fix url detection

Author: wxiaoguang

custom/conf/app.example.ini

@@ -1769,10 +1769,7 @@ LEVEL = Info
 ;SENDMAIL_CONVERT_CRLF = true
 ;;
 ;; convert links of attached images to inline images. Only for images hosted in this gitea instance.
-;BASE64_EMBED_IMAGES = false
-;;
-;; The maximum size of sum of all images in a single email. Default is 9.5MB
-;BASE64_EMBED_IMAGES_MAX_SIZE_PER_EMAIL = 9961472
+;EMBED_ATTACHMENT_IMAGES = false
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

modules/httplib/url.go

@@ -102,25 +102,77 @@ func MakeAbsoluteURL(ctx context.Context, link string) string {
 	return GuessCurrentHostURL(ctx) + "/" + strings.TrimPrefix(link, "/")
 }
 
-func IsCurrentGiteaSiteURL(ctx context.Context, s string) bool {
+type urlType int
+
+const (
+	urlTypeGiteaAbsolute     urlType = iota + 1 // "http://gitea/subpath"
+	urlTypeGiteaPageRelative                    // "/subpath"
+	urlTypeGiteaSiteRelative                    // "?key=val"
+	urlTypeUnknown                              // "http://other"
+)
+
+func detectURLRoutePath(ctx context.Context, s string) (routePath string, ut urlType) {
 	u, err := url.Parse(s)
 	if err != nil {
-		return false
+		return "", urlTypeUnknown
 	}
+	cleanedPath := ""
 	if u.Path != "" {
-		cleanedPath := util.PathJoinRelX(u.Path)
-		if cleanedPath == "" || cleanedPath == "." {
-			u.Path = "/"
-		} else {
-			u.Path = "/" + cleanedPath + "/"
-		}
+		cleanedPath = util.PathJoinRelX(u.Path)
+		cleanedPath = util.Iif(cleanedPath == ".", "", "/"+cleanedPath)
 	}
 	if urlIsRelative(s, u) {
-		return u.Path == "" || strings.HasPrefix(strings.ToLower(u.Path), strings.ToLower(setting.AppSubURL+"/"))
-	}
-	if u.Path == "" {
-		u.Path = "/"
+		if u.Path == "" {
+			return "", urlTypeGiteaPageRelative
+		}
+		if strings.HasPrefix(strings.ToLower(cleanedPath+"/"), strings.ToLower(setting.AppSubURL+"/")) {
+			return cleanedPath[len(setting.AppSubURL):], urlTypeGiteaSiteRelative
+		}
+		return "", urlTypeUnknown
 	}
+	u.Path = cleanedPath + "/"
 	urlLower := strings.ToLower(u.String())
-	return strings.HasPrefix(urlLower, strings.ToLower(setting.AppURL)) || strings.HasPrefix(urlLower, strings.ToLower(GuessCurrentAppURL(ctx)))
+	if strings.HasPrefix(urlLower, strings.ToLower(setting.AppURL)) {
+		return cleanedPath[len(setting.AppSubURL):], urlTypeGiteaAbsolute
+	}
+	guessedCurURL := GuessCurrentAppURL(ctx)
+	if strings.HasPrefix(urlLower, strings.ToLower(guessedCurURL)) {
+		return cleanedPath[len(setting.AppSubURL):], urlTypeGiteaAbsolute
+	}
+	return "", urlTypeUnknown
+}
+
+func IsCurrentGiteaSiteURL(ctx context.Context, s string) bool {
+	_, ut := detectURLRoutePath(ctx, s)
+	return ut != urlTypeUnknown
+}
+
+type GiteaSiteURL struct {
+	RoutePath   string
+	OwnerName   string
+	RepoName    string
+	RepoSubPath string
+}
+
+func ParseGiteaSiteURL(ctx context.Context, s string) *GiteaSiteURL {
+	routePath, ut := detectURLRoutePath(ctx, s)
+	if ut == urlTypeUnknown || ut == urlTypeGiteaPageRelative {
+		return nil
+	}
+	ret := &GiteaSiteURL{RoutePath: routePath}
+	fields := strings.SplitN(strings.TrimPrefix(ret.RoutePath, "/"), "/", 3)
+
+	// TODO: now it only does a quick check for some known reserved paths, should do more strict checks in the future
+	if fields[0] == "attachments" {
+		return ret
+	}
+	if len(fields) < 2 {
+		return ret
+	}
+	ret.OwnerName = fields[0]
+	ret.RepoName = fields[1]
+	if len(fields) == 3 {
+		ret.RepoSubPath = "/" + fields[2]
+	}
+	return ret
 }

modules/httplib/url_test.go

@@ -122,3 +122,26 @@ func TestIsCurrentGiteaSiteURL(t *testing.T) {
 	assert.True(t, IsCurrentGiteaSiteURL(ctx, "https://user-host"))
 	assert.False(t, IsCurrentGiteaSiteURL(ctx, "https://forwarded-host"))
 }
+
+func TestParseGiteaSiteURL(t *testing.T) {
+	defer test.MockVariableValue(&setting.AppURL, "http://localhost:3000/sub/")()
+	defer test.MockVariableValue(&setting.AppSubURL, "/sub")()
+	ctx := t.Context()
+	tests := []struct {
+		url string
+		exp *GiteaSiteURL
+	}{
+		{"http://localhost:3000/sub?k=v", &GiteaSiteURL{RoutePath: ""}},
+		{"http://localhost:3000/sub/", &GiteaSiteURL{RoutePath: ""}},
+		{"http://localhost:3000/sub/foo", &GiteaSiteURL{RoutePath: "/foo"}},
+		{"http://localhost:3000/sub/foo/bar", &GiteaSiteURL{RoutePath: "/foo/bar", OwnerName: "foo", RepoName: "bar"}},
+		{"http://localhost:3000/sub/foo/bar/", &GiteaSiteURL{RoutePath: "/foo/bar", OwnerName: "foo", RepoName: "bar"}},
+		{"http://localhost:3000/sub/attachments/bar", &GiteaSiteURL{RoutePath: "/attachments/bar"}},
+		{"http://localhost:3000/other", nil},
+		{"http://other/", nil},
+	}
+	for _, test := range tests {
+		su := ParseGiteaSiteURL(ctx, test.url)
+		assert.Equal(t, test.exp, su, "URL = %s", test.url)
+	}
+}

modules/setting/mailer.go

@@ -19,17 +19,18 @@ import (
 // Mailer represents mail service.
 type Mailer struct {
 	// Mailer
-	Name                             string              `ini:"NAME"`
-	From                             string              `ini:"FROM"`
-	EnvelopeFrom                     string              `ini:"ENVELOPE_FROM"`
-	OverrideEnvelopeFrom             bool                `ini:"-"`
-	FromName                         string              `ini:"-"`
-	FromEmail                        string              `ini:"-"`
-	SendAsPlainText                  bool                `ini:"SEND_AS_PLAIN_TEXT"`
-	SubjectPrefix                    string              `ini:"SUBJECT_PREFIX"`
-	OverrideHeader                   map[string][]string `ini:"-"`
-	Base64EmbedImages                bool                `ini:"BASE64_EMBED_IMAGES"`
-	Base64EmbedImagesMaxSizePerEmail int64               `ini:"BASE64_EMBED_IMAGES_MAX_SIZE_PER_EMAIL"`
+	Name                 string              `ini:"NAME"`
+	From                 string              `ini:"FROM"`
+	EnvelopeFrom         string              `ini:"ENVELOPE_FROM"`
+	OverrideEnvelopeFrom bool                `ini:"-"`
+	FromName             string              `ini:"-"`
+	FromEmail            string              `ini:"-"`
+	SendAsPlainText      bool                `ini:"SEND_AS_PLAIN_TEXT"`
+	SubjectPrefix        string              `ini:"SUBJECT_PREFIX"`
+	OverrideHeader       map[string][]string `ini:"-"`
+
+	// Embed attachment images as inline base64 img src attribute
+	EmbedAttachmentImages bool
 
 	// SMTP sender
 	Protocol             string `ini:"PROTOCOL"`
@@ -152,8 +153,6 @@ func loadMailerFrom(rootCfg ConfigProvider) {
 	sec.Key("SENDMAIL_TIMEOUT").MustDuration(5 * time.Minute)
 	sec.Key("SENDMAIL_CONVERT_CRLF").MustBool(true)
 	sec.Key("FROM").MustString(sec.Key("USER").String())
-	sec.Key("BASE64_EMBED_IMAGES").MustBool(false)
-	sec.Key("BASE64_EMBED_IMAGES_MAX_SIZE_PER_EMAIL").MustInt64(9.5 * 1024 * 1024)
 
 	// Now map the values on to the MailService
 	MailService = &Mailer{}

services/mailer/mail.go

@@ -6,13 +6,14 @@ package mailer
 
 import (
 	"bytes"
+	"code.gitea.io/gitea/modules/httplib"
+	"code.gitea.io/gitea/modules/typesniffer"
 	"context"
 	"encoding/base64"
 	"fmt"
 	"html/template"
 	"io"
 	"mime"
-	"net/http"
 	"regexp"
 	"strings"
 	texttmpl "text/template"
@@ -54,42 +55,43 @@ func sanitizeSubject(subject string) string {
 }
 
 type mailAttachmentBase64Embedder struct {
-	doer    *user_model.User
-	repo    *repo_model.Repository
-	maxSize int64
+	doer         *user_model.User
+	repo         *repo_model.Repository
+	maxSize      int64
+	estimateSize int64
 }
 
 func newMailAttachmentBase64Embedder(doer *user_model.User, repo *repo_model.Repository, maxSize int64) *mailAttachmentBase64Embedder {
 	return &mailAttachmentBase64Embedder{doer: doer, repo: repo, maxSize: maxSize}
 }
 
-func (b64embedder *mailAttachmentBase64Embedder) Base64InlineImages(ctx context.Context, body string) (string, error) {
-	doc, err := html.Parse(strings.NewReader(body))
+func (b64embedder *mailAttachmentBase64Embedder) Base64InlineImages(ctx context.Context, body template.HTML) (template.HTML, error) {
+	doc, err := html.Parse(strings.NewReader(string(body)))
 	if err != nil {
-		return "", fmt.Errorf("%w", err)
+		return "", fmt.Errorf("html.Parse failed: %w", err)
 	}
 
-	var totalEmbeddedImagesSize int64
+	b64embedder.estimateSize = int64(len(string(body)))
 
 	var processNode func(*html.Node)
 	processNode = func(n *html.Node) {
 		if n.Type == html.ElementNode {
 			if n.Data == "img" {
 				for i, attr := range n.Attr {
 					if attr.Key == "src" {
-						attachmentPath := attr.Val
-						dataURI, err := b64embedder.AttachmentSrcToBase64DataURI(ctx, attachmentPath, &totalEmbeddedImagesSize)
+						attachmentSrc := attr.Val
+						dataURI, err := b64embedder.AttachmentSrcToBase64DataURI(ctx, attachmentSrc)
 						if err != nil {
-							log.Trace("attachmentSrcToDataURI not possible: %v", err) // Not an error, just skip. This is probably an image from outside the gitea instance.
-							continue
+							// Not an error, just skip. This is probably an image from outside the gitea instance.
+							log.Trace("Unable to embed attachment %q to mail body: %v", attachmentSrc, err)
+						} else {
+							n.Attr[i].Val = dataURI
 						}
-						n.Attr[i].Val = dataURI
 						break
 					}
 				}
 			}
 		}
-
 		for c := n.FirstChild; c != nil; c = c.NextSibling {
 			processNode(c)
 		}
@@ -100,22 +102,24 @@ func (b64embedder *mailAttachmentBase64Embedder) Base64InlineImages(ctx context.
 	var buf bytes.Buffer
 	err = html.Render(&buf, doc)
 	if err != nil {
-		log.Error("Failed to render modified HTML: %v", err)
-		return "", err
+		return "", fmt.Errorf("html.Render failed: %w", err)
 	}
-	return buf.String(), nil
+	return template.HTML(buf.String()), nil
 }
 
-func (b64embedder *mailAttachmentBase64Embedder) AttachmentSrcToBase64DataURI(ctx context.Context, attachmentPath string, totalEmbeddedImagesSize *int64) (string, error) {
-	if !strings.HasPrefix(attachmentPath, setting.AppURL) { // external image
-		return "", fmt.Errorf("external image")
-	}
-	parts := strings.Split(attachmentPath, "/attachments/")
-	if len(parts) <= 1 {
-		return "", fmt.Errorf("invalid attachment path: %s", attachmentPath)
+func (b64embedder *mailAttachmentBase64Embedder) AttachmentSrcToBase64DataURI(ctx context.Context, attachmentSrc string) (string, error) {
+	parsedSrc := httplib.ParseGiteaSiteURL(ctx, attachmentSrc)
+	var attachmentUUID string
+	if parsedSrc != nil {
+		var ok bool
+		attachmentUUID, ok = strings.CutPrefix(parsedSrc.RoutePath, "/attachments/")
+		if !ok {
+			attachmentUUID, ok = strings.CutPrefix(parsedSrc.RepoSubPath, "/attachments/")
+		}
+		if !ok {
+			return "", fmt.Errorf("not an attachment")
+		}
 	}
-
-	attachmentUUID := parts[len(parts)-1]
 	attachment, err := repo_model.GetAttachmentByUUID(ctx, attachmentUUID)
 	if err != nil {
 		return "", err
@@ -124,6 +128,10 @@ func (b64embedder *mailAttachmentBase64Embedder) AttachmentSrcToBase64DataURI(ct
 	if attachment.RepoID != b64embedder.repo.ID {
 		return "", fmt.Errorf("attachment does not belong to the repository")
 	}
+	if attachment.Size+b64embedder.estimateSize > b64embedder.maxSize {
+		return "", fmt.Errorf("total embedded images exceed max limit")
+	}
+	b64embedder.estimateSize += attachment.Size
 
 	fr, err := storage.Attachments.Open(attachment.RelativePath())
 	if err != nil {
@@ -134,26 +142,16 @@ func (b64embedder *mailAttachmentBase64Embedder) AttachmentSrcToBase64DataURI(ct
 	lr := &io.LimitedReader{R: fr, N: b64embedder.maxSize + 1}
 	content, err := io.ReadAll(lr)
 	if err != nil {
-		return "", err
-	}
-	if int64(len(content)) > b64embedder.maxSize {
-		return "", fmt.Errorf("file size exceeds the embedded image max limit \\(%d bytes\\)", b64embedder.maxSize)
-	}
-
-	if *totalEmbeddedImagesSize+int64(len(content)) > setting.MailService.Base64EmbedImagesMaxSizePerEmail {
-		return "", fmt.Errorf("total embedded images exceed max limit: %d > %d", *totalEmbeddedImagesSize+int64(len(content)), setting.MailService.Base64EmbedImagesMaxSizePerEmail)
+		return "", fmt.Errorf("LimitedReader ReadAll: %w", err)
 	}
-	*totalEmbeddedImagesSize += int64(len(content))
-
-	mimeType := http.DetectContentType(content)
 
-	if !strings.HasPrefix(mimeType, "image/") {
+	mimeType := typesniffer.DetectContentType(content)
+	if !mimeType.IsImage() {
 		return "", fmt.Errorf("not an image")
 	}
 
 	encoded := base64.StdEncoding.EncodeToString(content)
 	dataURI := fmt.Sprintf("data:%s;base64,%s", mimeType, encoded)
-
 	return dataURI, nil
 }
 

services/mailer/mail_issue_common.go

@@ -7,7 +7,6 @@ import (
 	"bytes"
 	"context"
 	"fmt"
-	"html/template"
 	"strconv"
 	"strings"
 	"time"
@@ -26,6 +25,10 @@ import (
 	"code.gitea.io/gitea/services/mailer/token"
 )
 
+// maxEmailBodySize is the approximate maximum size of an email body in bytes
+// Many e-mail service providers have limitations on the size of the email body, it's usually from 10MB to 25MB
+const maxEmailBodySize = 9_000_000
+
 func fallbackMailSubject(issue *issues_model.Issue) string {
 	return fmt.Sprintf("[%s] %s (#%d)", issue.Repo.FullName(), issue.Title, issue.Index)
 }
@@ -65,19 +68,19 @@ func composeIssueCommentMessages(ctx *mailCommentContext, lang string, recipient
 
 	// This is the body of the new issue or comment, not the mail body
 	rctx := renderhelper.NewRenderContextRepoComment(ctx.Context, ctx.Issue.Repo).WithUseAbsoluteLink(true)
-	body, err := markdown.RenderString(rctx,
-		ctx.Content)
+	body, err := markdown.RenderString(rctx, ctx.Content)
 	if err != nil {
 		return nil, err
 	}
 
-	if setting.MailService.Base64EmbedImages {
-		bodyStr := string(body)
-		bodyStr, err = Base64InlineImages(bodyStr, ctx)
+	if setting.MailService.EmbedAttachmentImages {
+		attEmbedder := newMailAttachmentBase64Embedder(ctx.Doer, ctx.Issue.Repo, maxEmailBodySize)
+		bodyAfterEmbedding, err := attEmbedder.Base64InlineImages(ctx, body)
 		if err != nil {
-			return nil, err
+			log.Error("Failed to embed images in mail body: %v", err)
+		} else {
+			body = bodyAfterEmbedding
 		}
-		body = template.HTML(bodyStr)
 	}
 	actType, actName, tplName := actionToTemplate(ctx.Issue, ctx.ActionType, commentType, reviewType)