Using camo for SSL image proxying

I’ve just set up SSL image proxying on my website through camo to make sure any external non-https images are served via https. Camo is a simple HTTP proxy that also encrypts URLs with HMAC to prevent someone piggy-backing off your service.

Currently running nicely through Heroku using their wildcard SSL herokuapp.com certificate. My first time using a “Deploy to Heroku” button which made this ridiculously easy to get set up.

I now wrap external (http) image URLs on here with camo_image():

# from https://github.com/atmos/camo/blob/master/test/proxy_test.rb

def hexenc(image_url)
  image_url.to_enum(:each_byte).map { |byte| "%02x" % byte }.join
end

def camo_image(image_url)
  hexdigest = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new("sha1"), CAMO_KEY, image_url)
  encoded_image_url = hexenc(image_url)
  "#{CAMO_URL}/#{hexdigest}/#{encoded_image_url}"
end

You can see it in action here.