|
| 1 | +* 2023-07-04 |
| 2 | +* Scope: new repository |
| 3 | +* RFC PR: <!-- leave this empty --> |
| 4 | +* Implementation issue(s): <!-- leave this empty --> |
| 5 | + |
| 6 | +# Summary |
| 7 | + |
| 8 | +A new Node.js HTTP proxy to route images through SSL, compatible with unified |
| 9 | +plugins, to safely embed user content on the web. |
| 10 | + |
| 11 | +Implementation would be done by me and would require funds from Open Collective. |
| 12 | + |
| 13 | +## Motivation |
| 14 | + |
| 15 | +Unified has put a lot of effort in providing similar markdown support as GitHub. |
| 16 | +The latest project, [`rehype-github`][], takes this even further in order to |
| 17 | +support processing user content for safe use on the web, just as GitHub does. |
| 18 | + |
| 19 | +There is a missing piece in safely authoring user content: images. |
| 20 | + |
| 21 | +> An HTTPS page that includes content fetched using cleartext HTTP is called a |
| 22 | +> mixed content page. Pages like this are only partially encrypted, leaving the |
| 23 | +> unencrypted content accessible to sniffers and man-in-the-middle attackers. |
| 24 | +> — [MDN](https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content) |
| 25 | +
|
| 26 | +Developers aware of this problem, who are using Go or are willing to run a Go |
| 27 | +server, can use the well maintained [go-camo][] to solve this. However, there |
| 28 | +is no Node.js equivalent, nor is there a plug-and-play solution for processing |
| 29 | +markdown which takes this problem into account. |
| 30 | + |
| 31 | +Case in point: a new Node.js HTTP proxy to route images through SSL, to be |
| 32 | +used together with the existing [`rehype-github-image`][] plugin. |
| 33 | + |
| 34 | +It’s in the ecosystem’s and the web’s best interest to create awareness and |
| 35 | +solutions for security problems when authoring user content. |
| 36 | + |
| 37 | +## Detailed design |
| 38 | + |
| 39 | +* A bare bones Node.js server (no framework). |
| 40 | + The reason for this is that we can create a `handle` function which can be |
| 41 | + integrated in any Node.js framework or even a front-end framework |
| 42 | + like Next.js. This is what I’ve worked on for `@tus/server`, |
| 43 | + as you can see in the [examples](https://github.com/tus/tus-node-server/tree/main/packages/server#examples). |
| 44 | +* A client-server flow similar to this: |
| 45 | + |
| 46 | +```text |
| 47 | + +----------+ request +-------------+ |
| 48 | + | |----------------------------->| | |
| 49 | + | | | | |
| 50 | + | | | web-app | |
| 51 | + | | img src=https://camo/url | | |
| 52 | + | |<-----------------------------| | |
| 53 | + | | +-------------+ |
| 54 | + | client | |
| 55 | + | | https://camo/url +-------------+ http://some/img |
| 56 | + | |----------------------------->| |---------------> |
| 57 | + | | | | |
| 58 | + | | | camo | |
| 59 | + | | img data | | img data |
| 60 | + | |<-----------------------------| |<--------------- |
| 61 | + | | +-------------+ |
| 62 | + +----------+ |
| 63 | +``` |
| 64 | + |
| 65 | +* Out of scope (for now): metrics endpoint for usage data, filtering rules. |
| 66 | + |
| 67 | +## Funding |
| 68 | + |
| 69 | +In short: between $500 and $1,000 from Open Collective (exact amount up for |
| 70 | +debate). |
| 71 | + |
| 72 | +* **Why take money at all?** |
| 73 | + * I’m not really in a position to do this for free. I make my living from |
| 74 | + maintaining open source software on freelance basis and life is also |
| 75 | + busy. To really push this through I would put other paid work on hold. |
| 76 | + * Since there is no |
| 77 | + [expenses/invoices/fund policy](https://github.com/unifiedjs/collective/issues/34), |
| 78 | + taking money from Open Collective is not clearly defined. |
| 79 | + But here is how I ideally imagine it: |
| 80 | + funds are used to kick start substantial work which |
| 81 | + otherwise may not have happened. Many people maintain OSS for free |
| 82 | + (and thanklessly) but we also shouldn’t be afraid to ask for funds. |
| 83 | + There is at the time of writing $23,648 in Open Collective. |
| 84 | + It’s not a lot if you want to live from it, |
| 85 | + but it is a lot if you would divide it by the amount of |
| 86 | + projects it could kick start. |
| 87 | +* **Why me?** I have experience in creating Node.js servers at scale and |
| 88 | + globally distributed. I also maintain [tus](https://tus.io/), a protocol |
| 89 | + for resumable file uploads in multiple languages. |
| 90 | +* **Why this amount of $**? With implementation, tests, and docs, this could |
| 91 | + take around three full days (optimistically). Naturally, I didn’t base this |
| 92 | + on a freelance rate I work for normally. It’s more an attempt at a fair |
| 93 | + flat fee. |
| 94 | + |
| 95 | +## Drawbacks |
| 96 | + |
| 97 | +* Money out of the Open Collective. |
| 98 | +* [go-camo][] already exists so there is some solution to this problem. |
| 99 | + But for people with front-end frameworks or Node.js servers this would mean |
| 100 | + hosting another server. Furthermore unified could contribute to awareness |
| 101 | + of the problem and a streamlined plug-and-play experience. |
| 102 | + |
| 103 | +## Alternatives |
| 104 | + |
| 105 | +* Only keeping the [`rehype-github-image`][] plugin and document the existing |
| 106 | + servers, not creating a Node.js server. |
| 107 | + |
| 108 | +## Adoption strategy |
| 109 | + |
| 110 | +Not relevant since it is a new project. |
| 111 | + |
| 112 | +[`rehype-github`]: https://github.com/rehypejs/rehype-github |
| 113 | + |
| 114 | +[`rehype-github-image`]: https://github.com/rehypejs/rehype-github/tree/main/packages/image |
| 115 | + |
| 116 | +[go-camo]: https://github.com/cactus/go-camo |
0 commit comments