• This repository has been archived on 08/Apr/2021
  • Stars
    star
    1,754
  • Rank 26,543 (Top 0.6 %)
  • Language
    CoffeeScript
  • License
    MIT License
  • Created about 14 years ago
  • Updated over 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

🔒 an http proxy to route images through SSL

camo Build Status

Camo is all about making insecure assets look secure. This is an SSL image proxy to prevent mixed content warnings on secure pages served from GitHub.

camo

We want to allow people to keep embedding images in comments/issues/READMEs.

There's more info on the GitHub blog.

Using a shared key, proxy URLs are authenticated with hmac so we can bust caches/ban/rate limit if needed.

Camo currently runs on node version 0.10.29 at GitHub on heroku.

Deploy to Heroku

Features

  • Max size for proxied images
  • Follow redirects to a certain depth
  • Restricts proxied images content-types to a whitelist
  • Forward images regardless of HTTP status code

At GitHub we render markdown and replace all of the src attributes on the img tags with the appropriate URL to hit the proxies. There's example code for creating URLs in the tests.

URL Formats

Camo supports two distinct URL formats:

http://example.org/<digest>?url=<image-url>
http://example.org/<digest>/<image-url>

The <digest> is a 40 character hex encoded HMAC digest generated with a shared secret key and the unescaped <image-url> value. The <image-url> is the absolute URL locating an image. In the first format, the <image-url> should be URL escaped aggressively to ensure the original value isn't mangled in transit. In the second format, each byte of the <image-url> should be hex encoded such that the resulting value includes only characters [0-9a-f].

Configuration

Camo is configured through environment variables.

  • PORT: The port number Camo should listen on. (default: 8081)
  • CAMO_HEADER_VIA: The string for Camo to include in the Via and User-Agent headers it sends in requests to origin servers. (default: Camo Asset Proxy <version>)
  • CAMO_KEY: A shared key consisting of a random string, used to generate the HMAC digest.
  • CAMO_LENGTH_LIMIT: The maximum Content-Length Camo will proxy. (default: 5242880)
  • CAMO_LOGGING_ENABLED: The logging level used for reporting debug or error information. Options are debug and disabled. (default: disabled)
  • CAMO_MAX_REDIRECTS: The maximum number of redirects Camo will follow while fetching an image. (default: 4)
  • CAMO_SOCKET_TIMEOUT: The maximum number of seconds Camo will wait before giving up on fetching an image. (default: 10)
  • CAMO_TIMING_ALLOW_ORIGIN: The string for Camo to include in the Timing-Allow-Origin header it sends in responses to clients. The header is omitted if this environment variable is not set. (default: not set)
  • CAMO_HOSTNAME: The Camo-Host header value that Camo will send. (default: unknown)
  • CAMO_KEEP_ALIVE: Whether or not to enable keep-alive session. (default: false)

Testing Functionality

Bundle Everything

% rake bundle

Start the server

% coffee server.coffee

In another shell

% rake

Debugging

To see the full URL restclient is hitting etc, try this.

% RESTCLIENT_LOG=stdout rake

Deployment

You should run this on heroku.

To enable useful line numbers in stacktraces you probably want to compile the server.coffee file to native javascript when deploying.

% coffee -c server.coffee
% /usr/bin/env PORT=9090 CAMO_KEY="<my application key>" node server.js

Docker

A Dockerfile is included, you can build and run it with:

docker build -t camo .
docker run --env CAMO_KEY=YOUR_KEY -t camo

Examples

More Repositories

1

heaven

🚶 Rails app for GitHub Flow
Ruby
648
star
2

hubot-deploy

🚀 GitHub Flow via hubot
CoffeeScript
410
star
3

sinatra_auth_github

🔒 simple sinatra extension to authenticate users against github oauth
Ruby
190
star
4

warden-github

🔒 warden strategy for github oauth
Ruby
54
star
5

hubot-auto-deploy

Configure auto-deployment for GitHub repos from hubot.
CoffeeScript
38
star
6

heroku-buildpack-icecast

Because why the fuck would you wanna pay for bandwidth to stream to folks?
Shell
37
star
7

slash-heroku

/heroku commands for slack
Ruby
36
star
8

atmos.github.io

HTML
34
star
9

heroku-express

a simple app skeleton for running an express app on heroku
JavaScript
31
star
10

jinkies

A Jenkins/GitHub Bridge
CoffeeScript
28
star
11

singem

A simple sinatra generator based on rubigen
Ruby
25
star
12

warden-googleapps

warden strategy for google apps federated login
Ruby
25
star
13

sinatra-auth-github-test

https://sinatra-auth-github-test.herokuapp.com
Ruby
21
star
14

speakerboxxx

Configurable GitHub organization hooks for Slack teams
Ruby
20
star
15

flatirons

A merb 1.x app that's an openid provider, based on the rails example in ruby-openid
Ruby
19
star
16

electrogram

A slack client with just tabs
CoffeeScript
19
star
17

octodex-ios

a simple test app to display the octodex on iOS with RubyMotion
Ruby
15
star
18

hancock-client-rails

Rails 2.3.2 Hancock Consumer Application using Sinatra Middleware as Rails Metal
Ruby
15
star
19

hubot-gtalk

GTalk adapter for Hubot
CoffeeScript
14
star
20

ircat.js

a simple irc bot in javascript
JavaScript
13
star
21

scroauth

github oauth routines to simplify deployments from it
Ruby
13
star
22

webhooks.js

a simple express app to try to proxy web requests to IRC
JavaScript
13
star
23

rack-redirect

simple redirects for your solo slices via a little rack app
Ruby
13
star
24

merb-openid-example

an example openid consumer application written in merb using merb-auth's openid stuff
JavaScript
13
star
25

pars

parsers for config files around ey
Ruby
12
star
26

dot_xen

parsing xen's .xen files for reading and writing
Ruby
12
star
27

sinatra_auth_gmail

A sinatra extension that provides authentication for GMail authentication
Ruby
12
star
28

ciderapp.org

the site that serves up your recipes
Ruby
10
star
29

http-pulse

a cli tool for managing urls
Ruby
10
star
30

fitter_happier

A Rails Plugin for adding a simple health check to your application
Ruby
10
star
31

traktor-charts

See what you've been playing in Traktor
Go
10
star
32

hancock

An OpenID Provider with a simple API, written in Sinatra.
Ruby
9
star
33

hubot-deploy-heroku

Deploy apps to heroku from directly inside hubot
CoffeeScript
9
star
34

rawstats

run awstats under rack
Perl
8
star
35

capybara-standalone

rspec2 and capybara testing, a simple example.
Ruby
8
star
36

lifeline

a twitter oauth app that displays your friend's timeline minus protected updates
Ruby
8
star
37

gtm

CLI tool for GitHub team and user management
Go
8
star
38

express-session-redis

persistent sessions for express stored in redis
JavaScript
8
star
39

http-pulse-app

what you want out of http monitoring
JavaScript
7
star
40

hubot-ci

Interact with GitHub commit statuses from hubot
CoffeeScript
7
star
41

twitrsvp

Twitter Based RSVP Application
JavaScript
7
star
42

merb_hoptoad_notifier

A merb plugin for hoptoad notification
Ruby
7
star
43

rack_hoptoad

middleware for posting exceptions to http://hoptoadapp.com
Ruby
7
star
44

slackmos

Things that I expect to work everywhere, but don't.
HTML
7
star
45

keepalived_dot_conf

Parsing keepalived's configuration for reading and writing
Ruby
6
star
46

merb_braintree_tr_example

a merb app that's an example of using braintree's transparent redirect stuff
Ruby
6
star
47

yardbull

A simple apple URL handler app written in cocoa to shell out to terminal tools
Objective-C
6
star
48

icecast

A fork of the official icecast client, modified to run on heroku
Shell
6
star
49

as_time_goes_by

an example sinatra/rspec/datamapper/webrat app with selenium built in
Ruby
6
star
50

butt

Unofficial fork of http://danielnoethen.de/
C++
5
star
51

rubundler

use wycats/bundler
Ruby
5
star
52

molly

a twitter client over websockets
JavaScript
5
star
53

ronin

a simple script to login to multiple ey cloud instances from the command line
Ruby
4
star
54

terminal_velocity

Ruby
4
star
55

braintree_transparent_redirect_slice

A slice for interfacing with braintree's transparent redirect stuff in a merb app
Ruby
4
star
56

cinderella

how your apple laptop should work
Ruby
4
star
57

smeagol

guiding you through setting up an osx machine for open source ruby work
Ruby
3
star
58

sign-off

Developer flow for people with sign off responsibilities
Ruby
3
star
59

face-crime

Put Jon Rohan's face on eeeerybody
Ruby
3
star
60

rubynation2010

my talk on fakes and testing at rubynation 2010
Ruby
3
star
61

hancock-client

A sinatra app and rack middleware piece for the hancock SSO server
Ruby
3
star
62

djcharts-menubar

djcharts.io menubar item
Objective-C
3
star
63

escobar

Heroku Pipelines and GitHub Deployments 💞
Ruby
2
star
64

sheepfuckin

for @halorgium
2
star
65

campfiyah

Faraday API for Campfire
Ruby
2
star
66

tumblr.js

CoffeeScript
2
star
67

sinatra_app_engine

template for deploying sinatra to app engine
Ruby
2
star
68

rack_fitter_happier

A simple health check middleware in rack
Ruby
2
star
69

aloha_2009

my talk on open source business models and independent record labels
1
star
70

atmos-dot-org-netlify

CSS
1
star
71

atmos.org

redirect shit from heroku to github pages
JavaScript
1
star
72

atmos.org-redirector

redirect atmos.org on ec2 to www.atmos.org on github
Ruby
1
star
73

hallmonitor

setting pi up
Ruby
1
star
74

lockrun.rb

It's easier than downloading it and compiling it on your servers
Ruby
1
star
75

rack-roll

lulz
Ruby
1
star
76

slash-github-deploy

Experimental support for hubot-deploy like commands for Heroku & GitHub
Ruby
1
star
77

merb-upload

how to upload and test file uploads in merb, unfortunately i had to do this today.
Ruby
1
star
78

outreach

Which users with influence are talking about you
JavaScript
1
star
79

townhall

Ruby
1
star
80

heroku-buildpack-ruby

my changes to the default heroku buildpack for rubby
Ruby
1
star
81

whoami-twitter

return your remote ip address from an express app after authenticating on twitter
JavaScript
1
star
82

red-dirt-rubyconf-2010

my talk on devops at red dirt rubyconf
1
star
83

modeselektor

infinite redirects
Ruby
1
star
84

pearups.club

the pearups website
Ruby
1
star
85

tweets

My Tweets in a git repo, created by technoweenie/madrox
1
star
86

svnimport-test

JavaScript
1
star