fix(icons): reduce SVG data URI limit to prevent GitHub camo URL truncation (#106)

Copilot · ChipWolf · web-flow · commit c120cb046b74 · 2025-11-13T15:30:46.000Z
Co-authored-by: copilot-swe-agent[bot] &lt;198982749+Copilot@users.noreply.github.com&gt;
Co-authored-by: ChipWolf &lt;3164166+ChipWolf@users.noreply.github.com&gt;
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
@@ -41,11 +41,50 @@ BadgeSort/
 - **Dependencies**:
   - `requests`: HTTP requests to Shields.io
   - `simpleicons`: Access to Simple Icons database
+  - `scour`: SVG optimization for smaller badge URLs
+  - `librsvg2-bin`: SVG to PNG conversion (system package)
   - `pytest`, `pytest-cov`: Testing framework (dev dependencies)
   - Standard library: `argparse`, `colorsys`, `urllib`, etc.
 - **Container**: Docker (based on `duffn/python-poetry:3.11-slim`)
 - **Platform**: GitHub Actions
 
+## Development Setup
+
+### Building and Testing Locally
+
+1. **Install Poetry** (if not already installed):
+   ```bash
+   pip install poetry
+   ```
+
+2. **Install project dependencies**:
+   ```bash
+   cd /path/to/BadgeSort
+   poetry install
+   ```
+
+3. **Install system dependencies** (for SVG to PNG conversion):
+   ```bash
+   sudo apt-get install librsvg2-bin  # On Ubuntu/Debian
+   # or
+   brew install librsvg  # On macOS
+   ```
+
+4. **Run tests**:
+   ```bash
+   poetry run pytest tests/ -v
+   ```
+
+5. **Run tests with coverage**:
+   ```bash
+   poetry run pytest tests/ --cov=badgesort --cov-report=term-missing
+   ```
+
+6. **Run the CLI**:
+   ```bash
+   poetry run python -m badgesort.icons -s github python docker
+   ```
+
 ## Coding Standards and Conventions
 
 ### Commit Message Format (REQUIRED)
diff --git a/badgesort/icons.py b/badgesort/icons.py
@@ -26,13 +26,16 @@
 logging.basicConfig(level=logging.DEBUG)
 logger = logging.getLogger(__name__)
 
-def svg_to_base64_data_uri(svg_content, fill_color='white', max_url_length=6000):
+def svg_to_base64_data_uri(svg_content, fill_color='white', max_url_length=3700):
     """Convert an SVG to a compressed base64-encoded data URI with specified fill color optimized for 14x14px badges.
     
     Args:
         svg_content: SVG content as string
         fill_color: Fill color for the SVG paths ('white', 'black', or None)
-        max_url_length: Maximum URL length before falling back to PNG rasterization
+        max_url_length: Maximum data URI length before falling back to PNG rasterization.
+                       Default 3700 chars ensures badge URLs stay under GitHub's camo proxy
+                       8192 char limit (which hex-encodes URLs: 76 + url_len*2 <= 8192).
+                       Calculation: safe_url = (8192 - 76) / 2 - overhead ≈ 3850, with 150 char margin = 3700
     
     Uses scour-based SVG compression for optimal file size. For very large SVGs that would exceed
     URL length limits, falls back to PNG rasterization at 14x14px.
@@ -421,7 +424,8 @@ def run(args):
             if should_embed_svg:
                 logger.debug(f'Embedding SVG data URI for {icon.slug}')
                 # Convert SVG to base64 data URI for embedding
-                icon_data_uri = svg_to_base64_data_uri(icon.svg, icon_hex_comp, max_url_length=6000)
+                # Use 3700 char limit to stay under GitHub camo's 8192 char limit
+                icon_data_uri = svg_to_base64_data_uri(icon.svg, icon_hex_comp, max_url_length=3700)
                 icon_data_uri_encoded = quote(icon_data_uri, safe='')
                 icon_url = f'{icon_base}/{icon_title_safe}-{badge_color}.svg' if icon_title_safe else f'{icon_base}/-{badge_color}.svg'
                 icon_url += f'?style={args.badge_style}&logo={icon_data_uri_encoded}'
@@ -445,7 +449,7 @@ def run(args):
                 background_color = badge_color
             
             # Always use white icons for good contrast against any background
-            icon_data_uri = svg_to_base64_data_uri(icon.svg, 'white', max_url_length=4000)
+            icon_data_uri = svg_to_base64_data_uri(icon.svg, 'white', max_url_length=3700)
             icon_data_uri_encoded = quote(icon_data_uri, safe='')
             icon_url = f'{icon_base}/icon/{icon_title_safe}?icon={icon_data_uri_encoded}&label&color={background_color}&labelColor={background_color}' if icon_title_safe else f'{icon_base}/icon/?icon={icon_data_uri_encoded}&label&color={background_color}&labelColor={background_color}'
         else:
diff --git a/tests/test_camo_url_limits.py b/tests/test_camo_url_limits.py
@@ -0,0 +1,184 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""
+Tests for GitHub camo URL length limits.
+
+When badges are used in GitHub markdown files, GitHub proxies the image URLs through
+camo.githubusercontent.com for security. The camo proxy hex-encodes the original URL,
+resulting in: https://camo.githubusercontent.com/<40-char-digest>/<hex-encoded-url>
+
+This approximately doubles the URL length plus 76 chars overhead. The camo service has
+an 8192 character limit, so badge URLs must stay under ~4058 chars to work correctly.
+"""
+
+import argparse
+import tempfile
+import os
+from badgesort.icons import run, svg_to_base64_data_uri
+from simpleicons.all import icons
+from urllib.parse import quote
+
+
+CAMO_URL_LIMIT = 8192
+CAMO_OVERHEAD = 76  # base URL (35) + digest (40) + slash (1)
+
+
+def calculate_camo_url_length(badge_url):
+    """Calculate the approximate camo URL length for a badge URL.
+    
+    GitHub's camo proxy format: https://camo.githubusercontent.com/<digest>/<hex-encoded-url>
+    """
+    return CAMO_OVERHEAD + (len(badge_url.encode('utf-8')) * 2)
+
+
+def test_svg_data_uri_max_length_default():
+    """Test that default max_url_length respects camo limits."""
+    # The default max_url_length should be 3700 to stay under camo's 8192 limit
+    # This test verifies the function signature has the correct default
+    import inspect
+    sig = inspect.signature(svg_to_base64_data_uri)
+    max_url_length_default = sig.parameters['max_url_length'].default
+    
+    assert max_url_length_default == 3700, \
+        f"Default max_url_length should be 3700 (found {max_url_length_default})"
+
+
+def test_shields_embedded_svg_urls_under_camo_limit():
+    """Test that Shields.io badges with embedded SVGs stay under camo URL limit."""
+    with tempfile.NamedTemporaryFile(mode='w', suffix='.md', delete=False) as f:
+        f.write("""# Test File
+
+<!-- start chipwolf/badgesort test -->
+<!-- end chipwolf/badgesort test -->
+""")
+        temp_file = f.name
+    
+    try:
+        # Test with a few complex icons that have large SVGs
+        test_slugs = ['github', 'python', 'docker', 'kubernetes', 'amazonaws']
+        
+        args = argparse.Namespace(
+            slugs=test_slugs,
+            random=1,
+            output=temp_file,
+            id='test',
+            format='markdown',
+            badge_style='for-the-badge',
+            color_sort='hilbert',
+            hue_rotate=0,
+            no_thanks=True,
+            reverse=False,
+            provider='shields',
+            verify=False,
+            embed_svg=True,  # Force SVG embedding to test worst case
+            skip_logo_check=True
+        )
+        
+        run(args)
+        
+        with open(temp_file, 'r') as f:
+            result = f.read()
+        
+        # Extract badge URLs and check their camo lengths
+        import re
+        badge_urls = re.findall(r'https://img\.shields\.io/[^\)]+', result)
+        
+        for url in badge_urls:
+            camo_length = calculate_camo_url_length(url)
+            assert camo_length <= CAMO_URL_LIMIT, \
+                f"Badge URL would exceed camo limit: {camo_length} > {CAMO_URL_LIMIT}\nURL: {url[:100]}..."
+        
+        print(f"✓ All {len(badge_urls)} badge URLs stay under {CAMO_URL_LIMIT} char camo limit")
+        
+    finally:
+        os.unlink(temp_file)
+
+
+def test_badgen_urls_under_camo_limit():
+    """Test that Badgen.net badge URLs stay under camo URL limit."""
+    with tempfile.NamedTemporaryFile(mode='w', suffix='.md', delete=False) as f:
+        f.write("""# Test File
+
+<!-- start chipwolf/badgesort test -->
+<!-- end chipwolf/badgesort test -->
+""")
+        temp_file = f.name
+    
+    try:
+        # Test with a few icons
+        test_slugs = ['github', 'python', 'docker']
+        
+        args = argparse.Namespace(
+            slugs=test_slugs,
+            random=1,
+            output=temp_file,
+            id='test',
+            format='markdown',
+            badge_style='flat',
+            color_sort='hilbert',
+            hue_rotate=0,
+            no_thanks=True,
+            reverse=False,
+            provider='badgen',  # Badgen always embeds SVG
+            verify=False,
+            embed_svg=False,
+            skip_logo_check=True
+        )
+        
+        run(args)
+        
+        with open(temp_file, 'r') as f:
+            result = f.read()
+        
+        # Extract badge URLs and check their camo lengths
+        import re
+        badge_urls = re.findall(r'https://badgen\.net/[^\)]+', result)
+        
+        for url in badge_urls:
+            camo_length = calculate_camo_url_length(url)
+            assert camo_length <= CAMO_URL_LIMIT, \
+                f"Badgen URL would exceed camo limit: {camo_length} > {CAMO_URL_LIMIT}\nURL: {url[:100]}..."
+        
+        print(f"✓ All {len(badge_urls)} Badgen URLs stay under {CAMO_URL_LIMIT} char camo limit")
+        
+    finally:
+        os.unlink(temp_file)
+
+
+def test_data_uri_length_calculation():
+    """Test that SVG data URIs are kept under the safe limit."""
+    # Test with a medium-sized icon
+    github_icon = icons.get('github')
+    
+    # Generate data URI with default limit
+    data_uri = svg_to_base64_data_uri(github_icon.svg, 'white')
+    
+    # Build a sample badge URL
+    encoded_uri = quote(data_uri, safe='')
+    badge_url = f"https://img.shields.io/badge/GitHub-181717.svg?style=for-the-badge&logo={encoded_uri}"
+    
+    # Calculate camo URL length
+    camo_length = calculate_camo_url_length(badge_url)
+    
+    assert camo_length <= CAMO_URL_LIMIT, \
+        f"Sample badge would exceed camo limit: {camo_length} > {CAMO_URL_LIMIT}"
+    
+    print(f"✓ Sample badge camo URL: {camo_length} chars (under {CAMO_URL_LIMIT} limit)")
+
+
+def test_max_url_length_parameter_respected():
+    """Test that max_url_length parameter is properly enforced."""
+    # Get a large icon
+    large_icons = sorted(icons.items(), key=lambda x: len(x[1].svg), reverse=True)
+    large_icon = large_icons[0][1]
+    
+    # Test with a very small limit - should trigger PNG fallback
+    # (PNG fallback will fail due to missing rsvg-convert, but that's expected)
+    data_uri = svg_to_base64_data_uri(large_icon.svg, 'white', max_url_length=100)
+    
+    # The function should either return a short PNG data URI or fall back to the original
+    # In either case, we're testing that the parameter is being used
+    assert data_uri.startswith('data:image/'), \
+        "Should return a valid data URI"
+    
+    print(f"✓ max_url_length parameter is respected")
