]> git.wh0rd.org - tt-rss.git/blob - plugins/af_zz_imgproxy/init.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
af_zz_imgproxy: redirect to caller url unless called in user context
[tt-rss.git] / plugins / af_zz_imgproxy / init.php
1 <?php
2 class Af_Zz_ImgProxy extends Plugin {
3 private $host;
4
5 function about() {
6 return array(1.0,
7 "Load insecure images via built-in proxy",
8 "fox");
9 }
10
11 function is_public_method($method) {
12 return $method === "imgproxy";
13 }
14
15 function init($host) {
16 $this->host = $host;
17
18 $host->add_hook($host::HOOK_RENDER_ARTICLE, $this);
19 $host->add_hook($host::HOOK_RENDER_ARTICLE_CDM, $this);
20 $host->add_hook($host::HOOK_RENDER_ARTICLE_API, $this);
21
22 $host->add_hook($host::HOOK_PREFS_TAB, $this);
23 }
24
25 function hook_render_article($article) {
26 return $this->hook_render_article_cdm($article);
27 }
28
29 function hook_render_article_api($headline) {
30 return $this->hook_render_article_cdm($headline["headline"], true);
31 }
32
33 public function imgproxy() {
34
35 $url = rewrite_relative_url(SELF_URL_PATH, $_REQUEST["url"]);
36 $kind = (int) $_REQUEST["kind"]; // 1 = video
37
38 // called without user context, let's just redirect to original URL
39 if (!$_SESSION["uid"]) {
40 header("Location: $url");
41 return;
42 }
43
44 $extension = $kind == 1 ? '.mp4' : '.png';
45 $local_filename = CACHE_DIR . "/images/" . sha1($url) . $extension;
46
47 if ($_REQUEST["debug"] == "1") { print $url . "\n" . $local_filename; die; }
48
49 header("Content-Disposition: inline; filename=\"".basename($local_filename)."\"");
50
51 if (file_exists($local_filename)) {
52 $mimetype = mime_content_type($local_filename);
53 header("Content-type: $mimetype");
54
55 $stamp = gmdate("D, d M Y H:i:s", filemtime($local_filename)). " GMT";
56 header("Last-Modified: $stamp", true);
57
58 readfile($local_filename);
59 } else {
60 $data = fetch_file_contents(array("url" => $url));
61
62 if ($data) {
63 if (file_put_contents($local_filename, $data)) {
64 $mimetype = mime_content_type($local_filename);
65 header("Content-type: $mimetype");
66 }
67
68 print $data;
69 }
70 }
71 }
72
73 function rewrite_url_if_needed($url, $kind, $all_remote = false) {
74 $scheme = parse_url($url, PHP_URL_SCHEME);
75
76 if ($all_remote) {
77 $host = parse_url($url, PHP_URL_HOST);
78 $self_host = parse_url(SELF_URL_PATH, PHP_URL_HOST);
79
80 $is_remote = $host != $self_host;
81 } else {
82 $is_remote = false;
83 }
84
85 if (($scheme != 'https' && $scheme != "") || $is_remote) {
86 if (strpos($url, "data:") !== 0) {
87 $url = "public.php?op=pluginhandler&plugin=af_zz_imgproxy&pmethod=imgproxy&kind=$kind&url=" .
88 urlencode($url);
89 }
90 }
91
92 return $url;
93 }
94
95 function hook_render_article_cdm($article, $api_mode = false) {
96
97 $need_saving = false;
98 $proxy_all = $this->host->get($this, "proxy_all");
99
100 $doc = new DOMDocument();
101 if (@$doc->loadHTML($article["content"])) {
102 $xpath = new DOMXPath($doc);
103 $imgs = $xpath->query("//img[@src]");
104
105 foreach ($imgs as $img) {
106 $new_src = $this->rewrite_url_if_needed($img->getAttribute("src"), 0, $proxy_all);
107
108 if ($new_src != $img->getAttribute("src")) {
109 $img->setAttribute("src", $new_src);
110
111 $need_saving = true;
112 }
113 }
114
115 $vids = $xpath->query("//video");
116
117 foreach ($vids as $vid) {
118 if ($vid->hasAttribute("poster")) {
119 $new_src = $this->rewrite_url_if_needed($vid->getAttribute("poster"), 0, $proxy_all);
120
121 if ($new_src != $vid->getAttribute("poster")) {
122 $vid->setAttribute("poster", $new_src);
123
124 $need_saving = true;
125 }
126 }
127
128 $vsrcs = $xpath->query("source", $vid);
129
130 foreach ($vsrcs as $vsrc) {
131 $new_src = $this->rewrite_url_if_needed($vsrc->getAttribute("src"), 1, $proxy_all);
132
133 if ($new_src != $vsrc->getAttribute("src")) {
134 $vid->setAttribute("src", $new_src);
135
136 $need_saving = true;
137 }
138 }
139 }
140 }
141
142 if ($need_saving) $article["content"] = $doc->saveXML();
143
144 return $article;
145 }
146
147 function hook_prefs_tab($args) {
148 if ($args != "prefFeeds") return;
149
150 print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Image proxy settings (af_zz_imgproxy)')."\">";
151
152 print "<form dojoType=\"dijit.form.Form\">";
153
154 print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
155 evt.preventDefault();
156 if (this.validate()) {
157 console.log(dojo.objectToQuery(this.getValues()));
158 new Ajax.Request('backend.php', {
159 parameters: dojo.objectToQuery(this.getValues()),
160 onComplete: function(transport) {
161 notify_info(transport.responseText);
162 }
163 });
164 //this.reset();
165 }
166 </script>";
167
168 print_hidden("op", "pluginhandler");
169 print_hidden("method", "save");
170 print_hidden("plugin", "af_zz_imgproxy");
171
172 $proxy_all = $this->host->get($this, "proxy_all");
173 print_checkbox("proxy_all", $proxy_all);
174
175 print "&nbsp;<label for=\"proxy_all\">" . __("Enable proxy for all remote images.") . "</label>";
176
177 print "<p>"; print_button("submit", __("Save"));
178
179 print "</form>";
180
181 print "</div>";
182 }
183
184 function save() {
185 $proxy_all = checkbox_to_sql_bool($_POST["proxy_all"]) == "true";
186
187 $this->host->set($this, "proxy_all", $proxy_all);
188
189 echo __("Configuration saved");
190 }
191
192 function api_version() {
193 return 2;
194 }
195 }
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/