mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-12-22 19:09:02 +00:00
Add config option to set the HTTP redirect code for external icons
The default code is 307 (temporary) to make it easier to test different icon services, but once a service has been decided on, users should ideally switch to using permanent redirects for cacheability.
This commit is contained in:
parent
920371929b
commit
b7eedbcddc
@ -135,13 +135,20 @@
|
|||||||
## which is replaced with the domain. For example: `https://icon.example.com/domain/{}`.
|
## which is replaced with the domain. For example: `https://icon.example.com/domain/{}`.
|
||||||
##
|
##
|
||||||
## `internal` refers to Vaultwarden's built-in icon fetching implementation.
|
## `internal` refers to Vaultwarden's built-in icon fetching implementation.
|
||||||
## If an external service is set, an icon request to Vaultwarden will return an HTTP 307
|
## If an external service is set, an icon request to Vaultwarden will return an HTTP
|
||||||
## redirect to the corresponding icon at the external service. An external service may
|
## redirect to the corresponding icon at the external service. An external service may
|
||||||
## be useful if your Vaultwarden instance has no external network connectivity, or if
|
## be useful if your Vaultwarden instance has no external network connectivity, or if
|
||||||
## you are concerned that someone may probe your instance to try to detect whether icons
|
## you are concerned that someone may probe your instance to try to detect whether icons
|
||||||
## for certain sites have been cached.
|
## for certain sites have been cached.
|
||||||
# ICON_SERVICE=internal
|
# ICON_SERVICE=internal
|
||||||
|
|
||||||
|
## Icon redirect code
|
||||||
|
## The HTTP status code to use for redirects to an external icon service.
|
||||||
|
## The supported codes are 307 (temporary) and 308 (permanent).
|
||||||
|
## Temporary redirects are useful while testing different icon services, but once a service
|
||||||
|
## has been decided on, consider using permanent redirects for cacheability.
|
||||||
|
# ICON_REDIRECT_CODE=307
|
||||||
|
|
||||||
## Disable icon downloading
|
## Disable icon downloading
|
||||||
## Set to true to disable icon downloading in the internal icon service.
|
## Set to true to disable icon downloading in the internal icon service.
|
||||||
## This still serves existing icons from $ICON_CACHE_FOLDER, without generating any external
|
## This still serves existing icons from $ICON_CACHE_FOLDER, without generating any external
|
||||||
|
@ -71,7 +71,14 @@ fn icon_redirect(domain: &str, template: &str) -> Option<Redirect> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
let url = template.replace("{}", domain);
|
let url = template.replace("{}", domain);
|
||||||
Some(Redirect::temporary(url))
|
match CONFIG.icon_redirect_code() {
|
||||||
|
308 => Some(Redirect::permanent(url)),
|
||||||
|
307 => Some(Redirect::temporary(url)),
|
||||||
|
_ => {
|
||||||
|
error!("Unexpected redirect code {}", CONFIG.icon_redirect_code());
|
||||||
|
None
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/<domain>/icon.png")]
|
#[get("/<domain>/icon.png")]
|
||||||
|
@ -454,9 +454,14 @@ make_config! {
|
|||||||
/// To specify a custom icon service, set a URL template with exactly one instance of `{}`,
|
/// To specify a custom icon service, set a URL template with exactly one instance of `{}`,
|
||||||
/// which is replaced with the domain. For example: `https://icon.example.com/domain/{}`.
|
/// which is replaced with the domain. For example: `https://icon.example.com/domain/{}`.
|
||||||
/// `internal` refers to Vaultwarden's built-in icon fetching implementation. If an external
|
/// `internal` refers to Vaultwarden's built-in icon fetching implementation. If an external
|
||||||
/// service is set, an icon request to Vaultwarden will return an HTTP 307 redirect to the
|
/// service is set, an icon request to Vaultwarden will return an HTTP redirect to the
|
||||||
/// corresponding icon at the external service.
|
/// corresponding icon at the external service.
|
||||||
icon_service: String, false, def, "internal".to_string();
|
icon_service: String, false, def, "internal".to_string();
|
||||||
|
/// Icon redirect code |> The HTTP status code to use for redirects to an external icon service.
|
||||||
|
/// The supported codes are 307 (temporary) and 308 (permanent).
|
||||||
|
/// Temporary redirects are useful while testing different icon services, but once a service
|
||||||
|
/// has been decided on, consider using permanent redirects for cacheability.
|
||||||
|
icon_redirect_code: u32, true, def, 307;
|
||||||
/// Positive icon cache expiry |> Number of seconds to consider that an already cached icon is fresh. After this period, the icon will be redownloaded
|
/// Positive icon cache expiry |> Number of seconds to consider that an already cached icon is fresh. After this period, the icon will be redownloaded
|
||||||
icon_cache_ttl: u64, true, def, 2_592_000;
|
icon_cache_ttl: u64, true, def, 2_592_000;
|
||||||
/// Negative icon cache expiry |> Number of seconds before trying to download an icon that failed again.
|
/// Negative icon cache expiry |> Number of seconds before trying to download an icon that failed again.
|
||||||
@ -693,6 +698,12 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check if the icon redirect code is valid
|
||||||
|
match cfg.icon_redirect_code {
|
||||||
|
307 | 308 => (),
|
||||||
|
_ => err!("Only HTTP 307/308 redirects are supported"),
|
||||||
|
}
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user