Merge branch 'release-4.7' into icu669

author: Derrick Anderson <derrick@andersonwebstudio.com> 2018-02-12 15:09:59 -0500
committer: Derrick Anderson <derrick@andersonwebstudio.com> 2018-02-12 15:09:59 -0500
commit: efd620d6c80ddc1f015811ec58514e34ee0b501b (patch)
tree: 8fdcc1043aba1c9a66382b915f4e185ade1128fb /api4/image.go
parent: 87fb19b8279c86c72ffec623e55b80ce35b7d64f (diff)
parent: 1ae680aefae2deb1e9d07d7c2a1c863ec807a79f (diff)
download: chat-efd620d6c80ddc1f015811ec58514e34ee0b501b.tar.gz
chat-efd620d6c80ddc1f015811ec58514e34ee0b501b.tar.bz2
chat-efd620d6c80ddc1f015811ec58514e34ee0b501b.zip
1 files changed, 22 insertions, 0 deletions
diff --git a/api4/image.go b/api4/image.go
new file mode 100644
index 000000000..4589de204
--- /dev/null
+++ b/api4/image.go
@@ -0,0 +1,22 @@
+// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
+// See License.txt for license information.
+
+package api4
+
+import (
+	"net/http"
+)
+
+func (api *API) InitImage() {
+	api.BaseRoutes.Image.Handle("", api.ApiSessionRequiredTrustRequester(getImage)).Methods("GET")
+}
+
+func getImage(c *Context, w http.ResponseWriter, r *http.Request) {
+	// Only redirect to our image proxy if one is enabled. Arbitrary redirects are not allowed for
+	// security reasons.
+	if transform := c.App.ImageProxyAdder(); transform != nil {
+		http.Redirect(w, r, transform(r.URL.Query().Get("url")), http.StatusFound)
+	} else {
+		http.NotFound(w, r)
+	}
+}
author	Derrick Anderson <derrick@andersonwebstudio.com>	2018-02-12 15:09:59 -0500
committer	Derrick Anderson <derrick@andersonwebstudio.com>	2018-02-12 15:09:59 -0500
commit	efd620d6c80ddc1f015811ec58514e34ee0b501b (patch)
tree	8fdcc1043aba1c9a66382b915f4e185ade1128fb /api4/image.go
parent	87fb19b8279c86c72ffec623e55b80ce35b7d64f (diff)
parent	1ae680aefae2deb1e9d07d7c2a1c863ec807a79f (diff)
download	chat-efd620d6c80ddc1f015811ec58514e34ee0b501b.tar.gz chat-efd620d6c80ddc1f015811ec58514e34ee0b501b.tar.bz2 chat-efd620d6c80ddc1f015811ec58514e34ee0b501b.zip