return response('Invalid file format', 422);
         }
 
-        $image = Wiki\Image::lookupForController($path, Request::url(), Request::header('referer'));
-
-        request()->attributes->set('strip_cookies', true);
+        $image = (new Wiki\Image($path))->sync();
 
         if (!$image->isVisible()) {
             return response('Not found', 404);
         }
 
-        return response($image->get()['content'], 200)
-            ->header('Content-Type', $image->get()['type'])
+        $imageData = $image->get();
+
+        return response($imageData['content'], 200)
+            ->header('Content-Type', $imageData['type'])
             // 10 years max-age
             ->header('Cache-Control', 'max-age=315360000, public');
     }
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -27,7 +27,6 @@ class Kernel extends HttpKernel
             Middleware\VerifyUserAlways::class,
         ],
         'web' => [
-            Middleware\StripCookies::class,
             Middleware\EncryptCookies::class,
             \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
             \Illuminate\Session\Middleware\StartSession::class,
diff --git a/app/Http/Middleware/StripCookies.php b/app/Http/Middleware/StripCookies.php
diff --git a/app/Models/Wiki/Image.php b/app/Models/Wiki/Image.php
@@ -18,23 +18,6 @@ class Image implements WikiObject
 
     private $cache;
 
-    public static function lookupForController($path, $url = null, $referrer = null)
-    {
-        $url = presence($url);
-        $referrer = presence($referrer);
-        $image = (new static($path))->sync();
-
-        if (!$image->isVisible()) {
-            if ($url !== null && $referrer !== null && starts_with($url, $referrer)) {
-                $newPath = 'shared/'.substr($url, strlen($referrer));
-
-                return (new static($newPath))->sync();
-            }
-        }
-
-        return $image;
-    }
-
     public function __construct($path)
     {
         $this->path = OsuWiki::cleanPath($path);
diff --git a/routes/web.php b/routes/web.php
@@ -5,6 +5,9 @@
 
 use App\Http\Middleware\ThrottleRequests;
 
+Route::get('wiki/images/{path}', 'WikiController@image')->name('wiki.image')->where('path', '.+');
+Route::get('beatmapsets/discussions/media-url', 'BeatmapDiscussionsController@mediaUrl')->name('beatmapsets.discussions.media-url');
+
 Route::group(['middleware' => ['web']], function () {
     Route::group(['as' => 'admin.', 'prefix' => 'admin', 'namespace' => 'Admin'], function () {
         Route::get('/beatmapsets/{beatmapset}/covers', 'BeatmapsetsController@covers')->name('beatmapsets.covers');
@@ -70,7 +73,6 @@
         Route::resource('watches', 'BeatmapsetWatchesController', ['only' => ['update', 'destroy']]);
 
         Route::group(['prefix' => 'discussions', 'as' => 'discussions.'], function () {
-            Route::get('media-url', 'BeatmapDiscussionsController@mediaUrl')->name('media-url');
             Route::put('{discussion}/vote', 'BeatmapDiscussionsController@vote')->name('vote');
             Route::post('{discussion}/restore', 'BeatmapDiscussionsController@restore')->name('restore');
             Route::post('{discussion}/deny-kudosu', 'BeatmapDiscussionsController@denyKudosu')->name('deny-kudosu');
@@ -325,7 +327,6 @@
     Route::resource('users', 'UsersController', ['only' => ['store']]);
 
     Route::get('wiki/{locale}/Sitemap', 'WikiController@sitemap')->name('wiki.sitemap');
-    Route::get('wiki/images/{path}', 'WikiController@image')->name('wiki.image')->where('path', '.+');
     Route::get('wiki/{locale?}/{path?}', 'WikiController@show')->name('wiki.show')->where('path', '.+');
     Route::put('wiki/{locale}/{path}', 'WikiController@update')->where('path', '.+');
     Route::get('wiki-suggestions', 'WikiController@suggestions')->name('wiki-suggestions');

Original file line number	Diff line number	Diff line change
`@@ -123,16 +123,16 @@ public function image($path)`
`123`	`123`	`return response('Invalid file format', 422);`
`124`	`124`	`}`
`125`	`125`
`126`		`- $image = Wiki\Image::lookupForController($path, Request::url(), Request::header('referer'));`
`127`		`-`
`128`		`- request()->attributes->set('strip_cookies', true);`
	`126`	`+ $image = (new Wiki\Image($path))->sync();`
`129`	`127`
`130`	`128`	`if (!$image->isVisible()) {`
`131`	`129`	`return response('Not found', 404);`
`132`	`130`	`}`
`133`	`131`
`134`		`- return response($image->get()['content'], 200)`
`135`		`- ->header('Content-Type', $image->get()['type'])`
	`132`	`+ $imageData = $image->get();`
	`133`	`+`
	`134`	`+ return response($imageData['content'], 200)`
	`135`	`+ ->header('Content-Type', $imageData['type'])`
`136`	`136`	`// 10 years max-age`
`137`	`137`	`->header('Cache-Control', 'max-age=315360000, public');`
`138`	`138`	`}`