diff --git a/backend/app/admin_ui.py b/backend/app/admin_ui.py index 04c6db4..e108d3d 100644 --- a/backend/app/admin_ui.py +++ b/backend/app/admin_ui.py @@ -3,6 +3,7 @@ from __future__ import annotations import json from pathlib import Path import re +from urllib.parse import urlparse from urllib.parse import urlencode from urllib.request import Request as UrlRequest, urlopen @@ -124,6 +125,14 @@ def _is_probably_irrelevant_image(url: str) -> bool: return any(re.search(pattern, lowered) for pattern in patterns) +def _is_http_image_url(url: str) -> bool: + try: + parsed = urlparse(url) + except Exception: + return False + return parsed.scheme in {"http", "https"} and bool(parsed.netloc) + + def _build_image_entries(article: dict, extraction: dict, meta: dict) -> list[dict[str, object]]: all_images = _read_article_images(article, extraction) image_review = meta.get("image_review") if isinstance(meta.get("image_review"), dict) else {} @@ -371,15 +380,19 @@ def admin_article_image_decision( @router.get("/admin/images/proxy") def admin_image_proxy(request: Request, url: str): - user = _admin_user(request) - if not user: - return Response(status_code=401) - - if not (url.startswith("http://") or url.startswith("https://")): + if not _is_http_image_url(url): return Response(status_code=400) try: - req = UrlRequest(url=url, headers={"User-Agent": IMAGE_PROXY_USER_AGENT, "Referer": url}) + referer = request.headers.get("referer", "") + req = UrlRequest( + url=url, + headers={ + "User-Agent": IMAGE_PROXY_USER_AGENT, + "Accept": "image/avif,image/webp,image/apng,image/*,*/*;q=0.8", + "Referer": referer or url, + }, + ) with urlopen(req, timeout=10) as resp: body = resp.read() content_type = resp.headers.get("Content-Type", "application/octet-stream") diff --git a/backend/static/admin.css b/backend/static/admin.css index 402c067..705aeda 100644 --- a/backend/static/admin.css +++ b/backend/static/admin.css @@ -210,6 +210,11 @@ button.secondary { background: #f8fafc; } +.img-failed { + opacity: 0.3; + filter: grayscale(1); +} + .image-meta { margin-top: 6px; display: flex; diff --git a/backend/templates/admin_article_detail.html b/backend/templates/admin_article_detail.html index bdfc0af..a38937b 100644 --- a/backend/templates/admin_article_detail.html +++ b/backend/templates/admin_article_detail.html @@ -79,7 +79,7 @@ {% for image in article.image_entries %}
- Artikelbild + Artikelbild
{% if image.is_selected %}Ausgewählt{% endif %} diff --git a/backend/templates/admin_dashboard.html b/backend/templates/admin_dashboard.html index 6709f65..5dad3f5 100644 --- a/backend/templates/admin_dashboard.html +++ b/backend/templates/admin_dashboard.html @@ -157,7 +157,7 @@
Legal: {{ "OK" if a.legal_checked else "offen" }}
{% if a.selected_image_url %}
Hauptbild gesetzt
- Hauptbild + Hauptbild {% endif %} {% if a.summary %}
Summary: {{ a.summary }}