Difference between revisions of "Installation/Camo"

From diaspora* project wiki
Jump to: navigation, search
(Created page with "{{Serious|Camo integration for diaspora* is not yet merged into the source. This documentation is a work in progress so it's ready when the Camo integration is merged.}} == A...")
 
Line 1: Line 1:
 
{{Serious|Camo integration for diaspora* is not yet merged into the source. This documentation is a work in progress so it's ready when the Camo integration is merged.}}
 
{{Serious|Camo integration for diaspora* is not yet merged into the source. This documentation is a work in progress so it's ready when the Camo integration is merged.}}
  
== About Camo ==
+
[[File:Markdown_embeds_without_Camo.svg|thumb|right|200px|Reques targets, without Camo]]
 +
[[File:Markdown_embeds_with_Camo.svg|thumb|right|200px|Reques targets, with Camo]]
 +
 
 +
== About Camo and why there is support for it in diaspora* ==
  
 
[https://github.com/atmos/camo Camo] is a small Node.js application to proxy insecure assets. Its main reason is to service HTTP assets over an HTTPS channel to avoid mixed content warnings. Another usage is to reduce the amount of external assets to avoid browser connects to third party hosts.
 
[https://github.com/atmos/camo Camo] is a small Node.js application to proxy insecure assets. Its main reason is to service HTTP assets over an HTTPS channel to avoid mixed content warnings. Another usage is to reduce the amount of external assets to avoid browser connects to third party hosts.
 +
 +
diaspora* supports content formatting using [https://diasporafoundation.org/formatting Markdown], which also enables users to embed images from third parties. While this is great for creating larger posts with inline images, it's a huge privacy and security problem since most of the images will get hosted by third parties, forcing the users browser to connect to those servers and thus exposing their identities to others.
 +
 +
Since disabling markdown embeds is not a nice solution, we implemented a special mechanism to rewrite markdown image URLs to get proxoed through Camo. In addition, it is also possible to proxy remote profile pictures and remote post photos to create an environment almost entirely without external resources.

Revision as of 04:01, 9 November 2014

»» Important
Camo integration for diaspora* is not yet merged into the source. This documentation is a work in progress so it's ready when the Camo integration is merged.


Reques targets, without Camo
Reques targets, with Camo

About Camo and why there is support for it in diaspora*

Camo is a small Node.js application to proxy insecure assets. Its main reason is to service HTTP assets over an HTTPS channel to avoid mixed content warnings. Another usage is to reduce the amount of external assets to avoid browser connects to third party hosts.

diaspora* supports content formatting using Markdown, which also enables users to embed images from third parties. While this is great for creating larger posts with inline images, it's a huge privacy and security problem since most of the images will get hosted by third parties, forcing the users browser to connect to those servers and thus exposing their identities to others.

Since disabling markdown embeds is not a nice solution, we implemented a special mechanism to rewrite markdown image URLs to get proxoed through Camo. In addition, it is also possible to proxy remote profile pictures and remote post photos to create an environment almost entirely without external resources.