Public Repository

Last pushed: 3 years ago
Short Description
an http proxy to route images through SSL written by atmos
Full Description


Camo is all about making insecure assets look secure. This is an SSL image proxy to prevent mixed content warnings on secure pages served from GitHub.

We want to allow people to keep embedding images in comments/issues/READMEs.

There's more info on the GitHub blog.

Using a shared key, proxy URLs are encrypted with hmac so we can bust caches/ban/rate limit if needed.

Camo currently runs on node version 0.10.29 at GitHub on heroku.


  • Max size for proxied images
  • Follow redirects to a certain depth
  • Restricts proxied images content-types to a whitelist
  • Forward images regardless of HTTP status code

At GitHub we render markdown and replace all of the src attributes on the img tags with the appropriate URL to hit the proxies. There's example code for creating URLs in the tests.

URL Formats

Camo supports two distinct URL formats:<digest>?url=<image-url><digest>/<image-url>

The <digest> is a 40 character hex encoded HMAC digest generated with a shared
secret key and the unescaped <image-url> value. The <image-url> is the
absolute URL locating an image. In the first format, the <image-url> should be
URL escaped aggressively to ensure the original value isn't mangled in transit.
In the second format, each byte of the <image-url> should be hex encoded such
that the resulting value includes only characters [0-9a-f].


Camo is configured through environment variables.

  • PORT: The port number Camo should listen on. (default: 8081)
  • CAMO_HEADER_VIA: The string for Camo to include in the Via and User-Agent headers it sends in requests to origin servers. (default: Camo Asset Proxy <version>)
  • CAMO_KEY: The shared key used to generate the HMAC digest.
  • CAMO_LENGTH_LIMIT: The maximum Content-Length Camo will proxy. (default: 5242880)
  • CAMO_LOGGING_ENABLED: The logging level used for reporting debug or error information. Options are debug and disabled. (default: disabled)
  • CAMO_MAX_REDIRECTS: The maximum number of redirects Camo will follow while fetching an image. (default: 4)
  • CAMO_SOCKET_TIMEOUT: The maximum number of seconds Camo will wait before giving up on fetching an image. (default: 10)
  • CAMO_TIMING_ALLOW_ORIGIN: The string for Camo to include in the Timing-Allow-Origin header it sends in responses to clients. The header is omitted if this environment variable is not set. (default: not set)
  • CAMO_HOSTNAME: The Camo-Host header value that Camo will send. (default: unknown)
  • CAMO_KEEP_ALIVE: Whether or not to enable keep-alive session. (default: false)


docker run -p 8081:8081 -e 'CAMO_KEY'='<my application key>' wfjsw/camo

How to get encrypted URI (in Ruby)

Remember to replace your application key!

def request_uri(image_url)  
  hexdigest = OpenSSL::HMAC.hexdigest('sha1'), '<my application key>', image_url)   
  encoded_image_url = hexenc(image_url)   
Docker Pull Command