]>
Commit | Line | Data |
---|---|---|
c4ebf01e AD |
1 | <?php |
2 | class Af_Zz_ImgProxy extends Plugin { | |
3 | private $host; | |
4 | ||
5 | function about() { | |
6 | return array(1.0, | |
c93d43c6 | 7 | "Load insecure images via built-in proxy", |
c4ebf01e AD |
8 | "fox"); |
9 | } | |
10 | ||
78f1116d | 11 | private $ssl_known_whitelist = "imgur.com gfycat.com i.reddituploads.com pbs.twimg.com i.redd.it i.sli.mg media.tumblr.com"; |
ecab4354 | 12 | |
4daaf234 AD |
13 | function is_public_method($method) { |
14 | return $method === "imgproxy"; | |
15 | } | |
16 | ||
c4ebf01e AD |
17 | function init($host) { |
18 | $this->host = $host; | |
19 | ||
20 | $host->add_hook($host::HOOK_RENDER_ARTICLE, $this); | |
21 | $host->add_hook($host::HOOK_RENDER_ARTICLE_CDM, $this); | |
58210301 | 22 | $host->add_hook($host::HOOK_ENCLOSURE_ENTRY, $this); |
8cf37284 AD |
23 | |
24 | $host->add_hook($host::HOOK_PREFS_TAB, $this); | |
c4ebf01e AD |
25 | } |
26 | ||
58210301 | 27 | function hook_enclosure_entry($enc) { |
dc2c4b13 | 28 | if (preg_match("/image/", $enc["content_type"])) { |
bc83dcb3 | 29 | $proxy_all = $this->host->get($this, "proxy_all"); |
58210301 | 30 | |
41bead9b | 31 | $enc["content_url"] = $this->rewrite_url_if_needed($enc["content_url"], $proxy_all); |
bc83dcb3 | 32 | } |
58210301 AD |
33 | |
34 | return $enc; | |
35 | } | |
36 | ||
c4ebf01e AD |
37 | function hook_render_article($article) { |
38 | return $this->hook_render_article_cdm($article); | |
39 | } | |
40 | ||
c93d43c6 | 41 | public function imgproxy() { |
4daaf234 | 42 | |
c93d43c6 | 43 | $url = rewrite_relative_url(SELF_URL_PATH, $_REQUEST["url"]); |
c4ebf01e | 44 | |
2187322c AD |
45 | // called without user context, let's just redirect to original URL |
46 | if (!$_SESSION["uid"]) { | |
47 | header("Location: $url"); | |
48 | return; | |
49 | } | |
50 | ||
41bead9b | 51 | $local_filename = CACHE_DIR . "/images/" . sha1($url); |
c4ebf01e | 52 | |
51198e7e | 53 | if ($_REQUEST["debug"] == "1") { print $url . "\n" . $local_filename; die; } |
c4ebf01e | 54 | |
38b3998b | 55 | header("Content-Disposition: inline; filename=\"".basename($local_filename)."\""); |
c4ebf01e | 56 | |
c93d43c6 | 57 | if (file_exists($local_filename)) { |
38b3998b AD |
58 | $mimetype = mime_content_type($local_filename); |
59 | header("Content-type: $mimetype"); | |
60 | ||
61 | $stamp = gmdate("D, d M Y H:i:s", filemtime($local_filename)). " GMT"; | |
62 | header("Last-Modified: $stamp", true); | |
63 | ||
c93d43c6 | 64 | readfile($local_filename); |
c4ebf01e | 65 | } else { |
c55fb22b | 66 | $data = fetch_file_contents(array("url" => $url)); |
51198e7e | 67 | |
c93d43c6 | 68 | if ($data) { |
7611f0c0 AD |
69 | |
70 | $disable_cache = $this->host->get($this, "disable_cache"); | |
71 | ||
6fd03996 | 72 | if (!$disable_cache && strlen($data) > MIN_CACHE_FILE_SIZE) { |
7611f0c0 AD |
73 | if (file_put_contents($local_filename, $data)) { |
74 | $mimetype = mime_content_type($local_filename); | |
75 | header("Content-type: $mimetype"); | |
76 | } | |
38b3998b AD |
77 | } |
78 | ||
c93d43c6 | 79 | print $data; |
bf639865 AD |
80 | } else { |
81 | global $fetch_last_error; | |
82 | global $fetch_last_error_code; | |
83 | global $fetch_last_error_content; | |
84 | ||
c55fb22b | 85 | if (function_exists("imagecreate") && !isset($_REQUEST["text"])) { |
093d4633 | 86 | $img = imagecreate(450, 75); |
bf639865 | 87 | |
21ce7d9e | 88 | /*$bg =*/ imagecolorallocate($img, 255, 255, 255); |
bf639865 AD |
89 | $textcolor = imagecolorallocate($img, 255, 0, 0); |
90 | ||
093d4633 | 91 | imagerectangle($img, 0, 0, 450-1, 75-1, $textcolor); |
bf639865 AD |
92 | |
93 | imagestring($img, 5, 5, 5, "Proxy request failed", $textcolor); | |
093d4633 | 94 | imagestring($img, 5, 5, 30, truncate_middle($url, 46, "..."), $textcolor); |
bf639865 AD |
95 | imagestring($img, 5, 5, 55, "HTTP Code: $fetch_last_error_code", $textcolor); |
96 | ||
97 | header("Content-type: image/png"); | |
98 | print imagepng($img); | |
99 | imagedestroy($img); | |
100 | ||
101 | } else { | |
102 | header("Content-type: text/html"); | |
103 | ||
104 | http_response_code(400); | |
105 | ||
106 | print "<h1>Proxy request failed.</h1>"; | |
107 | print "<p>Fetch error $fetch_last_error ($fetch_last_error_code)</p>"; | |
108 | print "<p>URL: $url</p>"; | |
109 | print "<textarea cols='80' rows='25'>" . htmlspecialchars($fetch_last_error_content) . "</textarea>"; | |
110 | } | |
c93d43c6 | 111 | } |
c4ebf01e | 112 | } |
c4ebf01e AD |
113 | } |
114 | ||
41bead9b | 115 | function rewrite_url_if_needed($url, $all_remote = false) { |
c4ebf01e AD |
116 | $scheme = parse_url($url, PHP_URL_SCHEME); |
117 | ||
8cf37284 AD |
118 | if ($all_remote) { |
119 | $host = parse_url($url, PHP_URL_HOST); | |
120 | $self_host = parse_url(SELF_URL_PATH, PHP_URL_HOST); | |
121 | ||
122 | $is_remote = $host != $self_host; | |
123 | } else { | |
124 | $is_remote = false; | |
125 | } | |
126 | ||
127 | if (($scheme != 'https' && $scheme != "") || $is_remote) { | |
128 | if (strpos($url, "data:") !== 0) { | |
ecab4354 AD |
129 | $parts = parse_url($url); |
130 | ||
131 | foreach (explode(" " , $this->ssl_known_whitelist) as $host) { | |
f2fbb4ee | 132 | if (substr(strtolower($parts['host']), -strlen($host)) === strtolower($host)) { |
ecab4354 | 133 | $parts['scheme'] = 'https'; |
c7360f4a | 134 | $url = build_url($parts); |
135 | if ($all_remote && $is_remote) { | |
136 | break; | |
137 | } else { | |
138 | return $url; | |
139 | } | |
ecab4354 AD |
140 | } |
141 | } | |
142 | ||
143 | return get_self_url_prefix() . "/public.php?op=pluginhandler&plugin=af_zz_imgproxy&pmethod=imgproxy&url=" . | |
51198e7e | 144 | urlencode($url); |
8cf37284 | 145 | } |
c4ebf01e AD |
146 | } |
147 | ||
148 | return $url; | |
149 | } | |
150 | ||
21ce7d9e AD |
151 | /** |
152 | * @SuppressWarnings(PHPMD.UnusedFormalParameter) | |
153 | */ | |
c4ebf01e AD |
154 | function hook_render_article_cdm($article, $api_mode = false) { |
155 | ||
156 | $need_saving = false; | |
8cf37284 | 157 | $proxy_all = $this->host->get($this, "proxy_all"); |
c4ebf01e AD |
158 | |
159 | $doc = new DOMDocument(); | |
160 | if (@$doc->loadHTML($article["content"])) { | |
161 | $xpath = new DOMXPath($doc); | |
162 | $imgs = $xpath->query("//img[@src]"); | |
163 | ||
164 | foreach ($imgs as $img) { | |
41bead9b | 165 | $new_src = $this->rewrite_url_if_needed($img->getAttribute("src"), $proxy_all); |
c4ebf01e AD |
166 | |
167 | if ($new_src != $img->getAttribute("src")) { | |
168 | $img->setAttribute("src", $new_src); | |
c55fb22b | 169 | $img->removeAttribute("srcset"); |
c4ebf01e AD |
170 | |
171 | $need_saving = true; | |
172 | } | |
173 | } | |
174 | ||
175 | $vids = $xpath->query("//video"); | |
176 | ||
177 | foreach ($vids as $vid) { | |
178 | if ($vid->hasAttribute("poster")) { | |
41bead9b | 179 | $new_src = $this->rewrite_url_if_needed($vid->getAttribute("poster"), $proxy_all); |
c4ebf01e AD |
180 | |
181 | if ($new_src != $vid->getAttribute("poster")) { | |
182 | $vid->setAttribute("poster", $new_src); | |
183 | ||
184 | $need_saving = true; | |
185 | } | |
186 | } | |
187 | ||
188 | $vsrcs = $xpath->query("source", $vid); | |
189 | ||
190 | foreach ($vsrcs as $vsrc) { | |
41bead9b | 191 | $new_src = $this->rewrite_url_if_needed($vsrc->getAttribute("src"), $proxy_all); |
c4ebf01e AD |
192 | |
193 | if ($new_src != $vsrc->getAttribute("src")) { | |
194 | $vid->setAttribute("src", $new_src); | |
195 | ||
196 | $need_saving = true; | |
197 | } | |
198 | } | |
199 | } | |
200 | } | |
201 | ||
202 | if ($need_saving) $article["content"] = $doc->saveXML(); | |
203 | ||
204 | return $article; | |
205 | } | |
206 | ||
8cf37284 AD |
207 | function hook_prefs_tab($args) { |
208 | if ($args != "prefFeeds") return; | |
209 | ||
dc8bd8a6 | 210 | print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Image proxy settings (af_zz_imgproxy)')."\">"; |
8cf37284 AD |
211 | |
212 | print "<form dojoType=\"dijit.form.Form\">"; | |
213 | ||
214 | print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\"> | |
215 | evt.preventDefault(); | |
216 | if (this.validate()) { | |
217 | console.log(dojo.objectToQuery(this.getValues())); | |
218 | new Ajax.Request('backend.php', { | |
219 | parameters: dojo.objectToQuery(this.getValues()), | |
220 | onComplete: function(transport) { | |
221 | notify_info(transport.responseText); | |
222 | } | |
223 | }); | |
224 | //this.reset(); | |
225 | } | |
226 | </script>"; | |
227 | ||
228 | print_hidden("op", "pluginhandler"); | |
229 | print_hidden("method", "save"); | |
230 | print_hidden("plugin", "af_zz_imgproxy"); | |
231 | ||
232 | $proxy_all = $this->host->get($this, "proxy_all"); | |
233 | print_checkbox("proxy_all", $proxy_all); | |
7611f0c0 | 234 | print " <label for=\"proxy_all\">" . __("Enable proxy for all remote images.") . "</label><br/>"; |
8cf37284 | 235 | |
7611f0c0 AD |
236 | $disable_cache = $this->host->get($this, "disable_cache"); |
237 | print_checkbox("disable_cache", $disable_cache); | |
238 | print " <label for=\"disable_cache\">" . __("Don't cache files locally.") . "</label>"; | |
8cf37284 AD |
239 | |
240 | print "<p>"; print_button("submit", __("Save")); | |
241 | ||
242 | print "</form>"; | |
243 | ||
244 | print "</div>"; | |
245 | } | |
246 | ||
247 | function save() { | |
248 | $proxy_all = checkbox_to_sql_bool($_POST["proxy_all"]) == "true"; | |
7611f0c0 | 249 | $disable_cache = checkbox_to_sql_bool($_POST["disable_cache"]) == "true"; |
8cf37284 | 250 | |
7611f0c0 AD |
251 | $this->host->set($this, "proxy_all", $proxy_all, false); |
252 | $this->host->set($this, "disable_cache", $disable_cache); | |
8cf37284 AD |
253 | |
254 | echo __("Configuration saved"); | |
255 | } | |
256 | ||
c4ebf01e AD |
257 | function api_version() { |
258 | return 2; | |
259 | } | |
260 | } |