@@ -29,6 +29,17 @@ class ImageProxyThrottle(UserRateThrottle):
2929 scope = 'image_proxy'
3030
3131
32+ def _public_import_error_message (exc ):
33+ """Return a safe, user-facing import error without exposing internal details."""
34+ if isinstance (exc , ValueError ):
35+ return "Invalid image URL"
36+ if isinstance (exc , requests .exceptions .Timeout ):
37+ return "Download timeout"
38+ if isinstance (exc , requests .exceptions .RequestException ):
39+ return "Failed to fetch image from the remote server"
40+ return "Image import failed"
41+
42+
3243def _is_safe_url (image_url ):
3344 """
3445 Validate a URL for safe proxy use.
@@ -154,7 +165,12 @@ def import_remote_images_for_object(content_object, urls, owner=None, max_worker
154165 file_data = future .result ()
155166 downloaded_results .append ((index , image_url , file_data , None ))
156167 except Exception as exc :
157- downloaded_results .append ((index , image_url , None , str (exc )))
168+ logger .warning (
169+ "Image import failed for URL %s" ,
170+ image_url ,
171+ exc_info = True ,
172+ )
173+ downloaded_results .append ((index , image_url , None , _public_import_error_message (exc )))
158174
159175 downloaded_results .sort (key = lambda item : item [0 ])
160176
@@ -338,8 +354,8 @@ def fetch_from_url(self, request):
338354 image_data = download_remote_image (str (image_url ).strip ())
339355 return HttpResponse (image_data ['content' ], content_type = image_data ['content_type' ], status = 200 )
340356
341- except ValueError as exc :
342- return Response ({"error" : str ( exc ) }, status = status .HTTP_400_BAD_REQUEST )
357+ except ValueError :
358+ return Response ({"error" : "Invalid image URL" }, status = status .HTTP_400_BAD_REQUEST )
343359
344360 except requests .exceptions .Timeout :
345361 logger .error ("Timeout fetching image from URL %s" , image_url )
0 commit comments