diff --git a/config.sample.js b/config.sample.js
index 9320566..4a30a14 100644
--- a/config.sample.js
+++ b/config.sample.js
@@ -139,41 +139,33 @@ module.exports = {
Example:
https://images.weserv.nl/?url={url-noprot}
will become:
- https://images.weserv.nl/?url=example.com/assets/image.png
+ https://images.weserv.nl/?url=example.com%2Fassets%2Fimage.png
*/
- urlProxy: 'https://images.weserv.nl/?url={url-noprot}',
+ urlProxy: 'https://proxy.duckduckgo.com/iu/?u={url}',
/*
- Disclaimer message that will be printed underneath the URL uploads form.
- Supports HTML. Be safe though.
+ Disclaimer message that will be printed underneath the URL uploads form.
+ Supports HTML. Be safe though.
*/
- urlDisclaimerMessage: 'URL uploads are being proxied and compressed by images.weserv.nl. By using this feature, you agree to their Privacy Policy.',
+ urlDisclaimerMessage: 'URL uploads are being proxied by DuckDuckGo. The proxy can only process direct links, and generally it can only proxy images.',
/*
- Filter mode for URL uploads.
- Can be 'blacklist', 'whitelist', or 'inherit'.
- 'inherit' => inherit primary extensions filter (extensionsFilter option).
- The rest are paired with urlExtensionsFilter option below and should be self-explanatory.
- When this is not set to any of the 3 values, this will fallback to 'inherit'.
+ Filter mode for URL uploads.
+ Can be 'blacklist', 'whitelist', or 'inherit'.
+ 'inherit' => inherit primary extensions filter (extensionsFilter option).
+ The rest are paired with urlExtensionsFilter option below and should be self-explanatory.
+ When this is not set to any of the 3 values, this will fallback to 'inherit'.
*/
- urlExtensionsFilterMode: 'whitelist',
+ urlExtensionsFilterMode: 'inherit',
/*
- Mainly intended for URL proxies that only support certain extensions.
- This will parse the extensions from the URLs, so URLs that do not end with
- the file's extensions will always be rejected.
- Queries and segments in the URLs will be bypassed.
- NOTE: Can not be empty when using either 'blacklist' or 'whitelist' mode.
+ Mainly intended for URL proxies that only support certain extensions.
+ This will parse the extensions from the URLs, so URLs that do not end with
+ the file's extensions will always be rejected.
+ Queries and segments in the URLs will be bypassed.
+ NOTE: Can not be empty when using either 'blacklist' or 'whitelist' mode.
*/
- urlExtensionsFilter: [
- '.gif',
- '.jpg',
- '.jpeg',
- '.png',
- '.bmp',
- '.xbm',
- '.webp'
- ],
+ urlExtensionsFilter: [],
/*
Scan files using ClamAV through clamd.
diff --git a/controllers/uploadController.js b/controllers/uploadController.js
index 061d0ab..8fcb4d8 100644
--- a/controllers/uploadController.js
+++ b/controllers/uploadController.js
@@ -264,26 +264,12 @@ uploadsController.actuallyUploadByUrl = async (req, res, user, albumid) => {
.replace(/{url-noprot}/g, encodeURIComponent(url.replace(/^https?:\/\//, '')))
try {
- const fetchHead = await fetch(url, { method: 'HEAD' })
- if (fetchHead.status !== 200)
- return erred(`${fetchHead.status} ${fetchHead.statusText}`)
-
- const headers = fetchHead.headers
- const size = parseInt(headers.get('content-length'))
- if (isNaN(size))
- return erred('URLs with missing Content-Length HTTP header are not supported.')
-
- if (size > urlMaxSizeBytes)
- return erred('File too large.')
-
- if (config.filterEmptyFile && size === 0)
- return erred('Empty files are not allowed.')
-
- // Limit max response body size with the size reported by Content-Length
- const fetchFile = await fetch(url, { size })
+ // Limit max response body size with maximum allowed size
+ const fetchFile = await fetch(url, { size: urlMaxSizeBytes })
if (fetchFile.status !== 200)
- return erred(`${fetchHead.status} ${fetchHead.statusText}`)
+ return erred(`${fetchFile.status} ${fetchFile.statusText}`)
+ const headers = fetchFile.headers
const file = await fetchFile.buffer()
const length = uploadsController.getFileNameLength(req)
@@ -297,7 +283,7 @@ uploadsController.actuallyUploadByUrl = async (req, res, user, albumid) => {
filename: name,
originalname: original,
mimetype: headers.get('content-type').split(';')[0] || '',
- size,
+ size: file.byteLength,
albumid
}