Images now proxied - page 3. | Bitcointalksearch.org

Richy_T

legendary

Activity: 2576

Merit: 2267

1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k

Quote from: rme on December 18, 2013, 03:00:52 PM

Quote from: TheButterZone on December 18, 2013, 12:55:12 AM

btcticker.appspot.com / https://github.com/vrotaru/btcticker desperately needs to be whitelisted, and any other price converters without viewer IP tracking. So fucking off, I have to choose between deleting them or hoping nobody holds me to the old cached versions in my topics.

A fix for this can be to make a list of domains that need to avoid cache.

Then, concatenate the date, the hour and the actual minute to the url, this has to change dynamically with php.

That way every minute the request will be diferent forcing the proxy to reload the image.

For example this image:
http://btcticker.appspot.com/mtgox/1.00btc2eur.png

Will turn into:
http://btcticker.appspot.com/mtgox/1.00btc2eur.png?anticache=201312182259

Now, with the proxy:
https://images.weserv.nl/?url=btcticker.appspot.com/mtgox/1.00btc2eur.png%3Fanticache=201312182254&fnr

Note: use %3F to encode ? and %26 to encode &.

The format is YEAR MONTH DAY HOUR MINUTE

This way we have a 60 seconds cache + https in images + not leaking ips to whitelist domains

This method will only be used by domains that need to avoid the cache.

That means you need to update the link every time you need it to update which somewhat defeats the purpose.

Has anyone checked whether the proxy respects the standard cache headers and options?

rme

hero member

Activity: 756

Merit: 504

Quote from: TheButterZone on December 18, 2013, 12:55:12 AM

btcticker.appspot.com / https://github.com/vrotaru/btcticker desperately needs to be whitelisted, and any other price converters without viewer IP tracking. So fucking off, I have to choose between deleting them or hoping nobody holds me to the old cached versions in my topics.

A fix for this can be to make a list of domains that need to avoid cache.

Then, concatenate the date, the hour and the actual minute to the url, this has to change dynamically with php.

That way every minute the request will be diferent forcing the proxy to reload the image.

For example this image:
http://btcticker.appspot.com/mtgox/1.00btc2eur.png

Will turn into:
http://btcticker.appspot.com/mtgox/1.00btc2eur.png?anticache=201312182259

Now, with the proxy:
https://images.weserv.nl/?url=btcticker.appspot.com/mtgox/1.00btc2eur.png%3Fanticache=201312182254&fnr

Note: use %3F to encode ? and %26 to encode &.

The format is YEAR MONTH DAY HOUR MINUTE

This way we have a 60 seconds cache + https in images + not leaking ips to whitelist domains

This method will only be used by domains that need to avoid the cache.

TheButterZone

legendary

Activity: 3038

Merit: 1032

RIP Mommy

btcticker.appspot.com / https://github.com/vrotaru/btcticker desperately needs to be whitelisted, and any other price converters without viewer IP tracking. So fucking off, I have to choose between deleting them or hoping nobody holds me to the old cached versions in my topics.

Exther

newbie

Activity: 45

Merit: 0

oh man, let me use imgur at least so I can put animated gif

justusranvier

legendary

Activity: 1400

Merit: 1013

Quote from: jackjack on December 16, 2013, 05:55:26 PM

I'm kinda sure all the avatars are from the forum's server
Why wouldn't dynamic avatars work otherwise?

I've got RequestPolicy installed, and I've seen avatars that are not hosted from bitcointalk.org.

Maybe they are legacy avatars from a time period before remote images were blocked or something.

jackjack

legendary

Activity: 1176

Merit: 1280

May Bitcoin be touched by his Noodly Appendage

Quote from: justusranvier on December 16, 2013, 03:55:32 PM

Quote from: ?? on ??

Quote from: DeboraMeeks on December 16, 2013, 03:29:04 PM

It looks like some avatar images are not being proxied.

Avatars aren't suppose to be proxied since they are loaded from the forum's server.

Not all of them are.

I'm kinda sure all the avatars are from the forum's server
Why wouldn't dynamic avatars work otherwise?

justusranvier

legendary

Activity: 1400

Merit: 1013

Quote from: ?? on ??

Quote from: DeboraMeeks on December 16, 2013, 03:29:04 PM

It looks like some avatar images are not being proxied.

Avatars aren't suppose to be proxied since they are loaded from the forum's server.

Not all of them are.

DeboraMeeks

hero member

Activity: 588

Merit: 500

It looks like some avatar images are not being proxied.

ReCat

sr. member

Activity: 406

Merit: 250

Some other forums automatically upload pictures onto their file servers and links that instead. Others require users to upload all pictures to a certain site and then whitelists only that site.

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: btcton on December 14, 2013, 11:48:28 PM

Quote from: gweedo on December 14, 2013, 11:42:59 PM

Quote from: b!z on December 14, 2013, 11:36:58 PM

Quote from: btcton on December 14, 2013, 01:02:24 AM

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

That's probably not tinfoilhatty enough.

No cause everyone would be like theymos whitelist this and whitelist this, and that thread would be insanity long. Image proxy is the best option, keeps every happy.

If he manages to get it working.

true to that too

btcton

legendary

Activity: 1302

Merit: 1007

Quote from: gweedo on December 14, 2013, 11:42:59 PM

Quote from: b!z on December 14, 2013, 11:36:58 PM

Quote from: btcton on December 14, 2013, 01:02:24 AM

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

That's probably not tinfoilhatty enough.

No cause everyone would be like theymos whitelist this and whitelist this, and that thread would be insanity long. Image proxy is the best option, keeps every happy.

If he manages to get it working.

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: b!z on December 14, 2013, 11:36:58 PM

Quote from: btcton on December 14, 2013, 01:02:24 AM

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

That's probably not tinfoilhatty enough.

No cause everyone would be like theymos whitelist this and whitelist this, and that thread would be insanity long. Image proxy is the best option, keeps every happy.

b!z

legendary

Activity: 1582

Merit: 1010

Quote from: btcton on December 14, 2013, 01:02:24 AM

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

That's probably not tinfoilhatty enough.

btcton

legendary

Activity: 1302

Merit: 1007

Isn't it easier to just whitelist popularly known image hosting sites such as imgur?

ReCat

sr. member

Activity: 406

Merit: 250

It makes sense until you realizes that the forum will fully proxy a 1MB JPEG and not a 60kb GIF.

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: Richy_T on December 13, 2013, 06:04:57 PM

It would just be finding somewhere that uses them as Theymos has indicated he's not willing to put any effort into this.

I don't think that is true that all, I just think it is hard to find actual business that does this type of proxing. Remember proxing images isn't easy at all, it takes up a lot of space to cache, bandwidth, and it isn't cheap to run this service. Remember this forum is over 100K+ members and I would say about 65% of post contain some image of some kind. That means you have to have some pretty powerful machines. I would say at least a dedicated server. There is no money that can be made from this service either, it is a very niche situation.

But if anyone has a good dedicated server they are not using, here is the software I built https://github.com/italiano40/image-proxy just requires mysql, php 5+ and ability to add cron jobs, so anyone can host this and try to convince theymos it is the best option if you believe it is.

ReCat

sr. member

Activity: 406

Merit: 250

I'm not a programmer and I can do a better job than this.

Richy_T

legendary

Activity: 2576

Merit: 2267

1RichyTrEwPYjZSeAYxeiFBNnKC9UjC5k

The libraries are out there. It would just be finding somewhere that uses them as Theymos has indicated he's not willing to put any effort into this.

Raize

donator

Activity: 1419

Merit: 1015

Actually, yeah, it could be difficult to do on the fly without the right libraries to essentially rebuild the animated image or correctly strip identifying metadata (if that's the other reason why this proxy has went in place).

Proxying it byte for byte could have other implications, none of which are present today (that we know of), but that's been used to screw with IE to do XSS in the past (you could muck around with content-type with an old IE by having the .JPG act as HTML or Javascript).

gweedo

legendary

Activity: 1498

Merit: 1000

Quote from: Richy_T on December 09, 2013, 10:39:58 PM

Quote from: gweedo on November 23, 2013, 05:06:49 PM

Quote from: theymos on November 23, 2013, 04:55:31 PM

Does anyone know of another reliable HTTPS proxy that would work? I'd prefer that the forum not do this itself, as we'd then need to worry about abuse, legal issues, etc.

If you or anyone wants a image proxy script that doesn't break the gifs and proxies them as well, you can contact me.

I wrote it in an hour so it could use a few more optimizations but it works for the most part.

I'm guessing the proxy actually re-writes gifs which is what breaks them. If it was simply caching them, it would not be an issue. It depends on whether this rewriting is a requirement or not.

If caching/proxy is all that's required, something like Squid should be able to handle it.

I am guessing since the site has options to do operations on the images, they only use the first frame from the gif, so they are only caching that part frame of the gif.

Squid would require theymos to setup and he doesn't want to do that. So this would be easier for him, plus this is to eliminate possible pixel tracking and mix-content warnings.

Topic: Images now proxied - page 3. (Read 9352 times)