Absolutely no leak for media proxies

packages/backend/src/server/FileServerService.ts

@@ -292,7 +292,7 @@ export class FileServerService {
 
 	@bindThis
 	private async proxyHandler(request: FastifyRequest<{ Params: { url: string; }; Querystring: { url?: string; }; }>, reply: FastifyReply) {
-		const url = 'url' in request.query ? request.query.url : 'https://' + request.params.url;
+		let url = 'url' in request.query ? request.query.url : 'https://' + request.params.url;
 
 		if (typeof url !== 'string') {
 			reply.code(400);
@@ -300,24 +300,28 @@ export class FileServerService {
 		}
 
 		// アバタークロップなど、どうしてもオリジンである必要がある場合
-		const mustOrigin = 'origin=1' in request.query;
+		const mustOrigin = 'origin' in request.query;
 
-		if (this.config.externalMediaProxyEnabled && !mustOrigin) {
+		if (this.config.externalMediaProxyEnabled) {
 			// 外部のメディアプロキシが有効なら、そちらにリダイレクト
 
 			reply.header('Cache-Control', 'public, max-age=259200'); // 3 days
 
-			const url = new URL(`${this.config.mediaProxy}/${request.params.url || ''}`);
+			const externalURL = new URL(`${this.config.mediaProxy}/${request.params.url || ''}`);
 
 			for (const [key, value] of Object.entries(request.query)) {
-				url.searchParams.append(key, value);
+				externalURL.searchParams.append(key, value);
 			}
 
+			if (mustOrigin) {
+				url = `${this.config.mediaProxy}?url=${encodeURIComponent(url)}`;
+			} else {
 				return await reply.redirect(
-				url.toString(),
+					externalURL.toString(),
 					301,
 				);
 			}
+		}
 
 		if (!request.headers['user-agent']) {
 			throw new StatusError('User-Agent is required', 400, 'User-Agent is required');