sneak/pixa
1
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: sneak:469b8bf54750739ec8491914013962e32635e9c2
Branches Tags
sneak:main sneak:refactor/extract-magic-package sneak:feat/upaas-deployment-setup sneak:remove-whitelist-suffix-matching sneak:fix/remove-whitelist-suffix-matching sneak:fix/20-split-dockerfile sneak:ci/make-check sneak:chore/remove-stale-files sneak:fix/issue-1 sneak:fix/issue-3 sneak:fix/issue-4
...
compare: sneak:main
Branches Tags
sneak:refactor/extract-magic-package sneak:main sneak:feat/upaas-deployment-setup sneak:remove-whitelist-suffix-matching sneak:fix/remove-whitelist-suffix-matching sneak:fix/20-split-dockerfile sneak:ci/make-check sneak:chore/remove-stale-files sneak:fix/issue-1 sneak:fix/issue-3 sneak:fix/issue-4

1 Commits
469b8bf547 ... main

Author SHA1 Message Date
clawbot
e34743f070 refactor: extract whitelist package from internal/imgcache (#41)
All checks were successful
check / check (push) Successful in 4s
Details 
Extract `HostWhitelist`, `NewHostWhitelist`, `IsWhitelisted`, `IsEmpty`, and `Count` from `internal/imgcache/` into the new `internal/whitelist/` package.

The whitelist package is completely self-contained, depending only on `net/url` and `strings` from the standard library. No circular imports introduced.

**Changes:**
- Moved `whitelist.go` → `internal/whitelist/whitelist.go` (added package comment)
- Moved `whitelist_test.go` → `internal/whitelist/whitelist_test.go` (adapted to external test style)
- Updated `internal/imgcache/service.go` to import from `sneak.berlin/go/pixa/internal/whitelist`

`docker build .` passes (lint, tests, build).

Part of [issue #39](#39)

Co-authored-by: clawbot <clawbot@noreply.git.eeqj.de>
Co-authored-by: user <user@Mac.lan guest wan>
Reviewed-on: #41
Co-authored-by: clawbot <clawbot@noreply.example.org>
Co-committed-by: clawbot <clawbot@noreply.example.org>
 2026-03-25 20:44:56 +01:00
3 changed files with 31 additions and 27 deletions
Expand all files Collapse all files

25
internal/imgcache/whitelist.go → internal/allowlist/allowlist.go
View File

@@ -1,25 +1,26 @@
package imgcache
// Package allowlist provides host-based URL allow-listing for the image proxy.
package allowlist
import (
"net/url"
"strings"
)
// HostWhitelist implements the Whitelist interface for checking allowed source hosts.
type HostWhitelist struct {
// HostAllowList checks whether source hosts are permitted.
type HostAllowList struct {
// exactHosts contains hosts that must match exactly (e.g., "cdn.example.com")
exactHosts map[string]struct{}
// suffixHosts contains domain suffixes to match (e.g., ".example.com" matches "cdn.example.com")
suffixHosts []string
}
// NewHostWhitelist creates a whitelist from a list of host patterns.
// New creates a HostAllowList from a list of host patterns.
// Patterns starting with "." are treated as suffix matches.
// Examples:
// - "cdn.example.com" - exact match only
// - ".example.com" - matches cdn.example.com, images.example.com, etc.
func NewHostWhitelist(patterns []string) *HostWhitelist {
w := &HostWhitelist{
func New(patterns []string) *HostAllowList {
w := &HostAllowList{
exactHosts: make(map[string]struct{}),
suffixHosts: make([]string, 0),
}
@@ -40,8 +41,8 @@ func NewHostWhitelist(patterns []string) *HostWhitelist {
return w
}
// IsWhitelisted checks if a URL's host is in the whitelist.
func (w *HostWhitelist) IsWhitelisted(u *url.URL) bool {
// IsAllowed checks if a URL's host is in the allow list.
func (w *HostAllowList) IsAllowed(u *url.URL) bool {
if u == nil {
return false
}
@@ -71,12 +72,12 @@ func (w *HostWhitelist) IsWhitelisted(u *url.URL) bool {
return false
}
// IsEmpty returns true if the whitelist has no entries.
func (w *HostWhitelist) IsEmpty() bool {
// IsEmpty returns true if the allow list has no entries.
func (w *HostAllowList) IsEmpty() bool {
return len(w.exactHosts) == 0 && len(w.suffixHosts) == 0
}
// Count returns the total number of whitelist entries.
func (w *HostWhitelist) Count() int {
// Count returns the total number of allow list entries.
func (w *HostAllowList) Count() int {
return len(w.exactHosts) + len(w.suffixHosts)
}

22
internal/imgcache/whitelist_test.go → internal/allowlist/allowlist_test.go
View File

@@ -1,11 +1,13 @@
package imgcache
package allowlist_test
import (
"net/url"
"testing"
"sneak.berlin/go/pixa/internal/allowlist"
)
func TestHostWhitelist_IsWhitelisted(t *testing.T) {
func TestHostAllowList_IsAllowed(t *testing.T) {
tests := []struct {
name string
patterns []string
@@ -67,7 +69,7 @@ func TestHostWhitelist_IsWhitelisted(t *testing.T) {
want: true,
},
{
name: "empty whitelist",
name: "empty allow list",
patterns: []string{},
testURL: "https://cdn.example.com/image.jpg",
want: false,
@@ -94,7 +96,7 @@ func TestHostWhitelist_IsWhitelisted(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
w := NewHostWhitelist(tt.patterns)
w := allowlist.New(tt.patterns)
var u *url.URL
if tt.testURL != "" {
@@ -105,15 +107,15 @@ func TestHostWhitelist_IsWhitelisted(t *testing.T) {
}
}
got := w.IsWhitelisted(u)
got := w.IsAllowed(u)
if got != tt.want {
t.Errorf("IsWhitelisted() = %v, want %v", got, tt.want)
t.Errorf("IsAllowed() = %v, want %v", got, tt.want)
}
})
}
}
func TestHostWhitelist_IsEmpty(t *testing.T) {
func TestHostAllowList_IsEmpty(t *testing.T) {
tests := []struct {
name string
patterns []string
@@ -143,7 +145,7 @@ func TestHostWhitelist_IsEmpty(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
w := NewHostWhitelist(tt.patterns)
w := allowlist.New(tt.patterns)
if got := w.IsEmpty(); got != tt.want {
t.Errorf("IsEmpty() = %v, want %v", got, tt.want)
}
@@ -151,7 +153,7 @@ func TestHostWhitelist_IsEmpty(t *testing.T) {
}
}
func TestHostWhitelist_Count(t *testing.T) {
func TestHostAllowList_Count(t *testing.T) {
tests := []struct {
name string
patterns []string
@@ -181,7 +183,7 @@ func TestHostWhitelist_Count(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
w := NewHostWhitelist(tt.patterns)
w := allowlist.New(tt.patterns)
if got := w.Count(); got != tt.want {
t.Errorf("Count() = %v, want %v", got, tt.want)
}

11
internal/imgcache/service.go
View File

@@ -11,6 +11,7 @@ import (
"time"
"github.com/dustin/go-humanize"
"sneak.berlin/go/pixa/internal/allowlist"
"sneak.berlin/go/pixa/internal/imageprocessor"
)
@@ -20,7 +21,7 @@ type Service struct {
fetcher Fetcher
processor *imageprocessor.ImageProcessor
signer *Signer
whitelist *HostWhitelist
allowlist *allowlist.HostAllowList
log *slog.Logger
allowHTTP bool
maxResponseSize int64
@@ -85,7 +86,7 @@ func NewService(cfg *ServiceConfig) (*Service, error) {
fetcher: fetcher,
processor: imageprocessor.New(imageprocessor.Params{MaxInputBytes: maxResponseSize}),
signer: signer,
whitelist: NewHostWhitelist(cfg.Whitelist),
allowlist: allowlist.New(cfg.Whitelist),
log: log,
allowHTTP: allowHTTP,
maxResponseSize: maxResponseSize,
@@ -381,7 +382,7 @@ func (s *Service) Stats(ctx context.Context) (*CacheStats, error) {
// ValidateRequest validates the request signature if required.
func (s *Service) ValidateRequest(req *ImageRequest) error {
// Check if host is whitelisted (no signature required)
// Check if host is allowed (no signature required)
sourceURL := req.SourceURL()
parsedURL, err := url.Parse(sourceURL)
@@ -389,11 +390,11 @@ func (s *Service) ValidateRequest(req *ImageRequest) error {
return fmt.Errorf("invalid source URL: %w", err)
}
if s.whitelist.IsWhitelisted(parsedURL) {
if s.allowlist.IsAllowed(parsedURL) {
return nil
}
// Signature required for non-whitelisted hosts
// Signature required for non-allowed hosts
return s.signer.Verify(req)
}