Respect remote image allowlists (#15569)

* Respect remote image allowlists

* Fix inferRemoteSize virtual module import

Author: matthewp

.changeset/tame-lemons-probe.md

@@ -0,0 +1,5 @@
+---
+"astro": patch
+---
+
+Respect image allowlists when inferring remote image sizes and reject remote redirects.

packages/astro/src/assets/build/remote.ts

@@ -9,7 +9,11 @@ export type RemoteCacheEntry = {
 
 export async function loadRemoteImage(src: string) {
 	const req = new Request(src);
-	const res = await fetch(req);
+	const res = await fetch(req, { redirect: 'manual' });
+
+	if (res.status >= 300 && res.status < 400) {
+		throw new Error(`Failed to load remote image ${src}. The request was redirected.`);
+	}
 
 	if (!res.ok) {
 		throw new Error(
@@ -47,7 +51,11 @@ export async function revalidateRemoteImage(
 		...(revalidationData.lastModified && { 'If-Modified-Since': revalidationData.lastModified }),
 	};
 	const req = new Request(src, { headers, cache: 'no-cache' });
-	const res = await fetch(req);
+	const res = await fetch(req, { redirect: 'manual' });
+
+	if (res.status >= 300 && res.status < 400) {
+		throw new Error(`Failed to revalidate cached remote image ${src}. The request was redirected.`);
+	}
 
 	// Asset not modified: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/304
 	if (!res.ok && res.status !== 304) {

packages/astro/src/assets/endpoint/generic.ts

@@ -12,8 +12,13 @@ async function loadRemoteImage(src: URL, headers: Headers) {
 		const res = await fetch(src, {
 			// Forward all headers from the original request
 			headers,
+			redirect: 'manual',
 		});
 
+		if (res.status >= 300 && res.status < 400) {
+			return undefined;
+		}
+
 		if (!res.ok) {
 			return undefined;
 		}

packages/astro/src/assets/endpoint/shared.ts

@@ -8,7 +8,11 @@ import { etag } from '../utils/etag.js';
 
 export async function loadRemoteImage(src: URL): Promise<Buffer | undefined> {
 	try {
-		const res = await fetch(src);
+		const res = await fetch(src, { redirect: 'manual' });
+
+		if (res.status >= 300 && res.status < 400) {
+			return undefined;
+		}
 
 		if (!res.ok) {
 			return undefined;

packages/astro/src/assets/internal.ts

@@ -1,4 +1,5 @@
 import { isRemotePath } from '@astrojs/internal-helpers/path';
+import { isRemoteAllowed } from '@astrojs/internal-helpers/remote';
 import { AstroError, AstroErrorData } from '../core/errors/index.js';
 import type { AstroConfig } from '../types/public/config.js';
 import type { AstroAdapterClientConfig } from '../types/public/integrations.js';
@@ -78,17 +79,23 @@ export async function getImage(
 	let originalHeight: number | undefined;
 
 	// Infer size for remote images if inferSize is true
-	if (
-		options.inferSize &&
-		isRemoteImage(resolvedOptions.src) &&
-		isRemotePath(resolvedOptions.src)
-	) {
-		const result = await inferRemoteSize(resolvedOptions.src); // Directly probe the image URL
-		resolvedOptions.width ??= result.width;
-		resolvedOptions.height ??= result.height;
-		originalWidth = result.width;
-		originalHeight = result.height;
+	if (options.inferSize) {
 		delete resolvedOptions.inferSize; // Delete so it doesn't end up in the attributes
+
+		if (isRemoteImage(resolvedOptions.src) && isRemotePath(resolvedOptions.src)) {
+			if (!isRemoteAllowed(resolvedOptions.src, imageConfig)) {
+				throw new AstroError({
+					...AstroErrorData.RemoteImageNotAllowed,
+					message: AstroErrorData.RemoteImageNotAllowed.message(resolvedOptions.src),
+				});
+			}
+
+			const result = await inferRemoteSize(resolvedOptions.src, imageConfig); // Directly probe the image URL
+			resolvedOptions.width ??= result.width;
+			resolvedOptions.height ??= result.height;
+			originalWidth = result.width;
+			originalHeight = result.height;
+		}
 	}
 
 	const originalFilePath = isESMImportedImage(resolvedOptions.src)

packages/astro/src/assets/utils/remoteProbe.ts

@@ -1,17 +1,64 @@
+import { isRemoteAllowed } from '@astrojs/internal-helpers/remote';
 import { AstroError, AstroErrorData } from '../../core/errors/index.js';
+import type { AstroConfig } from '../../types/public/config.js';
 import type { ImageMetadata } from '../types.js';
 import { imageMetadata } from './metadata.js';
 
+type RemoteImageConfig = Pick<AstroConfig['image'], 'domains' | 'remotePatterns'>;
+
 /**
  * Infers the dimensions of a remote image by streaming its data and analyzing it progressively until sufficient metadata is available.
  *
  * @param {string} url - The URL of the remote image from which to infer size metadata.
+ * @param {RemoteImageConfig} [imageConfig] - Optional image config used to validate remote allowlists.
  * @return {Promise<Omit<ImageMetadata, 'src' | 'fsPath'>>} Returns a promise that resolves to an object containing the image dimensions metadata excluding `src` and `fsPath`.
  * @throws {AstroError} Thrown when the fetching fails or metadata cannot be extracted.
  */
-export async function inferRemoteSize(url: string): Promise<Omit<ImageMetadata, 'src' | 'fsPath'>> {
+export async function inferRemoteSize(
+	url: string,
+	imageConfig?: RemoteImageConfig,
+): Promise<Omit<ImageMetadata, 'src' | 'fsPath'>> {
+	if (!URL.canParse(url)) {
+		throw new AstroError({
+			...AstroErrorData.FailedToFetchRemoteImageDimensions,
+			message: AstroErrorData.FailedToFetchRemoteImageDimensions.message(url),
+		});
+	}
+
+	const allowlistConfig = imageConfig
+		? {
+				domains: imageConfig.domains ?? [],
+				remotePatterns: imageConfig.remotePatterns ?? [],
+			}
+		: undefined;
+
+	if (!allowlistConfig) {
+		const parsedUrl = new URL(url);
+		if (!['http:', 'https:'].includes(parsedUrl.protocol)) {
+			throw new AstroError({
+				...AstroErrorData.FailedToFetchRemoteImageDimensions,
+				message: AstroErrorData.FailedToFetchRemoteImageDimensions.message(url),
+			});
+		}
+	}
+
+	if (allowlistConfig && !isRemoteAllowed(url, allowlistConfig)) {
+		throw new AstroError({
+			...AstroErrorData.RemoteImageNotAllowed,
+			message: AstroErrorData.RemoteImageNotAllowed.message(url),
+		});
+	}
+
 	// Start fetching the image
-	const response = await fetch(url);
+	const response = await fetch(url, { redirect: 'manual' });
+
+	if (response.status >= 300 && response.status < 400) {
+		throw new AstroError({
+			...AstroErrorData.FailedToFetchRemoteImageDimensions,
+			message: AstroErrorData.FailedToFetchRemoteImageDimensions.message(url),
+		});
+	}
+
 	if (!response.body || !response.ok) {
 		throw new AstroError({
 			...AstroErrorData.FailedToFetchRemoteImageDimensions,

packages/astro/src/assets/vite-plugin-assets.ts

@@ -143,11 +143,11 @@ export default function assets({ fs, settings, sync, logger }: Options): vite.Pl
 				if (id === resolvedVirtualModuleId) {
 					return {
 						code: `
-							export { getConfiguredImageService, isLocalService } from "astro/assets";
-							import { getImage as getImageInternal } from "astro/assets";
-							export { default as Image } from "astro/components/${imageComponentPrefix}Image.astro";
-							export { default as Picture } from "astro/components/${imageComponentPrefix}Picture.astro";
-							export { inferRemoteSize } from "astro/assets/utils/inferRemoteSize.js";
+								export { getConfiguredImageService, isLocalService } from "astro/assets";
+								import { getImage as getImageInternal } from "astro/assets";
+								import { inferRemoteSize as inferRemoteSizeInternal } from "astro/assets/utils/inferRemoteSize.js";
+								export { default as Image } from "astro/components/${imageComponentPrefix}Image.astro";
+								export { default as Picture } from "astro/components/${imageComponentPrefix}Picture.astro";
 
 							export { default as Font } from "astro/components/Font.astro";
 							export * from "${RUNTIME_VIRTUAL_MODULE_ID}";
@@ -172,6 +172,9 @@ export default function assets({ fs, settings, sync, logger }: Options): vite.Pl
 								enumerable: false,
 								configurable: true,
 							});
+							export const inferRemoteSize = async (url) => {
+								return inferRemoteSizeInternal(url, imageConfig)
+							}
 							// This is used by the @astrojs/node integration to locate images.
 							// It's unused on other platforms, but on some platforms like Netlify (and presumably also Vercel)
 							// new URL("dist/...") is interpreted by the bundler as a signal to include that directory

packages/astro/src/core/errors/errors-data.ts

@@ -555,6 +555,20 @@ export const FailedToFetchRemoteImageDimensions = {
 	message: (imageURL: string) => `Failed to get the dimensions for ${imageURL}.`,
 	hint: 'Verify your remote image URL is accurate, and that you are not using `inferSize` with a file located in your `public/` folder.',
 } satisfies ErrorData;
+/**
+ * @docs
+ * @message
+ * Remote image `IMAGE_URL` is not allowed by your image configuration.
+ * @description
+ * The remote image URL does not match your configured `image.domains` or `image.remotePatterns`.
+ */
+export const RemoteImageNotAllowed = {
+	name: 'RemoteImageNotAllowed',
+	title: 'Remote image is not allowed',
+	message: (imageURL: string) =>
+		`Remote image ${imageURL} is not allowed by your image configuration.`,
+	hint: 'Update `image.domains` or `image.remotePatterns`, or remove `inferSize` for this image.',
+} satisfies ErrorData;
 /**
  * @docs
  * @description

packages/astro/test/core-image-infersize.test.js

@@ -76,5 +76,16 @@ describe('astro:image:infersize', () => {
 				assert.equal($dimensions.text().trim(), '64x64');
 			});
 		});
+
+		it('rejects remote inferSize that is not allowlisted', async () => {
+			logs.length = 0;
+			const res = await fixture.fetch('/disallowed');
+			await res.text();
+
+			const hasDisallowedLog = logs.some(
+				(log) => log.message.includes('Remote image') && log.message.includes('not allowed'),
+			);
+			assert.equal(hasDisallowedLog, true);
+		});
 	});
 });

packages/astro/test/core-image.test.js

@@ -1,4 +1,5 @@
 import assert from 'node:assert/strict';
+import { createServer } from 'node:http';
 import { basename } from 'node:path';
 import { Writable } from 'node:stream';
 import { after, afterEach, before, describe, it } from 'node:test';
@@ -19,8 +20,30 @@ describe('astro:image', () => {
 		let devServer;
 		/** @type {Array<{ type: any, level: 'error', message: string; }>} */
 		let logs = [];
+		/** @type {import('node:http').Server | undefined} */
+		let redirectServer;
+		/** @type {string | undefined} */
+		let redirectUrl;
 
 		before(async () => {
+			redirectServer = createServer((req, res) => {
+				if (req.url === '/redirect') {
+					res.statusCode = 302;
+					res.setHeader('Location', 'https://example.com/image.png');
+					res.end();
+					return;
+				}
+
+				res.statusCode = 404;
+				res.end();
+			});
+
+			await new Promise((resolve) => redirectServer.listen(0, '127.0.0.1', resolve));
+			const address = redirectServer.address();
+			if (address && typeof address === 'object') {
+				redirectUrl = `http://127.0.0.1:${address.port}/redirect`;
+			}
+
 			fixture = await loadFixture({
 				root: './fixtures/core-image/',
 				image: {
@@ -30,6 +53,15 @@ describe('astro:image', () => {
 						{
 							protocol: 'data',
 						},
+						...(redirectUrl
+							? [
+									{
+										protocol: 'http',
+										hostname: '127.0.0.1',
+										port: new URL(redirectUrl).port,
+									},
+								]
+							: []),
 					],
 				},
 			});
@@ -50,6 +82,9 @@ describe('astro:image', () => {
 
 		after(async () => {
 			await devServer.stop();
+			if (redirectServer) {
+				await new Promise((resolve) => redirectServer.close(resolve));
+			}
 		});
 
 		describe('basics', () => {
@@ -487,6 +522,13 @@ describe('astro:image', () => {
 					assert.ok($img.attr('width'));
 					assert.ok($img.attr('height'));
 				});
+
+				it('rejects remote redirects', async () => {
+					assert.ok(redirectUrl, 'Expected redirect URL to be set');
+					const src = `/_image?href=${encodeURIComponent(redirectUrl)}&w=1&h=1&f=png`;
+					const imageRequest = await fixture.fetch(src);
+					assert.ok(imageRequest.status >= 400);
+				});
 			});
 
 			it('error if no width and height', async () => {