decoding base64 signed urls in varnish

Fronting imgproxy with varnish, to honor old url base64 signed urls

the javascript file


vcl 4.0;
import blob;
import digest;
# Default backend definition. Set this to point to your content server.
backend default {
    .host = "127.0.0.1";
    .port = "8080";
}
sub vcl_init {

}

sub vcl_recv {
    set req.http.base64part = regsub(req.url, "^/testpath/(.*)\.(.*)$", "\1");
    set req.http.base64ashex = blob.transcode(encoding=HEX, decoding=BASE64URL, encoded=req.http.base64part);
    set req.http.imghash-hex = regsub(req.http.base64asHex, "^(.{0,64})(.*)$", "\1");
    set req.http.imgauth-hex = regsub(req.http.base64asHex, "^(.{0,64})(.{0,32})(.*)$", "\2");
    set req.http.imgparms-hex = regsub(req.http.base64asHex, "^(.{0,96})(.*)$", "\2");
    set req.http.imgparms = blob.transcode(encoding=IDENTITY, decoding=HEX, encoded=req.http.imgparms-hex);


    set req.http.genimgauth = digest.hash_md5(req.http.imghash-hex + "-" + req.http.imgparms + "-" + "mymagicsecret");
    if (req.http.genimgauth == req.http.imgauth-hex) {
     set req.http.imgsig="good";
    } else {
     set req.http.imgsig="bad";
    }

    unset req.http.decodedUrl;
    unset req.http.imghash;
    unset req.http.imgauth;

    set req.http.fileExt = regsub(req.url, "^/ddimgnew/(.*)\.(.*)$", "\2");
    set req.http.origurl = req.url;
    set req.http.bucketUrl = regsub(req.http.imgparms, "(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)", "\1");

    set req.http.imgFormat = "jpg";
    if (req.http.fileExt == "webp") {
     set req.http.imgFormat = "webp";
    }

    if (regsub(req.http.imgparms, ".*\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)", "\3") != "") {
     set req.http.imgMode = "fit";
     set req.http.imgH = regsub(req.http.imgparms, ".*\|(\d+)x(\d+)\|.*", "\1");
     set req.http.imgW = regsub(req.http.imgparms, ".*\|(\d+)x(\d+)\|.*", "\2");
    }

    if (regsub(req.http.imgparms, ".*\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)\|(.*)", "\6") != "") {
     set req.http.imgMode = "fill";
     set req.http.imgH = regsub(req.http.imgparms, ".*\|(\d+)x(\d+)\|.*", "\1");
     set req.http.imgW = regsub(req.http.imgparms, ".*\|(\d+)x(\d+)\|.*", "\2");
    }

    set req.http.imgproxyUrl = "mangled/" + req.http.imgMode + "/" + req.http.imgH + "/" + req.http.imgW + "/ce/0/plain/" + req.http.bucketUrl + "@" + req.http.imgFormat;
    set req.url = "/mangled/" + req.http.imgMode + "/" + req.http.imgH + "/" + req.http.imgW + "/ce/0/plain/" + req.http.bucketUrl + "@" + req.http.imgFormat;

    return (hash);
}

sub vcl_deliver {
    set resp.http.imgsig = req.http.imgsig;
    set resp.http.origurl =  req.http.origurl;
    set resp.http.backendurl = req.url;
}
sub vcl_hash {
    hash_data(req.url);
    if (req.http.host) {
        hash_data(req.http.host);
    } else {
        hash_data(server.ip);
    }
    return (lookup);
}

sub vcl_backend_fetch {
    return (fetch);
    }
    

Comments

Popular posts from this blog

Baileys liquor Chocolate Chip and Cream desert

nginx decode base64 url for use with imgproxy

Resol VBUS success