2017-02-10 08:25:10 +01:00
|
|
|
<?php
|
|
|
|
class Af_Zz_ImgProxy extends Plugin {
|
|
|
|
private $host;
|
|
|
|
|
|
|
|
function about() {
|
|
|
|
return array(1.0,
|
2017-02-10 10:12:09 +01:00
|
|
|
"Load insecure images via built-in proxy",
|
2017-02-10 08:25:10 +01:00
|
|
|
"fox");
|
|
|
|
}
|
|
|
|
|
2017-04-22 14:26:33 +02:00
|
|
|
private $ssl_known_whitelist = "imgur.com gfycat.com i.reddituploads.com pbs.twimg.com i.redd.it i.sli.mg media.tumblr.com";
|
2017-04-20 08:09:00 +02:00
|
|
|
|
2017-02-10 14:04:28 +01:00
|
|
|
function is_public_method($method) {
|
|
|
|
return $method === "imgproxy";
|
|
|
|
}
|
|
|
|
|
2017-02-10 08:25:10 +01:00
|
|
|
function init($host) {
|
|
|
|
$this->host = $host;
|
|
|
|
|
|
|
|
$host->add_hook($host::HOOK_RENDER_ARTICLE, $this);
|
|
|
|
$host->add_hook($host::HOOK_RENDER_ARTICLE_CDM, $this);
|
2017-02-12 14:01:28 +01:00
|
|
|
$host->add_hook($host::HOOK_ENCLOSURE_ENTRY, $this);
|
2017-02-10 12:17:18 +01:00
|
|
|
|
|
|
|
$host->add_hook($host::HOOK_PREFS_TAB, $this);
|
2017-02-10 08:25:10 +01:00
|
|
|
}
|
|
|
|
|
2017-02-12 14:01:28 +01:00
|
|
|
function hook_enclosure_entry($enc) {
|
2017-03-23 13:22:00 +01:00
|
|
|
if (preg_match("/image/", $enc["content_type"])) {
|
2017-02-12 15:32:43 +01:00
|
|
|
$proxy_all = $this->host->get($this, "proxy_all");
|
2017-02-12 14:01:28 +01:00
|
|
|
|
2017-03-23 12:55:40 +01:00
|
|
|
$enc["content_url"] = $this->rewrite_url_if_needed($enc["content_url"], $proxy_all);
|
2017-02-12 15:32:43 +01:00
|
|
|
}
|
2017-02-12 14:01:28 +01:00
|
|
|
|
|
|
|
return $enc;
|
|
|
|
}
|
|
|
|
|
2017-02-10 08:25:10 +01:00
|
|
|
function hook_render_article($article) {
|
|
|
|
return $this->hook_render_article_cdm($article);
|
|
|
|
}
|
|
|
|
|
2017-02-10 10:12:09 +01:00
|
|
|
public function imgproxy() {
|
2017-02-10 14:04:28 +01:00
|
|
|
|
2017-02-10 10:12:09 +01:00
|
|
|
$url = rewrite_relative_url(SELF_URL_PATH, $_REQUEST["url"]);
|
2017-02-10 08:25:10 +01:00
|
|
|
|
2017-02-10 20:02:30 +01:00
|
|
|
// called without user context, let's just redirect to original URL
|
|
|
|
if (!$_SESSION["uid"]) {
|
|
|
|
header("Location: $url");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2017-03-23 12:55:40 +01:00
|
|
|
$local_filename = CACHE_DIR . "/images/" . sha1($url);
|
2017-02-10 08:25:10 +01:00
|
|
|
|
2017-02-10 12:41:11 +01:00
|
|
|
if ($_REQUEST["debug"] == "1") { print $url . "\n" . $local_filename; die; }
|
2017-02-10 08:25:10 +01:00
|
|
|
|
2017-02-10 10:37:21 +01:00
|
|
|
header("Content-Disposition: inline; filename=\"".basename($local_filename)."\"");
|
2017-02-10 08:25:10 +01:00
|
|
|
|
2017-02-10 10:12:09 +01:00
|
|
|
if (file_exists($local_filename)) {
|
2017-02-10 10:37:21 +01:00
|
|
|
$mimetype = mime_content_type($local_filename);
|
|
|
|
header("Content-type: $mimetype");
|
|
|
|
|
|
|
|
$stamp = gmdate("D, d M Y H:i:s", filemtime($local_filename)). " GMT";
|
|
|
|
header("Last-Modified: $stamp", true);
|
|
|
|
|
2017-02-10 10:12:09 +01:00
|
|
|
readfile($local_filename);
|
2017-02-10 08:25:10 +01:00
|
|
|
} else {
|
2017-02-14 16:48:40 +01:00
|
|
|
$data = fetch_file_contents(array("url" => $url));
|
2017-02-10 12:41:11 +01:00
|
|
|
|
2017-02-10 10:12:09 +01:00
|
|
|
if ($data) {
|
2017-02-10 10:37:21 +01:00
|
|
|
if (file_put_contents($local_filename, $data)) {
|
|
|
|
$mimetype = mime_content_type($local_filename);
|
|
|
|
header("Content-type: $mimetype");
|
|
|
|
}
|
|
|
|
|
2017-02-10 10:12:09 +01:00
|
|
|
print $data;
|
2017-02-13 13:25:52 +01:00
|
|
|
} else {
|
|
|
|
global $fetch_last_error;
|
|
|
|
global $fetch_last_error_code;
|
|
|
|
global $fetch_last_error_content;
|
|
|
|
|
2017-02-14 16:48:40 +01:00
|
|
|
if (function_exists("imagecreate") && !isset($_REQUEST["text"])) {
|
2017-02-13 13:49:41 +01:00
|
|
|
$img = imagecreate(450, 75);
|
2017-02-13 13:25:52 +01:00
|
|
|
|
2017-04-26 19:57:36 +02:00
|
|
|
/*$bg =*/ imagecolorallocate($img, 255, 255, 255);
|
2017-02-13 13:25:52 +01:00
|
|
|
$textcolor = imagecolorallocate($img, 255, 0, 0);
|
|
|
|
|
2017-02-13 13:49:41 +01:00
|
|
|
imagerectangle($img, 0, 0, 450-1, 75-1, $textcolor);
|
2017-02-13 13:25:52 +01:00
|
|
|
|
|
|
|
imagestring($img, 5, 5, 5, "Proxy request failed", $textcolor);
|
2017-02-13 13:49:41 +01:00
|
|
|
imagestring($img, 5, 5, 30, truncate_middle($url, 46, "..."), $textcolor);
|
2017-02-13 13:25:52 +01:00
|
|
|
imagestring($img, 5, 5, 55, "HTTP Code: $fetch_last_error_code", $textcolor);
|
|
|
|
|
|
|
|
header("Content-type: image/png");
|
|
|
|
print imagepng($img);
|
|
|
|
imagedestroy($img);
|
|
|
|
|
|
|
|
} else {
|
|
|
|
header("Content-type: text/html");
|
|
|
|
|
|
|
|
http_response_code(400);
|
|
|
|
|
|
|
|
print "<h1>Proxy request failed.</h1>";
|
|
|
|
print "<p>Fetch error $fetch_last_error ($fetch_last_error_code)</p>";
|
|
|
|
print "<p>URL: $url</p>";
|
|
|
|
print "<textarea cols='80' rows='25'>" . htmlspecialchars($fetch_last_error_content) . "</textarea>";
|
|
|
|
}
|
2017-02-10 10:12:09 +01:00
|
|
|
}
|
2017-02-10 08:25:10 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-03-23 12:55:40 +01:00
|
|
|
function rewrite_url_if_needed($url, $all_remote = false) {
|
2017-02-10 08:25:10 +01:00
|
|
|
$scheme = parse_url($url, PHP_URL_SCHEME);
|
|
|
|
|
2017-02-10 12:17:18 +01:00
|
|
|
if ($all_remote) {
|
|
|
|
$host = parse_url($url, PHP_URL_HOST);
|
|
|
|
$self_host = parse_url(SELF_URL_PATH, PHP_URL_HOST);
|
|
|
|
|
|
|
|
$is_remote = $host != $self_host;
|
|
|
|
} else {
|
|
|
|
$is_remote = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (($scheme != 'https' && $scheme != "") || $is_remote) {
|
|
|
|
if (strpos($url, "data:") !== 0) {
|
2017-04-20 08:09:00 +02:00
|
|
|
$parts = parse_url($url);
|
|
|
|
|
|
|
|
foreach (explode(" " , $this->ssl_known_whitelist) as $host) {
|
2017-04-23 20:55:14 +02:00
|
|
|
if (substr(strtolower($parts['host']), -strlen($host)) === strtolower($host)) {
|
2017-04-20 08:09:00 +02:00
|
|
|
$parts['scheme'] = 'https';
|
2017-04-23 21:17:24 +02:00
|
|
|
$url = build_url($parts);
|
|
|
|
if ($all_remote && $is_remote) {
|
|
|
|
break;
|
|
|
|
} else {
|
|
|
|
return $url;
|
|
|
|
}
|
2017-04-20 08:09:00 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return get_self_url_prefix() . "/public.php?op=pluginhandler&plugin=af_zz_imgproxy&pmethod=imgproxy&url=" .
|
2017-02-10 12:41:11 +01:00
|
|
|
urlencode($url);
|
2017-02-10 12:17:18 +01:00
|
|
|
}
|
2017-02-10 08:25:10 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return $url;
|
|
|
|
}
|
|
|
|
|
2017-04-26 19:57:36 +02:00
|
|
|
/**
|
|
|
|
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
|
|
|
|
*/
|
2017-02-10 08:25:10 +01:00
|
|
|
function hook_render_article_cdm($article, $api_mode = false) {
|
|
|
|
|
|
|
|
$need_saving = false;
|
2017-02-10 12:17:18 +01:00
|
|
|
$proxy_all = $this->host->get($this, "proxy_all");
|
2017-02-10 08:25:10 +01:00
|
|
|
|
|
|
|
$doc = new DOMDocument();
|
|
|
|
if (@$doc->loadHTML($article["content"])) {
|
|
|
|
$xpath = new DOMXPath($doc);
|
|
|
|
$imgs = $xpath->query("//img[@src]");
|
|
|
|
|
|
|
|
foreach ($imgs as $img) {
|
2017-03-23 12:55:40 +01:00
|
|
|
$new_src = $this->rewrite_url_if_needed($img->getAttribute("src"), $proxy_all);
|
2017-02-10 08:25:10 +01:00
|
|
|
|
|
|
|
if ($new_src != $img->getAttribute("src")) {
|
|
|
|
$img->setAttribute("src", $new_src);
|
2017-02-14 16:48:40 +01:00
|
|
|
$img->removeAttribute("srcset");
|
2017-02-10 08:25:10 +01:00
|
|
|
|
|
|
|
$need_saving = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$vids = $xpath->query("//video");
|
|
|
|
|
|
|
|
foreach ($vids as $vid) {
|
|
|
|
if ($vid->hasAttribute("poster")) {
|
2017-03-23 12:55:40 +01:00
|
|
|
$new_src = $this->rewrite_url_if_needed($vid->getAttribute("poster"), $proxy_all);
|
2017-02-10 08:25:10 +01:00
|
|
|
|
|
|
|
if ($new_src != $vid->getAttribute("poster")) {
|
|
|
|
$vid->setAttribute("poster", $new_src);
|
|
|
|
|
|
|
|
$need_saving = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$vsrcs = $xpath->query("source", $vid);
|
|
|
|
|
|
|
|
foreach ($vsrcs as $vsrc) {
|
2017-03-23 12:55:40 +01:00
|
|
|
$new_src = $this->rewrite_url_if_needed($vsrc->getAttribute("src"), $proxy_all);
|
2017-02-10 08:25:10 +01:00
|
|
|
|
|
|
|
if ($new_src != $vsrc->getAttribute("src")) {
|
|
|
|
$vid->setAttribute("src", $new_src);
|
|
|
|
|
|
|
|
$need_saving = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($need_saving) $article["content"] = $doc->saveXML();
|
|
|
|
|
|
|
|
return $article;
|
|
|
|
}
|
|
|
|
|
2017-02-10 12:17:18 +01:00
|
|
|
function hook_prefs_tab($args) {
|
|
|
|
if ($args != "prefFeeds") return;
|
|
|
|
|
2017-02-10 12:57:25 +01:00
|
|
|
print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Image proxy settings (af_zz_imgproxy)')."\">";
|
2017-02-10 12:17:18 +01:00
|
|
|
|
|
|
|
print "<form dojoType=\"dijit.form.Form\">";
|
|
|
|
|
|
|
|
print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
|
|
|
|
evt.preventDefault();
|
|
|
|
if (this.validate()) {
|
|
|
|
console.log(dojo.objectToQuery(this.getValues()));
|
|
|
|
new Ajax.Request('backend.php', {
|
|
|
|
parameters: dojo.objectToQuery(this.getValues()),
|
|
|
|
onComplete: function(transport) {
|
|
|
|
notify_info(transport.responseText);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
//this.reset();
|
|
|
|
}
|
|
|
|
</script>";
|
|
|
|
|
|
|
|
print_hidden("op", "pluginhandler");
|
|
|
|
print_hidden("method", "save");
|
|
|
|
print_hidden("plugin", "af_zz_imgproxy");
|
|
|
|
|
|
|
|
$proxy_all = $this->host->get($this, "proxy_all");
|
|
|
|
print_checkbox("proxy_all", $proxy_all);
|
|
|
|
|
|
|
|
print " <label for=\"proxy_all\">" . __("Enable proxy for all remote images.") . "</label>";
|
|
|
|
|
|
|
|
print "<p>"; print_button("submit", __("Save"));
|
|
|
|
|
|
|
|
print "</form>";
|
|
|
|
|
|
|
|
print "</div>";
|
|
|
|
}
|
|
|
|
|
|
|
|
function save() {
|
|
|
|
$proxy_all = checkbox_to_sql_bool($_POST["proxy_all"]) == "true";
|
|
|
|
|
|
|
|
$this->host->set($this, "proxy_all", $proxy_all);
|
|
|
|
|
|
|
|
echo __("Configuration saved");
|
|
|
|
}
|
|
|
|
|
2017-02-10 08:25:10 +01:00
|
|
|
function api_version() {
|
|
|
|
return 2;
|
|
|
|
}
|
|
|
|
}
|