Question: Legal concerns of running an open image resizing proxy

weserv / images

Source code of wsrv.nl (formerly images.weserv.nl), to be used on your own server(s).

https://wsrv.nl/

BSD 3-Clause "New" or "Revised" License

1.84k stars 188 forks source link

Question: Legal concerns of running an open image resizing proxy #409

Open Jontes-Tech opened 4 months ago

Jontes-Tech commented 4 months ago

Hello. Great service, but aren't there legal concerns of both downloading and serving whatever legally questionable content? I want to host this myself but I'd like to get a clearer picture first.

andrieslouw commented 4 months ago

Thanks, yes, there are some legal concerns. DMCA is the one impacting us the most, for this reason we use OpenDNS to block questionable categories. See https://github.com/weserv/images/issues/285#issuecomment-828176654

In addition, we can add certain domains to this blocklist. You could also do it vice-versa, and use lists to only allow specific domains.

Jontes-Tech commented 4 months ago

Is there a list of explicitly blocked domains you guys use? If you can't provide that for security-through-obscurity reasons but I'm curious about doing something similar in the future. Thanks.

andrieslouw commented 4 months ago

I can tell we actively block:

api.facebook.com
graph.facebook.com

And these cheap top TLD's, which are often used for abuse:

buzz
cc
club
date
fun
pw
top
xxx
xyz

We also sometimes generate lists of specific domains, but this is based on traffic patterns and keywords. They have to to with the categories we actively block using OpenDNS domain tagging. This is only done in case OpenDNS is not quick enough to tag domains.

Jontes-Tech commented 2 months ago

Are you quering some api or just doing DNS-based blocking? I'm curious to implement such functionality myself