Danbooru::Http: fix bug when using proxy option.

Fix external HTTP requests not working when the HTTP proxy was enabled. Caused by the `public_only`
option (which prevents SSRF attacks by validating that the URL doesn't resolve to a local IP) being
incompatible with the `proxy` option.

app/logical/danbooru/http.rb

@@ -55,7 +55,13 @@ module Danbooru
 
     # The default HTTP client for requests to external websites. This includes API calls to external services, fetching source data, and downloading images.
     def self.external
-      new.proxy.public_only.headers("User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0")
+      if Danbooru.config.http_proxy.present?
+        # XXX The `proxy` option is incompatible with the `public_only` option. When using a proxy, the proxy itself
+        # should be configured to block HTTP requests to IPs on the local network.
+        new.proxy.headers("User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0")
+      else
+        new.public_only.headers("User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0")
+      end
     end
 
     # The default HTTP client for API calls to internal services controlled by Danbooru.

config/danbooru_default_config.rb

@@ -579,6 +579,10 @@ module Danbooru
     end
 
     # The proxy to use for outgoing HTTP requests.
+    #
+    # If you use a proxy and you're running a public-facing site, you should be careful to configure the proxy to block
+    # HTTP requests to the local network. That is, block requests to e.g. 127.0.0.1 and 192.168.0.1/24 so that users
+    # can't upload URLs like `http://192.168.0.1.nip.io/` to trigger HTTP requests to servers inside your local network.
     def http_proxy
       # "http://username:password@proxy.example.com:1080"
     end