sneak/pixa
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
77 Commits 7 Branches 0 Tags
1f809a6fc9f9e7562afe4b295a6231466aecaf6b
Commit Graph

53 Commits

Author SHA1 Message Date
sneak
1f809a6fc9 Implement ETag, HEAD requests, and conditional requests 
- Add ETag generation based on output content hash (first 16 chars)
- Add ContentLength to ImageResponse from cache
- Add LoadWithSize method to ContentStorage
- Add GetOutputWithSize method to Cache
- Handle HEAD requests returning headers only
- Handle If-None-Match conditional requests returning 304
- Register HEAD route for image proxy endpoint
 2026-01-08 10:08:38 -08:00
sneak
4df3e44eff Add failing tests for ETag, HEAD requests, and conditional requests 
TDD: Write tests first before implementation for:
- ETag generation and consistency in service layer
- HEAD request support (headers only, no body)
- Conditional requests with If-None-Match header (304 responses)
 2026-01-08 10:06:18 -08:00
sneak
2e349a8b83 Implement security headers middleware 
Adds X-Content-Type-Options, X-Frame-Options, Referrer-Policy,
and X-XSS-Protection headers to all responses.
 2026-01-08 10:02:17 -08:00
sneak
5de7a26735 Add failing tests for security headers middleware 
Tests for X-Content-Type-Options, X-Frame-Options, Referrer-Policy,
X-XSS-Protection headers on responses.
 2026-01-08 10:01:36 -08:00
sneak
95408e68d4 Implement max input dimensions and path traversal validation 
- Reject input images exceeding MaxInputDimension (8192px) to prevent DoS
- Detect path traversal: ../, encoded variants, backslashes, null bytes
 2026-01-08 08:50:18 -08:00
sneak
c964feac7e Add failing tests for input dimension and path traversal validation 
Tests for:
- ErrInputTooLarge when input image exceeds MaxInputDimension
- ErrPathTraversal for ../, encoded traversal, backslashes, null bytes
 2026-01-08 08:48:11 -08:00
sneak
2cbafe374c Add mock fetcher and service tests for imgcache 
Introduces Fetcher interface, mock implementation for testing,
and ApplyMigrations helper for test database setup.
 2026-01-08 07:39:18 -08:00
sneak
1f0ec59eb5 Wire up auth routes and encrypted URL endpoint 
Add session manager and encurl generator to handlers.
Register /, /logout, /generate, /v1/e/{token}, /static/* routes.
 2026-01-08 07:38:44 -08:00
sneak
08d6e264ed Add auth and encrypted image handlers 
Login page, logout, URL generator form, and /v1/e/{token}
endpoint for serving images from encrypted URLs.
 2026-01-08 07:38:15 -08:00
sneak
aad5e59d23 Add static files and HTML templates for web UI 
Embedded Tailwind CSS and login/generator templates.
Self-contained with no external dependencies.
 2026-01-08 07:38:09 -08:00
sneak
c033e918f0 Add encurl package for encrypted URL tokens 
CBOR-encoded payloads with NaCl secretbox encryption.
Supports expiration, image parameters with omitempty defaults.
 2026-01-08 07:38:05 -08:00
sneak
041b18f651 Add session package for encrypted cookie management 
Uses gorilla/securecookie with keys derived via HKDF.
30-day TTL, HttpOnly, Secure, SameSiteStrict cookies.
 2026-01-08 07:37:58 -08:00
sneak
3f4f345d1c Add seal package for authenticated encryption 
Provides HKDF-SHA256 key derivation and NaCl secretbox
(XSalsa20-Poly1305) encryption/decryption utilities.
 2026-01-08 07:37:53 -08:00
sneak
f244d9c7e0 Add per-host connection limits for upstream fetching 
- Add upstream_connections_per_host config option (default: 20)
- Implement per-host semaphores to limit concurrent connections
- Semaphore released when response body is closed
- Prevents overwhelming origin servers with parallel requests
 2026-01-08 05:19:20 -08:00
sneak
6304556837 Refactor to serve all responses from cached files on disk 
- StoreOutput now returns output hash for immediate retrieval
- Cache misses now serve from disk file after storing (same as hits)
- Log served_bytes from actual io.Copy result (avoids stat calls)
- Remove ContentLength field usage for cache hits (stream from file)
- Fix tests to properly check all return values
 2026-01-08 05:11:55 -08:00
sneak
1a97f42cd8 Add detailed logging for image requests with cache status and timing 2026-01-08 05:04:08 -08:00
sneak
6a20406b0f Add -config flag using cobra to specify config file path 2026-01-08 04:58:05 -08:00
sneak
9647829ac9 Support YAML list format for whitelist_hosts config 2026-01-08 04:08:51 -08:00
sneak
3fcf9d9146 Add failing test for YAML list format in whitelist_hosts config 2026-01-08 04:08:11 -08:00
sneak
fd2d108f9c Wire up image handler endpoint with service orchestration 
- Add image proxy config options (signing_key, whitelist_hosts, allow_http)
- Create Service to orchestrate cache, fetcher, and processor
- Initialize image service in handlers OnStart hook
- Implement HandleImage with URL parsing, signature validation, cache
- Implement HandleRobotsTxt for search engine prevention
- Parse query params for signature, quality, and fit mode
 2026-01-08 04:01:53 -08:00
sneak
5462c9222c Add pure Go image processor with resize and format conversion 
Implements the Processor interface using disintegration/imaging library.
Supports JPEG, PNG, GIF, WebP decoding and JPEG, PNG, GIF encoding.
Includes all fit modes: cover, contain, fill, inside, outside.
 2026-01-08 03:54:50 -08:00
sneak
9629139989 Add tests for cache service 
Tests cover: lookup miss/hit, store source/output, negative caching,
negative cache expiry, hot cache, output retrieval, stats, and cleanup.
 2026-01-08 03:39:23 -08:00
sneak
6d32b7ee23 Fix formatting in fetcher and signature tests 2026-01-08 03:36:00 -08:00
sneak
30c5c077e5 Add cache service with hot cache and negative caching 
Implements cache lookup with in-memory hot path, source/output storage,
negative caching for failed fetches, TTL expiration, and statistics tracking.
 2026-01-08 03:35:55 -08:00
sneak
2f20c71da0 Add content-addressable storage and cache key generation 
ContentStorage stores blobs at <dir>/<ab>/<cd>/<sha256> paths.
MetadataStorage stores JSON at <dir>/<host>/<path_hash>.json.
CacheKey generates unique keys from request parameters.
 2026-01-08 03:35:50 -08:00
sneak
4595929275 Add embedded SQL migrations system 
Migrations are stored in schema/*.sql and embedded via go:embed.
Applied migrations are tracked in schema_migrations table.
Initial schema includes source_content, source_metadata, output_content,
request_cache, negative_cache, and cache_stats tables.
 2026-01-08 03:35:43 -08:00
sneak
30d63e80dc Add magic byte detection for image format validation 
Implements format detection by checking file magic bytes for JPEG, PNG,
GIF, WebP, AVIF, and SVG. Includes validation against declared Content-Type.
 2026-01-08 03:35:29 -08:00
sneak
cc2c40bfbf Implement HMAC-SHA256 signature generation and verification 2026-01-08 03:02:09 -08:00
sneak
2b0ccd6052 Implement host whitelist for source domains 2026-01-08 03:00:53 -08:00
sneak
018c280267 Add ParseImagePath for chi wildcard and upstream fetcher with SSRF protection 2026-01-08 02:59:48 -08:00
sneak
c69ddf6f61 Implement URL parser for image proxy routes 2026-01-08 02:55:05 -08:00
sneak
09a0e6f039 Fix formatting alignment in server constants 2026-01-08 02:31:01 -08:00
sneak
1ac16bcfb4 Remove unused respondError function 2026-01-08 02:30:13 -08:00
sneak
837c91e0dd Rename unused ctx parameters in server hooks 2026-01-08 02:29:48 -08:00
sneak
827f9743b8 Add package and const block comments to imgcache 2026-01-08 02:29:25 -08:00
sneak
453fd22ce2 Add doc comment to HandleHealthCheck method 2026-01-08 02:28:30 -08:00
sneak
eb2ba92745 Add comment to SQLite blank import 2026-01-08 02:28:05 -08:00
sneak
29adb6ee47 Rename unused parameters to _ to satisfy linter 2026-01-08 02:27:45 -08:00
sneak
146eeee070 Use bit shift for HTTPMaxHeaderBytes constant 2026-01-08 02:26:47 -08:00
sneak
31df1a4a03 Rename LoggerParams to Params to avoid stuttering 2026-01-08 02:26:15 -08:00
sneak
1824d99f55 Rename ServerParams to Params to avoid stuttering 2026-01-08 02:25:56 -08:00
sneak
3f6328766c Rename MiddlewareParams to Params to avoid stuttering 2026-01-08 02:25:42 -08:00
sneak
ad89bd9232 Rename HealthcheckParams and HealthcheckResponse to avoid stuttering 2026-01-08 02:25:28 -08:00
sneak
43e4172fb3 Rename HandlersParams to Params to avoid stuttering 2026-01-08 02:25:00 -08:00
sneak
c68c8909f7 Rename DatabaseParams to Params to avoid stuttering 2026-01-08 02:24:40 -08:00
sneak
d95d31df25 Rename ConfigParams to Params to avoid stuttering 2026-01-08 02:24:20 -08:00
sneak
ef6e67e786 Add blank line before return in SourceURL 2026-01-08 02:23:23 -08:00
sneak
751e557884 Define ShutdownTimeout and SentryFlushTimeout constants 2026-01-08 02:22:58 -08:00
sneak
0eb6193431 Use HTTPWriteTimeout constant for request timeout 2026-01-08 02:22:25 -08:00
sneak
bf24a310bc Define HTTP server timeout and header size constants 2026-01-08 02:21:54 -08:00