Image proxy

Node icons and other images (including font icons and map tiles) that link to Web images, rather than coming from a file system, are not always displayed, due to security restrictions. Your browser will mark it as insecure and prevent the image from being loaded.

To allow the secure loading of such images, you can enable the Siren Investigate image proxy (IP) feature.

The proxy, available at /image_proxy?url=<url> when enabled, checks if the URL specified in the url parameter is from an allowed domain and if so downloads the image and streams it back to the browser.

If this is enabled on an unsecured Siren Investigate environment, it can act as an open relay which could be exploited. The image proxy feature is recommended for use only on a secured instance.

You can configure the proxy in the investigate_core.image_proxy section of the investigate.yml file; the following settings are available:

  • enabled: set to true to enable the Image proxy. Defaults to false.

  • allowed_domains: an array of strings containing domains from where images can be retrieved. Defaults to * (any domain).

  • max_image_size: the maximum image size allowed (in bytes). Defaults to 10000.

  • timeout: the number of milliseconds before an image request times out. Defaults to 30000.

  • proxy_cache_enabled: if set to true, the proxy caches retrieved images in memory. Defaults to false.

  • proxy_cache_expiration: specifies how many seconds cached images are kept in memory. Defaults to 3600.

  • browser_cache_control: the value of the Cache-Control header that are set in responses from the proxy. Defaults to public, max-age=3600.

  • disable_content_type_check: if set to true, the proxy does not block resources that are missing a Content-Type header that starts with image/. Defaults to false.

Example configuration:

    enabled: true
    max_image_size: 20000