Bitcoin Forum
November 21, 2017, 05:18:27 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4] 5 6 7 »  All
  Print  
Author Topic: Images now proxied  (Read 9025 times)
ReCat
Sr. Member
****
Offline Offline

Activity: 406



View Profile WWW
December 13, 2013, 12:25:43 AM
 #61

Coral CDN doesn't support HTTPS.

Is it so hard to make the code a little bit more complicated just to support GIFS? I suppose it renders the image into a buffer and then renders an image from that buffer, to be safe from bad binary data hidden in an image?

If it's not doing that to be super-safe, FOR GOD SAKE PROXY IT BYTE FOR BYTE.

BTC: 1recatirpHBjR9sxgabB3RDtM6TgntYUW
Hold onto what you love with all your might, Because you can never know when - Oh. What you love is now gone.
1511241507
Hero Member
*
Offline Offline

Posts: 1511241507

View Profile Personal Message (Offline)

Ignore
1511241507
Reply with quote  #2

1511241507
Report to moderator
1511241507
Hero Member
*
Offline Offline

Posts: 1511241507

View Profile Personal Message (Offline)

Ignore
1511241507
Reply with quote  #2

1511241507
Report to moderator
1511241507
Hero Member
*
Offline Offline

Posts: 1511241507

View Profile Personal Message (Offline)

Ignore
1511241507
Reply with quote  #2

1511241507
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Raize
Donator
Legendary
*
Offline Offline

Activity: 1409


View Profile
December 13, 2013, 10:38:17 PM
 #62

Actually, yeah, it could be difficult to do on the fly without the right libraries to essentially rebuild the animated image or correctly strip identifying metadata (if that's the other reason why this proxy has went in place).

Proxying it byte for byte could have other implications, none of which are present today (that we know of), but that's been used to screw with IE to do XSS in the past (you could muck around with content-type with an old IE by having the .JPG act as HTML or Javascript).

OrganofCorti's Neighbourhood Pool Watch - The most informative website on blockchain health
Richy_T
Legendary
*
Offline Offline

Activity: 1316


1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k


View Profile
December 13, 2013, 11:04:57 PM
 #63

The libraries are out there. It would just be finding somewhere that uses them as Theymos has indicated he's not willing to put any effort into this.

1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k
ReCat
Sr. Member
****
Offline Offline

Activity: 406



View Profile WWW
December 13, 2013, 11:08:29 PM
 #64

I'm not a programmer and I can do a better job than this.

BTC: 1recatirpHBjR9sxgabB3RDtM6TgntYUW
Hold onto what you love with all your might, Because you can never know when - Oh. What you love is now gone.
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
December 13, 2013, 11:21:20 PM
 #65

It would just be finding somewhere that uses them as Theymos has indicated he's not willing to put any effort into this.

I don't think that is true that all, I just think it is hard to find actual business that does this type of proxing. Remember proxing images isn't easy at all, it takes up a lot of space to cache, bandwidth, and it isn't cheap to run this service. Remember this forum is over 100K+ members and I would say about 65% of post contain some image of some kind. That means you have to have some pretty powerful machines. I would say at least a dedicated server. There is no money that can be made from this service either, it is a very niche situation.

But if anyone has a good dedicated server they are not using, here is the software I built https://github.com/italiano40/image-proxy just requires mysql, php 5+ and ability to add cron jobs, so anyone can host this and try to convince theymos it is the best option if you believe it is.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
ReCat
Sr. Member
****
Offline Offline

Activity: 406



View Profile WWW
December 13, 2013, 11:28:20 PM
 #66

It makes sense until you realizes that the forum will fully proxy a 1MB JPEG and not a 60kb GIF.

BTC: 1recatirpHBjR9sxgabB3RDtM6TgntYUW
Hold onto what you love with all your might, Because you can never know when - Oh. What you love is now gone.
btcton
Hero Member
*****
Offline Offline

Activity: 952

Professional SysAdmin / Hobbyist Developer


View Profile
December 14, 2013, 06:02:24 AM
 #67

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

b!z
Legendary
*
Offline Offline

Activity: 1568



View Profile
December 15, 2013, 04:36:58 AM
 #68

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

That's probably not tinfoilhatty enough.
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
December 15, 2013, 04:42:59 AM
 #69

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

That's probably not tinfoilhatty enough.

No cause everyone would be like theymos whitelist this and whitelist this, and that thread would be insanity long. Image proxy is the best option, keeps every happy.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
btcton
Hero Member
*****
Offline Offline

Activity: 952

Professional SysAdmin / Hobbyist Developer


View Profile
December 15, 2013, 04:48:28 AM
 #70

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

That's probably not tinfoilhatty enough.

No cause everyone would be like theymos whitelist this and whitelist this, and that thread would be insanity long. Image proxy is the best option, keeps every happy.
If he manages to get it working.

gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
December 15, 2013, 04:50:00 AM
 #71

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

That's probably not tinfoilhatty enough.

No cause everyone would be like theymos whitelist this and whitelist this, and that thread would be insanity long. Image proxy is the best option, keeps every happy.
If he manages to get it working.

true to that too

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
ReCat
Sr. Member
****
Offline Offline

Activity: 406



View Profile WWW
December 15, 2013, 07:08:49 PM
 #72

Some other forums automatically upload pictures onto their file servers and links that instead. Others require users to upload all pictures to a certain site and then whitelists only that site.

BTC: 1recatirpHBjR9sxgabB3RDtM6TgntYUW
Hold onto what you love with all your might, Because you can never know when - Oh. What you love is now gone.
DeboraMeeks
Hero Member
*****
Offline Offline

Activity: 588


View Profile
December 16, 2013, 08:29:04 PM
 #73

It looks like some avatar images are not being proxied.
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
December 16, 2013, 08:54:01 PM
 #74

It looks like some avatar images are not being proxied.

Avatars aren't suppose to be proxied since they are loaded from the forum's server.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
December 16, 2013, 08:55:32 PM
 #75

It looks like some avatar images are not being proxied.

Avatars aren't suppose to be proxied since they are loaded from the forum's server.
Not all of them are.
jackjack
Legendary
*
Offline Offline

Activity: 1120


May Bitcoin be touched by his Noodly Appendage


View Profile
December 16, 2013, 10:55:26 PM
 #76

It looks like some avatar images are not being proxied.

Avatars aren't suppose to be proxied since they are loaded from the forum's server.
Not all of them are.
I'm kinda sure all the avatars are from the forum's server
Why wouldn't dynamic avatars work otherwise?

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
December 16, 2013, 11:21:32 PM
 #77

I'm kinda sure all the avatars are from the forum's server
Why wouldn't dynamic avatars work otherwise?
I've got RequestPolicy installed, and I've seen avatars that are not hosted from bitcointalk.org.

Maybe they are legacy avatars from a time period before remote images were blocked or something.
Exther
Jr. Member
*
Offline Offline

Activity: 45

#MASTERCOIN-FAUCET-OTS:#36F2567C#


View Profile
December 17, 2013, 03:09:40 PM
 #78

oh man, let me use imgur at least so I can put animated gif 

TheButterZone
Legendary
*
Offline Offline

Activity: 1960


Nemo me impune lacessit


View Profile WWW
December 18, 2013, 05:55:12 AM
 #79

btcticker.appspot.com / https://github.com/vrotaru/btcticker desperately needs to be whitelisted, and any other price converters without viewer IP tracking. So fucking off, I have to choose between deleting them or hoping nobody holds me to the old cached versions in my topics.

rme
Hero Member
*****
Offline Offline

Activity: 728



View Profile
December 18, 2013, 08:00:52 PM
 #80

btcticker.appspot.com / https://github.com/vrotaru/btcticker desperately needs to be whitelisted, and any other price converters without viewer IP tracking. So fucking off, I have to choose between deleting them or hoping nobody holds me to the old cached versions in my topics.

A fix for this can be to make a list of domains that need to avoid cache.

Then, concatenate the date, the hour and the actual minute to the url, this has to change dynamically with php.

That way every minute the request will be diferent forcing the proxy to reload the image.

For example this image:
http://btcticker.appspot.com/mtgox/1.00btc2eur.png

Will turn into:
http://btcticker.appspot.com/mtgox/1.00btc2eur.png?anticache=201312182259

Now, with the proxy:
https://images.weserv.nl/?url=btcticker.appspot.com/mtgox/1.00btc2eur.png%3Fanticache=201312182254&fnr

Note: use %3F to encode ? and %26 to encode &.


The format is YEAR MONTH DAY HOUR MINUTE

This way we have a 60 seconds cache + https in images + not leaking ips to whitelist domains

This method will only be used by domains that need to avoid the cache.
Pages: « 1 2 3 [4] 5 6 7 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!