PluralKit/PluralKit.Bot/Utils/AvatarUtils.cs

using System;
using System.Linq;
using System.Net.Http;
using System.Text.RegularExpressions;
using System.Threading.Tasks;

using PluralKit.Core;

using SixLabors.ImageSharp;

namespace PluralKit.Bot
{
    public static class AvatarUtils
    {
        public static async Task VerifyAvatarOrThrow(HttpClient client, string url, bool isFullSizeImage = false)
        {
            if (url.Length > Limits.MaxUriLength)
                throw Errors.UrlTooLong(url);

            // List of MIME types we consider acceptable
            var acceptableMimeTypes = new[]
            {
                "image/jpeg",
                "image/gif",
                "image/png"
                // TODO: add image/webp once ImageSharp supports this
            };

            if (!PluralKit.Core.MiscUtils.TryMatchUri(url, out var uri))
                throw Errors.InvalidUrl(url);

            url = TryRewriteCdnUrl(url);

            var response = await client.GetAsync(url);
            if (!response.IsSuccessStatusCode) // Check status code
                throw Errors.AvatarServerError(response.StatusCode);
            if (response.Content.Headers.ContentLength == null) // Check presence of content length
                throw Errors.AvatarNotAnImage(null);
            if (!acceptableMimeTypes.Contains(response.Content.Headers.ContentType.MediaType)) // Check MIME type
                throw Errors.AvatarNotAnImage(response.Content.Headers.ContentType.MediaType);

            if (isFullSizeImage)
                // no need to do size checking on banners
                return;

            if (response.Content.Headers.ContentLength > Limits.AvatarFileSizeLimit) // Check content length
                throw Errors.AvatarFileSizeLimit(response.Content.Headers.ContentLength.Value);

            // Parse the image header in a worker
            var stream = await response.Content.ReadAsStreamAsync();
            var image = await Task.Run(() => Image.Identify(stream));
            if (image == null) throw Errors.AvatarInvalid;
            if (image.Width > Limits.AvatarDimensionLimit || image.Height > Limits.AvatarDimensionLimit) // Check image size
                throw Errors.AvatarDimensionsTooLarge(image.Width, image.Height);
        }

        // Rewrite cdn.discordapp.com URLs to media.discordapp.net for jpg/png files
        // This lets us add resizing parameters to "borrow" their media proxy server to downsize the image
        // which in turn makes it more likely to be underneath the size limit!
        private static readonly Regex DiscordCdnUrl = new Regex(@"^https?://(?:cdn\.discordapp\.com|media\.discordapp\.net)/attachments/(\d{17,19})/(\d{17,19})/([^/\\&\?]+)\.(png|jpg|jpeg|webp)(\?.*)?$");
        private static readonly string DiscordMediaUrlReplacement = "https://media.discordapp.net/attachments/$1/$2/$3.$4?width=256&height=256";
        public static string? TryRewriteCdnUrl(string? url)
        {
            return url == null ? null : DiscordCdnUrl.Replace(url, DiscordMediaUrlReplacement);
        }
    }
}
run dotnet format 2021-08-27 15:03:47 +00:00			`using System;`
Large refactor and project restructuring 2020-02-12 14:16:19 +00:00			`using System.Linq;`
			`using System.Net.Http;`
Move mediaproxy URL rewriting to ProxyService This shows full size avatars in API / cards. Also, rewrite URLs currently stored with media.discordapp.net "back" to cdn.discordapp.com before sending them to users. 2021-08-01 16:51:54 +00:00			`using System.Text.RegularExpressions;`
Large refactor and project restructuring 2020-02-12 14:16:19 +00:00			`using System.Threading.Tasks;`

			`using PluralKit.Core;`

			`using SixLabors.ImageSharp;`

run dotnet format 2021-08-27 15:03:47 +00:00			`namespace PluralKit.Bot`
			`{`
			`public static class AvatarUtils`
			`{`
Use a proper user agent when fetching images 2021-08-23 20:53:58 +00:00			`public static async Task VerifyAvatarOrThrow(HttpClient client, string url, bool isFullSizeImage = false)`
Large refactor and project restructuring 2020-02-12 14:16:19 +00:00			`{`
run dotnet format 2021-08-27 15:03:47 +00:00			`if (url.Length > Limits.MaxUriLength)`
DRY-ify checking URL length for avatars 2020-11-22 20:43:38 +00:00			`throw Errors.UrlTooLong(url);`

Large refactor and project restructuring 2020-02-12 14:16:19 +00:00			`// List of MIME types we consider acceptable`
			`var acceptableMimeTypes = new[]`
			`{`
			`"image/jpeg",`
			`"image/gif",`
			`"image/png"`
			`// TODO: add image/webp once ImageSharp supports this`
			`};`

Use a proper user agent when fetching images 2021-08-23 20:53:58 +00:00			`if (!PluralKit.Core.MiscUtils.TryMatchUri(url, out var uri))`
			`throw Errors.InvalidUrl(url);`
Large refactor and project restructuring 2020-02-12 14:16:19 +00:00
Use a proper user agent when fetching images 2021-08-23 20:53:58 +00:00			`url = TryRewriteCdnUrl(url);`
Move mediaproxy URL rewriting to ProxyService This shows full size avatars in API / cards. Also, rewrite URLs currently stored with media.discordapp.net "back" to cdn.discordapp.com before sending them to users. 2021-08-01 16:51:54 +00:00
Use a proper user agent when fetching images 2021-08-23 20:53:58 +00:00			`var response = await client.GetAsync(url);`
			`if (!response.IsSuccessStatusCode) // Check status code`
			`throw Errors.AvatarServerError(response.StatusCode);`
			`if (response.Content.Headers.ContentLength == null) // Check presence of content length`
			`throw Errors.AvatarNotAnImage(null);`
			`if (!acceptableMimeTypes.Contains(response.Content.Headers.ContentType.MediaType)) // Check MIME type`
			`throw Errors.AvatarNotAnImage(response.Content.Headers.ContentType.MediaType);`
Large refactor and project restructuring 2020-02-12 14:16:19 +00:00
Use a proper user agent when fetching images 2021-08-23 20:53:58 +00:00			`if (isFullSizeImage)`
			`// no need to do size checking on banners`
			`return;`
fix: correctly check banner image size (don't) 2021-08-07 01:41:27 +00:00
Use a proper user agent when fetching images 2021-08-23 20:53:58 +00:00			`if (response.Content.Headers.ContentLength > Limits.AvatarFileSizeLimit) // Check content length`
			`throw Errors.AvatarFileSizeLimit(response.Content.Headers.ContentLength.Value);`
fix: don't check file size for banners 2021-08-08 21:44:30 +00:00
Use a proper user agent when fetching images 2021-08-23 20:53:58 +00:00			`// Parse the image header in a worker`
			`var stream = await response.Content.ReadAsStreamAsync();`
			`var image = await Task.Run(() => Image.Identify(stream));`
			`if (image == null) throw Errors.AvatarInvalid;`
			`if (image.Width > Limits.AvatarDimensionLimit \|\| image.Height > Limits.AvatarDimensionLimit) // Check image size`
			`throw Errors.AvatarDimensionsTooLarge(image.Width, image.Height);`
Large refactor and project restructuring 2020-02-12 14:16:19 +00:00			`}`
Move mediaproxy URL rewriting to ProxyService This shows full size avatars in API / cards. Also, rewrite URLs currently stored with media.discordapp.net "back" to cdn.discordapp.com before sending them to users. 2021-08-01 16:51:54 +00:00
			`// Rewrite cdn.discordapp.com URLs to media.discordapp.net for jpg/png files`
			`// This lets us add resizing parameters to "borrow" their media proxy server to downsize the image`
			`// which in turn makes it more likely to be underneath the size limit!`
			`private static readonly Regex DiscordCdnUrl = new Regex(@"^https?://(?:cdn\.discordapp\.com\|media\.discordapp\.net)/attachments/(\d{17,19})/(\d{17,19})/([^/\\&\?]+)\.(png\|jpg\|jpeg\|webp)(\?.*)?$");`
			`private static readonly string DiscordMediaUrlReplacement = "https://media.discordapp.net/attachments/$1/$2/$3.$4?width=256&height=256";`
Handle null avatar URLs 2021-08-02 10:20:53 +00:00			`public static string? TryRewriteCdnUrl(string? url)`
			`{`
			`return url == null ? null : DiscordCdnUrl.Replace(url, DiscordMediaUrlReplacement);`
			`}`
Large refactor and project restructuring 2020-02-12 14:16:19 +00:00			`}`
			`}`