hopefully unify handling of server HTTPS variables where needed, use scheme based on SELF_URL_PATH otherwise

This commit is contained in:
Andrew Dolgov 2017-07-10 16:20:40 +03:00
parent 1003cb24b9
commit 9f7bd151c6
3 changed files with 18 additions and 13 deletions

View file

@ -1528,7 +1528,6 @@
$doc->loadHTML($charset_hack . $res); $doc->loadHTML($charset_hack . $res);
$xpath = new DOMXPath($doc); $xpath = new DOMXPath($doc);
$ttrss_uses_https = parse_url(get_self_url_prefix(), PHP_URL_SCHEME) === 'https';
$rewrite_base_url = $site_url ? $site_url : get_self_url_prefix(); $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix();
$entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])'); $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])');
@ -1578,7 +1577,7 @@
if ($entry->hasAttribute('src')) { if ($entry->hasAttribute('src')) {
$is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https'; $is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';
if ($ttrss_uses_https && !$is_https_url) { if (is_prefix_https() && !$is_https_url) {
if ($entry->hasAttribute('srcset')) { if ($entry->hasAttribute('srcset')) {
$entry->removeAttribute('srcset'); $entry->removeAttribute('srcset');
@ -1619,7 +1618,7 @@
if (!iframe_whitelisted($entry)) { if (!iframe_whitelisted($entry)) {
$entry->setAttribute('sandbox', 'allow-scripts'); $entry->setAttribute('sandbox', 'allow-scripts');
} else { } else {
if ($_SERVER['HTTPS'] == "on") { if (is_prefix_https()) {
$entry->setAttribute("src", $entry->setAttribute("src",
str_replace("http://", "https://", str_replace("http://", "https://",
$entry->getAttribute("src"))); $entry->getAttribute("src")));
@ -1782,6 +1781,14 @@
return $tag; return $tag;
} }
function is_server_https() {
return $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
}
function is_prefix_https() {
return parse_url(SELF_URL_PATH, PHP_URL_SCHEME) == 'https';
}
// this returns SELF_URL_PATH sans ending slash // this returns SELF_URL_PATH sans ending slash
function get_self_url_prefix() { function get_self_url_prefix() {
if (strrpos(SELF_URL_PATH, "/") === strlen(SELF_URL_PATH)-1) { if (strrpos(SELF_URL_PATH, "/") === strlen(SELF_URL_PATH)-1) {

View file

@ -15,7 +15,7 @@
* to get out. */ * to get out. */
function make_self_url_path() { function make_self_url_path() {
$proto = ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') ? 'https' : 'http'; $proto = is_server_https() ? 'https' : 'http';
$url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
return $url_path; return $url_path;
@ -108,7 +108,7 @@
if (isset($_SERVER["HTTP_HOST"]) && if (isset($_SERVER["HTTP_HOST"]) &&
(!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) && (!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) &&
SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) { SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) {
array_push($errors, array_push($errors,
"Please set SELF_URL_PATH to the correct value detected for your server: <b>$ref_self_url_path</b>"); "Please set SELF_URL_PATH to the correct value detected for your server: <b>$ref_self_url_path</b>");
} }
@ -152,12 +152,6 @@
if (!class_exists("DOMDocument")) { if (!class_exists("DOMDocument")) {
array_push($errors, "PHP support for DOMDocument is required, but was not found."); array_push($errors, "PHP support for DOMDocument is required, but was not found.");
} }
$self_scheme = parse_url(SELF_URL_PATH, PHP_URL_SCHEME);
if ($_SERVER['HTTPS'] && $self_scheme == 'http') {
array_push($errors, "You are accessing tt-rss over SSL but SELF_URL_PATH in config.php refers to a http:// URL.");
}
} }
if (count($errors) > 0 && $_SERVER['REQUEST_URI']) { ?> if (count($errors) > 0 && $_SERVER['REQUEST_URI']) { ?>

View file

@ -22,7 +22,7 @@
$password = ""; $password = "";
$possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ*%+^"; $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ*%+^";
$i = 0; $i = 0;
while ($i < $length) { while ($i < $length) {
$char = substr($possible, mt_rand(0, strlen($possible)-1), 1); $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
@ -179,8 +179,12 @@
} }
} }
function is_server_https() {
return $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
}
function make_self_url_path() { function make_self_url_path() {
$url_path = ((!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http://' : 'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); $url_path = (is_server_https() ? 'https://' : 'http://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
return $url_path; return $url_path;
} }