enhance: improve media type recognition with HEAD or magic bytes (#2599)

* enhance: improve media type recognition by fetching HEAD or reading its first (magic) bytes

* add origin protection, handle links behind basic auth

* rollback export from createImgproxyPath

* fix api return statements, protect url swap

* light cleanup

* fix wrong fetch url light cleanup

* amend this

* do media checks with the capture microservice

* fix media check import

* we don't need to abort on imgproxy

* bail on auth; handle abort via exception; affirm HEAD

* ensure url is correct for sndev

* add CORS, add comment about Express automatic decodeURIComponent, integrate capture in the images compose profile, address useEffect bug

* best practice: use startsWith for sndev URL replacement

* remove capture from dmenu profile, restrict CORS to the /media endpoint

* revert removal of capture profile, start capture if capture/images profile is passed

* add NEXT_PUBLIC_URL to capture manifest (+ do media check in imgproxy worker)

---------

Co-authored-by: k00b <[email protected]>

Author: Soxasora

.env.development

@@ -116,6 +116,10 @@ NEXT_PUBLIC_EXTRA_LONG_POLL_INTERVAL_MS=300000
 IMGPROXY_URL_DOCKER=http://imgproxy:8080
 MEDIA_URL_DOCKER=http://s3:4566/uploads
 
+# media check with capture container
+MEDIA_CHECK_URL_DOCKER=http://capture:5678/media
+NEXT_PUBLIC_MEDIA_CHECK_URL=http://localhost:5678/media
+
 # postgres container stuff
 POSTGRES_PASSWORD=password
 POSTGRES_USER=sn

.env.production

@@ -7,6 +7,7 @@ NEXTAUTH_URL=https://stacker.news
 NEXTAUTH_URL_INTERNAL=http://127.0.0.1:8080/api/auth
 NEXT_PUBLIC_AWS_UPLOAD_BUCKET=snuploads
 NEXT_PUBLIC_IMGPROXY_URL=https://imgprxy.stacker.news/
+NEXT_PUBLIC_MEDIA_CHECK_URL=https://capture.stacker.news/media
 NEXT_PUBLIC_MEDIA_DOMAIN=m.stacker.news
 PUBLIC_URL=https://stacker.news
 SELF_URL=http://127.0.0.1:8080

capture/index.js

@@ -1,5 +1,7 @@
 import express from 'express'
 import puppeteer from 'puppeteer'
+import mediaCheck from './media-check.js'
+import cors from 'cors'
 
 const captureUrl = process.env.CAPTURE_URL || 'http://host.docker.internal:3000/'
 const port = process.env.PORT || 5678
@@ -55,6 +57,12 @@ app.get('/health', (req, res) => {
   res.status(200).end()
 })
 
+app.get('/media/:url', cors({
+  origin: process.env.NEXT_PUBLIC_URL,
+  methods: ['GET', 'OPTIONS'],
+  credentials: false
+}), mediaCheck)
+
 app.get('/*', async (req, res) => {
   const url = new URL(req.originalUrl, captureUrl)
   const timeLabel = `${Date.now()}-${url.href}`

capture/media-check.js

@@ -0,0 +1,105 @@
+import { filetypemime } from 'magic-bytes.js'
+
+const TIMEOUT_HEAD = 2000
+const TIMEOUT_GET = 10000
+const BYTE_LIMIT = 8192
+
+export function isImageMime (mime) { return typeof mime === 'string' && mime.startsWith('image/') }
+
+export function isVideoMime (mime) { return typeof mime === 'string' && mime.startsWith('video/') }
+
+// adapted from lib/time.js
+function timeoutSignal (timeout) {
+  const controller = new AbortController()
+
+  if (timeout) {
+    setTimeout(() => {
+      controller.abort(new Error(`timeout after ${timeout / 1000}s`))
+    }, timeout)
+  }
+
+  return controller.signal
+}
+
+const requiresAuth = (res) => res.status === 401 || res.status === 403
+
+async function headMime (url, timeout = TIMEOUT_HEAD) {
+  const res = await fetch(url, { method: 'HEAD', signal: timeoutSignal(timeout) })
+  // bail on auth or forbidden
+  if (requiresAuth(res)) return null
+
+  return res.headers.get('content-type')
+}
+
+async function readMagicBytes (url, { timeout = TIMEOUT_GET, byteLimit = BYTE_LIMIT } = {}) {
+  const res = await fetch(url, {
+    method: 'GET',
+    // accept image and video, but not other types
+    headers: { Range: `bytes=0-${byteLimit - 1}`, Accept: 'image/*,video/*;q=0.9,*/*;q=0.8' },
+    signal: timeoutSignal(timeout)
+  })
+  // bail on auth or forbidden
+  if (requiresAuth(res)) return { bytes: null, headers: res.headers }
+
+  // stream a small chunk if possible, otherwise read buffer
+  if (res.body?.getReader) {
+    const reader = res.body.getReader()
+    let received = 0
+    const chunks = []
+    try {
+      while (received < byteLimit) {
+        const { done, value } = await reader.read()
+        if (done) break
+        chunks.push(value)
+        received += value.byteLength
+      }
+    } finally {
+      try { reader.releaseLock?.() } catch {}
+      try { res.body?.cancel?.() } catch {}
+    }
+    const buf = new Uint8Array(received)
+    let offset = 0
+    for (const c of chunks) {
+      buf.set(c, offset)
+      offset += c.byteLength
+    }
+    return { bytes: buf, headers: res.headers }
+  } else {
+    const ab = await res.arrayBuffer()
+    const buf = new Uint8Array(ab.slice(0, byteLimit))
+    return { bytes: buf, headers: res.headers }
+  }
+}
+
+export default async function mediaCheck (req, res) {
+  // express automatically decodes the values in req.params (using decodeURIComponent)
+  let url = req.params.url
+  if (typeof url !== 'string' || !/^(https?:\/\/)/.test(url)) {
+    return res.status(400).json({ error: 'Invalid URL' })
+  }
+
+  try {
+    // in development, the capture container can't reach the public media url,
+    // so we need to replace it with its docker equivalent, e.g. http://s3:4566/uploads
+    if (url.startsWith(process.env.NEXT_PUBLIC_MEDIA_URL) && process.env.NODE_ENV === 'development') {
+      url = url.replace(process.env.NEXT_PUBLIC_MEDIA_URL, process.env.MEDIA_URL_DOCKER)
+    }
+
+    // trying with HEAD first, as it's the cheapest option
+    try {
+      const ct = await headMime(url)
+      if (isImageMime(ct) || isVideoMime(ct)) {
+        return res.status(200).json({ mime: ct, isImage: isImageMime(ct), isVideo: isVideoMime(ct) })
+      }
+    } catch {}
+
+    // otherwise, read the first bytes
+    const { bytes, headers } = await readMagicBytes(url)
+    const mimes = bytes ? filetypemime(bytes) : null
+    const mime = mimes?.[0] ?? headers.get('content-type') ?? null
+    return res.status(200).json({ mime, isImage: isImageMime(mime), isVideo: isVideoMime(mime) })
+  } catch (err) {
+    console.log('media check error:', err)
+    return res.status(500).json({ mime: null, isImage: false, isVideo: false })
+  }
+}

capture/package-lock.json

@@ -9,7 +9,9 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "cors": "^2.8.5",
     "express": "^4.20.0",
+    "magic-bytes.js": "^1.12.1",
     "puppeteer": "^20.8.2"
   },
   "type": "module"

capture/package.json

@@ -2,7 +2,7 @@ import styles from './text.module.css'
 import { useState, useEffect, useMemo, useCallback, memo, useRef } from 'react'
 import { decodeProxyUrl, IMGPROXY_URL_REGEXP, MEDIA_DOMAIN_REGEXP } from '@/lib/url'
 import { useMe } from './me'
-import { UNKNOWN_LINK_REL } from '@/lib/constants'
+import { UNKNOWN_LINK_REL, PUBLIC_MEDIA_CHECK_URL } from '@/lib/constants'
 import classNames from 'classnames'
 import { useCarousel } from './carousel'
 
@@ -130,31 +130,33 @@ export const useMediaHelper = ({ src, srcSet: srcSetIntital, topLevel, tab }) =>
     // don't load the video at all if user doesn't want these
     if (!showMedia || isVideo || isImage) return
 
-    // check if it's a video by trying to load it
-    const video = document.createElement('video')
-    video.onloadedmetadata = () => {
-      setIsVideo(true)
-      setIsImage(false)
-    }
-    video.onerror = () => {
-      // hack
-      // if it's not a video it will throw an error, so we can assume it's an image
-      const img = new window.Image()
-      img.src = src
-      img.decode().then(() => { // decoding beforehand to prevent wrong image cropping
-        setIsImage(true)
-      }).catch((e) => {
-        console.warn('Cannot decode image:', src, e)
-      })
+    const controller = new AbortController()
+
+    const checkMedia = async () => {
+      try {
+        const res = await fetch(`${PUBLIC_MEDIA_CHECK_URL}/${encodeURIComponent(src)}`, { signal: controller.signal })
+        if (!res.ok) return
+
+        const data = await res.json()
+
+        if (data.isVideo) {
+          setIsVideo(true)
+          setIsImage(false)
+        } else if (data.isImage) {
+          setIsImage(true)
+        }
+      } catch (error) {
+        if (error.name === 'AbortError') return
+        console.error('cannot check media type', error)
+      }
     }
-    video.src = src
+    checkMedia()
 
     return () => {
-      video.onloadedmetadata = null
-      video.onerror = null
-      video.src = ''
+      // abort the fetch
+      try { controller.abort() } catch {}
     }
-  }, [src, setIsImage, setIsVideo, showMedia, isImage])
+  }, [src, setIsImage, setIsVideo, showMedia])
 
   const srcSet = useMemo(() => {
     if (Object.keys(srcSetObj).length === 0) return undefined

components/media-or-link.js

@@ -45,6 +45,7 @@ variables:                    # Pass environment variables as key value pairs.
   CAPTURE_URL: https://stacker.news/
   MAX_PAGES: 10
   TIMEOUT: 3000
+  NEXT_PUBLIC_URL: https://stacker.news
 
 #secrets:                      # Pass secrets from AWS Systems Manager (SSM) Parameter Store.
 #  GITHUB_TOKEN: GITHUB_TOKEN  # The key is the name of the environment variable, the value is the name of the SSM parameter.

copilot/capture/manifest.yml

@@ -87,6 +87,7 @@ services:
     restart: unless-stopped
     depends_on: *depends_on_app
     profiles:
+      - images
       - capture
     healthcheck:
       <<: *healthcheck

docker-compose.yml

@@ -23,6 +23,7 @@ export const BOOST_MAX = 1_000_000
 export const IMAGE_PIXELS_MAX = 35000000
 // backwards compatibile with old media domain env var and precedence for docker url if set
 export const MEDIA_URL = process.env.MEDIA_URL_DOCKER || process.env.NEXT_PUBLIC_MEDIA_URL || `https://${process.env.NEXT_PUBLIC_MEDIA_DOMAIN}`
+export const PUBLIC_MEDIA_CHECK_URL = process.env.NEXT_PUBLIC_MEDIA_CHECK_URL
 export const AWS_S3_URL_REGEXP = new RegExp(`${process.env.NEXT_PUBLIC_MEDIA_URL || `https://${process.env.NEXT_PUBLIC_MEDIA_DOMAIN}`}/([0-9]+)`, 'g')
 export const UPLOAD_TYPES_ALLOW = [
   'image/gif',