src/pages/api/image-proxy.js

/**
 * Server-side image proxy API endpoint
 * Proxies images from untrusted domains to prevent user IP exposure
 * Uses HMAC signatures to prevent abuse
 */

import {
  checkRateLimit,
  recordRequest,
  getCookieId,
  generateNonce,
  createNonceCookie,
} from '../../utils/rateLimit.js';

// Secret key for signing URLs - in production, use an environment variable
const SIGNING_SECRET = process.env.IMAGE_PROXY_SECRET || 'dev-secret-change-me';

// Max image size to proxy (25MB - needed for animated GIFs)
const MAX_IMAGE_SIZE = 25 * 1024 * 1024;

// Allowed content types
const ALLOWED_CONTENT_TYPES = [
  'image/jpeg',
  'image/png',
  'image/gif',
  'image/webp',
  'image/svg+xml',
  'image/bmp',
  'image/x-icon',
  'image/vnd.microsoft.icon',
  'image/avif',
  'image/apng',
];

// Image extensions for fallback content-type detection
const IMAGE_EXTENSIONS = {
  '.jpg': 'image/jpeg',
  '.jpeg': 'image/jpeg',
  '.png': 'image/png',
  '.gif': 'image/gif',
  '.webp': 'image/webp',
  '.svg': 'image/svg+xml',
  '.bmp': 'image/bmp',
  '.ico': 'image/x-icon',
  '.avif': 'image/avif',
  '.apng': 'image/apng',
};

/**
 * Get content type from URL extension
 */
function getContentTypeFromUrl(url) {
  try {
    const pathname = new URL(url).pathname.toLowerCase();
    for (const [ext, type] of Object.entries(IMAGE_EXTENSIONS)) {
      if (pathname.endsWith(ext)) {
        return type;
      }
    }
  } catch {}
  return null;
}

/**
 * Generate HMAC signature for a URL
 */
export async function signImageUrl(imageUrl) {
  const encoder = new TextEncoder();
  const key = await crypto.subtle.importKey(
    'raw',
    encoder.encode(SIGNING_SECRET),
    { name: 'HMAC', hash: 'SHA-256' },
    false,
    ['sign']
  );
  const signature = await crypto.subtle.sign('HMAC', key, encoder.encode(imageUrl));
  const signatureHex = Array.from(new Uint8Array(signature))
    .map(b => b.toString(16).padStart(2, '0'))
    .join('');
  return signatureHex;
}

/**
 * Verify HMAC signature for a URL
 */
async function verifySignature(imageUrl, signature) {
  const expectedSignature = await signImageUrl(imageUrl);
  return signature === expectedSignature;
}

/**
 * Create a signed proxy URL for an image
 */
export async function createSignedProxyUrl(imageUrl) {
  const signature = await signImageUrl(imageUrl);
  return `/api/image-proxy?url=${encodeURIComponent(imageUrl)}&sig=${signature}`;
}

export async function GET({ request }) {
  // Rate limit check
  const rateCheck = checkRateLimit(request, {
    limit: 20,
    windowMs: 1000,
    burstLimit: 100,
    burstWindowMs: 10_000,
  });

  let cookieId = getCookieId(request);
  const hadCookie = !!cookieId;
  if (!cookieId) {
    cookieId = generateNonce();
  }

  if (!rateCheck.allowed) {
    const response = new Response('Rate limit exceeded', {
      status: 429,
      headers: { 'Retry-After': '1' },
    });
    if (!hadCookie) {
      response.headers.set('Set-Cookie', createNonceCookie(cookieId));
    }
    return response;
  }

  recordRequest(request, 1000);

  const url = new URL(request.url);
  const imageUrl = url.searchParams.get('url');
  const signature = url.searchParams.get('sig');

  if (!imageUrl) {
    return new Response('Missing url parameter', { status: 400 });
  }

  if (!signature) {
    return new Response('Missing signature', { status: 403 });
  }

  // Verify the signature
  const isValid = await verifySignature(imageUrl, signature);
  if (!isValid) {
    return new Response('Invalid signature', { status: 403 });
  }

  // Validate URL format
  let parsedUrl;
  try {
    parsedUrl = new URL(imageUrl);
    if (!['http:', 'https:'].includes(parsedUrl.protocol)) {
      throw new Error('Invalid protocol');
    }
  } catch {
    return new Response('Invalid URL', { status: 400 });
  }

  try {
    const controller = new AbortController();
    const timeout = setTimeout(() => controller.abort(), 10000);

    const response = await fetch(imageUrl, {
      method: 'GET',
      headers: {
        'User-Agent': 'Mozilla/5.0 (compatible; ImageProxy/1.0)',
        'Accept': 'image/*',
      },
      signal: controller.signal,
      redirect: 'follow',
    });

    clearTimeout(timeout);

    if (!response.ok) {
      return new Response('Failed to fetch image', { status: 502 });
    }

    let contentType = response.headers.get('content-type') || '';
    const contentLength = parseInt(response.headers.get('content-length') || '0', 10);

    // Validate content type - must be an image
    let isAllowedType = ALLOWED_CONTENT_TYPES.some(type => contentType.startsWith(type));
    
    // If server returned generic binary type, try to infer from URL extension
    if (!isAllowedType && (contentType.includes('octet-stream') || contentType === '')) {
      const inferredType = getContentTypeFromUrl(imageUrl);
      if (inferredType) {
        contentType = inferredType;
        isAllowedType = true;
      }
    }
    
    if (!isAllowedType) {
      console.error(`[image-proxy] Invalid content type: ${contentType} for URL: ${imageUrl}`);
      return new Response(`Invalid content type: ${contentType}`, { status: 400 });
    }

    // Check size limit
    if (contentLength > MAX_IMAGE_SIZE) {
      return new Response('Image too large', { status: 413 });
    }

    // Stream the image through
    const imageData = await response.arrayBuffer();
    
    // Double-check size after download
    if (imageData.byteLength > MAX_IMAGE_SIZE) {
      return new Response('Image too large', { status: 413 });
    }

    const proxyResponse = new Response(imageData, {
      status: 200,
      headers: {
        'Content-Type': contentType,
        'Content-Length': imageData.byteLength.toString(),
        'Cache-Control': 'public, max-age=86400', // Cache for 1 day
        'X-Content-Type-Options': 'nosniff',
      },
    });

    if (!hadCookie) {
      proxyResponse.headers.set('Set-Cookie', createNonceCookie(cookieId));
    }

    return proxyResponse;

  } catch (err) {
    console.error('[image-proxy] Error fetching image:', err.message);
    return new Response('Failed to fetch image', { status: 500 });
  }
}
feat(api): add endpoints for fetching reaction users and searching messages - Implemented GET endpoint to fetch users who reacted with a specific emoji on a message. - Added validation for messageId and emoji parameters. - Enhanced user data retrieval with display names and avatar URLs. - Created a search endpoint for Discord messages with support for content and embed searches. - Included pagination and rate limiting for search results. feat(api): introduce image proxy and link preview endpoints - Developed an image proxy API to securely fetch images from untrusted domains. - Implemented HMAC signing for image URLs to prevent abuse. - Created a link preview API to fetch Open Graph metadata from URLs. - Added support for trusted domains and safe image URL generation. style(pages): create Discord logs page with authentication - Added a new page for displaying archived Discord channel logs. - Integrated authentication check to ensure user access. refactor(utils): enhance API authentication and database connection - Improved API authentication helper to manage user sessions and token refresh. - Established a PostgreSQL database connection utility for Discord logs. 2025-12-03 13:27:37 -05:00			`/**`
			`* Server-side image proxy API endpoint`
			`* Proxies images from untrusted domains to prevent user IP exposure`
			`* Uses HMAC signatures to prevent abuse`
			`*/`

			`import {`
			`checkRateLimit,`
			`recordRequest,`
			`getCookieId,`
			`generateNonce,`
			`createNonceCookie,`
			`} from '../../utils/rateLimit.js';`

			`// Secret key for signing URLs - in production, use an environment variable`
			`const SIGNING_SECRET = process.env.IMAGE_PROXY_SECRET \|\| 'dev-secret-change-me';`

			`// Max image size to proxy (25MB - needed for animated GIFs)`
			`const MAX_IMAGE_SIZE = 25 * 1024 * 1024;`

			`// Allowed content types`
			`const ALLOWED_CONTENT_TYPES = [`
			`'image/jpeg',`
			`'image/png',`
			`'image/gif',`
			`'image/webp',`
			`'image/svg+xml',`
			`'image/bmp',`
			`'image/x-icon',`
			`'image/vnd.microsoft.icon',`
			`'image/avif',`
			`'image/apng',`
			`];`

			`// Image extensions for fallback content-type detection`
			`const IMAGE_EXTENSIONS = {`
			`'.jpg': 'image/jpeg',`
			`'.jpeg': 'image/jpeg',`
			`'.png': 'image/png',`
			`'.gif': 'image/gif',`
			`'.webp': 'image/webp',`
			`'.svg': 'image/svg+xml',`
			`'.bmp': 'image/bmp',`
			`'.ico': 'image/x-icon',`
			`'.avif': 'image/avif',`
			`'.apng': 'image/apng',`
			`};`

			`/**`
			`* Get content type from URL extension`
			`*/`
			`function getContentTypeFromUrl(url) {`
			`try {`
			`const pathname = new URL(url).pathname.toLowerCase();`
			`for (const [ext, type] of Object.entries(IMAGE_EXTENSIONS)) {`
			`if (pathname.endsWith(ext)) {`
			`return type;`
			`}`
			`}`
			`} catch {}`
			`return null;`
			`}`

			`/**`
			`* Generate HMAC signature for a URL`
			`*/`
			`export async function signImageUrl(imageUrl) {`
			`const encoder = new TextEncoder();`
			`const key = await crypto.subtle.importKey(`
			`'raw',`
			`encoder.encode(SIGNING_SECRET),`
			`{ name: 'HMAC', hash: 'SHA-256' },`
			`false,`
			`['sign']`
			`);`
			`const signature = await crypto.subtle.sign('HMAC', key, encoder.encode(imageUrl));`
			`const signatureHex = Array.from(new Uint8Array(signature))`
			`.map(b => b.toString(16).padStart(2, '0'))`
			`.join('');`
			`return signatureHex;`
			`}`

			`/**`
			`* Verify HMAC signature for a URL`
			`*/`
			`async function verifySignature(imageUrl, signature) {`
			`const expectedSignature = await signImageUrl(imageUrl);`
			`return signature === expectedSignature;`
			`}`

			`/**`
			`* Create a signed proxy URL for an image`
			`*/`
			`export async function createSignedProxyUrl(imageUrl) {`
			`const signature = await signImageUrl(imageUrl);`
			return `/api/image-proxy?url=${encodeURIComponent(imageUrl)}&sig=${signature}`;
			`}`

			`export async function GET({ request }) {`
			`// Rate limit check`
			`const rateCheck = checkRateLimit(request, {`
			`limit: 20,`
			`windowMs: 1000,`
			`burstLimit: 100,`
			`burstWindowMs: 10_000,`
			`});`

			`let cookieId = getCookieId(request);`
			`const hadCookie = !!cookieId;`
			`if (!cookieId) {`
			`cookieId = generateNonce();`
			`}`

			`if (!rateCheck.allowed) {`
			`const response = new Response('Rate limit exceeded', {`
			`status: 429,`
			`headers: { 'Retry-After': '1' },`
			`});`
			`if (!hadCookie) {`
			`response.headers.set('Set-Cookie', createNonceCookie(cookieId));`
			`}`
			`return response;`
			`}`

			`recordRequest(request, 1000);`

			`const url = new URL(request.url);`
			`const imageUrl = url.searchParams.get('url');`
			`const signature = url.searchParams.get('sig');`

			`if (!imageUrl) {`
			`return new Response('Missing url parameter', { status: 400 });`
			`}`

			`if (!signature) {`
			`return new Response('Missing signature', { status: 403 });`
			`}`

			`// Verify the signature`
			`const isValid = await verifySignature(imageUrl, signature);`
			`if (!isValid) {`
			`return new Response('Invalid signature', { status: 403 });`
			`}`

			`// Validate URL format`
			`let parsedUrl;`
			`try {`
			`parsedUrl = new URL(imageUrl);`
			`if (!['http:', 'https:'].includes(parsedUrl.protocol)) {`
			`throw new Error('Invalid protocol');`
			`}`
			`} catch {`
			`return new Response('Invalid URL', { status: 400 });`
			`}`

			`try {`
			`const controller = new AbortController();`
			`const timeout = setTimeout(() => controller.abort(), 10000);`

			`const response = await fetch(imageUrl, {`
			`method: 'GET',`
			`headers: {`
			`'User-Agent': 'Mozilla/5.0 (compatible; ImageProxy/1.0)',`
			`'Accept': 'image/*',`
			`},`
			`signal: controller.signal,`
			`redirect: 'follow',`
			`});`

			`clearTimeout(timeout);`

			`if (!response.ok) {`
			`return new Response('Failed to fetch image', { status: 502 });`
			`}`

			`let contentType = response.headers.get('content-type') \|\| '';`
			`const contentLength = parseInt(response.headers.get('content-length') \|\| '0', 10);`

			`// Validate content type - must be an image`
			`let isAllowedType = ALLOWED_CONTENT_TYPES.some(type => contentType.startsWith(type));`

			`// If server returned generic binary type, try to infer from URL extension`
			`if (!isAllowedType && (contentType.includes('octet-stream') \|\| contentType === '')) {`
			`const inferredType = getContentTypeFromUrl(imageUrl);`
			`if (inferredType) {`
			`contentType = inferredType;`
			`isAllowedType = true;`
			`}`
			`}`

			`if (!isAllowedType) {`
			console.error(`[image-proxy] Invalid content type: ${contentType} for URL: ${imageUrl}`);
			return new Response(`Invalid content type: ${contentType}`, { status: 400 });
			`}`

			`// Check size limit`
			`if (contentLength > MAX_IMAGE_SIZE) {`
			`return new Response('Image too large', { status: 413 });`
			`}`

			`// Stream the image through`
			`const imageData = await response.arrayBuffer();`

			`// Double-check size after download`
			`if (imageData.byteLength > MAX_IMAGE_SIZE) {`
			`return new Response('Image too large', { status: 413 });`
			`}`

			`const proxyResponse = new Response(imageData, {`
			`status: 200,`
			`headers: {`
			`'Content-Type': contentType,`
			`'Content-Length': imageData.byteLength.toString(),`
			`'Cache-Control': 'public, max-age=86400', // Cache for 1 day`
			`'X-Content-Type-Options': 'nosniff',`
			`},`
			`});`

			`if (!hadCookie) {`
			`proxyResponse.headers.set('Set-Cookie', createNonceCookie(cookieId));`
			`}`

			`return proxyResponse;`

			`} catch (err) {`
			`console.error('[image-proxy] Error fetching image:', err.message);`
			`return new Response('Failed to fetch image', { status: 500 });`
			`}`
			`}`