plugins/af_zz_imgproxy/init.php

   1 <?php
   2 class Af_Zz_ImgProxy extends Plugin {
   3         private $host;
   4
   5         function about() {
   6                 return array(1.0,
   7                         "Load insecure images via built-in proxy",
   8                         "fox");
   9         }
  10
  11         private $ssl_known_whitelist = "imgur.com gfycat.com i.reddituploads.com pbs.twimg.com i.redd.it i.sli.mg media.tumblr.com";
  12
  13         function is_public_method($method) {
  14                 return $method === "imgproxy";
  15         }
  16
  17         function init($host) {
  18                 $this->host = $host;
  19
  20                 $host->add_hook($host::HOOK_RENDER_ARTICLE, $this);
  21                 $host->add_hook($host::HOOK_RENDER_ARTICLE_CDM, $this);
  22                 $host->add_hook($host::HOOK_ENCLOSURE_ENTRY, $this);
  23
  24                 $host->add_hook($host::HOOK_PREFS_TAB, $this);
  25         }
  26
  27         function hook_enclosure_entry($enc) {
  28                 if (preg_match("/image/", $enc["content_type"])) {
  29                         $proxy_all = $this->host->get($this, "proxy_all");
  30
  31                         $enc["content_url"] = $this->rewrite_url_if_needed($enc["content_url"], $proxy_all);
  32                 }
  33
  34                 return $enc;
  35         }
  36
  37         function hook_render_article($article) {
  38                 return $this->hook_render_article_cdm($article);
  39         }
  40
  41         public function imgproxy() {
  42
  43                 $url = rewrite_relative_url(SELF_URL_PATH, $_REQUEST["url"]);
  44
  45                 // called without user context, let's just redirect to original URL
  46                 if (!$_SESSION["uid"]) {
  47                         header("Location: $url");
  48                         return;
  49                 }
  50
  51                 $local_filename = CACHE_DIR . "/images/" . sha1($url);
  52
  53                 if ($_REQUEST["debug"] == "1") { print $url . "\n" . $local_filename; die; }
  54
  55                 header("Content-Disposition: inline; filename=\"".basename($local_filename)."\"");
  56
  57                 if (file_exists($local_filename)) {
  58                         $mimetype = mime_content_type($local_filename);
  59                         header("Content-type: $mimetype");
  60
  61                         $stamp = gmdate("D, d M Y H:i:s", filemtime($local_filename)). " GMT";
  62                         header("Last-Modified: $stamp", true);
  63
  64                         readfile($local_filename);
  65                 } else {
  66                         $data = fetch_file_contents(array("url" => $url));
  67
  68                         if ($data) {
  69                                 if (file_put_contents($local_filename, $data)) {
  70                                         $mimetype = mime_content_type($local_filename);
  71                                         header("Content-type: $mimetype");
  72                                 }
  73
  74                                 print $data;
  75                         } else {
  76                                 global $fetch_last_error;
  77                                 global $fetch_last_error_code;
  78                                 global $fetch_last_error_content;
  79
  80                                 if (function_exists("imagecreate") && !isset($_REQUEST["text"])) {
  81                                         $img = imagecreate(450, 75);
  82
  83                                         /*$bg =*/ imagecolorallocate($img, 255, 255, 255);
  84                                         $textcolor = imagecolorallocate($img, 255, 0, 0);
  85
  86                                         imagerectangle($img, 0, 0, 450-1, 75-1, $textcolor);
  87
  88                                         imagestring($img, 5, 5, 5, "Proxy request failed", $textcolor);
  89                                         imagestring($img, 5, 5, 30, truncate_middle($url, 46, "..."), $textcolor);
  90                                         imagestring($img, 5, 5, 55, "HTTP Code: $fetch_last_error_code", $textcolor);
  91
  92                                         header("Content-type: image/png");
  93                                         print imagepng($img);
  94                                         imagedestroy($img);
  95
  96                                 } else {
  97                                         header("Content-type: text/html");
  98
  99                                         http_response_code(400);
 100
 101                                         print "<h1>Proxy request failed.</h1>";
 102                                         print "<p>Fetch error $fetch_last_error ($fetch_last_error_code)</p>";
 103                                         print "<p>URL: $url</p>";
 104                                         print "<textarea cols='80' rows='25'>" . htmlspecialchars($fetch_last_error_content) . "</textarea>";
 105                                 }
 106                         }
 107                 }
 108         }
 109
 110         function rewrite_url_if_needed($url, $all_remote = false) {
 111                 $scheme = parse_url($url, PHP_URL_SCHEME);
 112
 113                 if ($all_remote) {
 114                         $host = parse_url($url, PHP_URL_HOST);
 115                         $self_host = parse_url(SELF_URL_PATH, PHP_URL_HOST);
 116
 117                         $is_remote = $host != $self_host;
 118                 } else {
 119                         $is_remote = false;
 120                 }
 121
 122                 if (($scheme != 'https' && $scheme != "") || $is_remote) {
 123                         if (strpos($url, "data:") !== 0) {
 124                                 $parts = parse_url($url);
 125
 126                                 foreach (explode(" " , $this->ssl_known_whitelist) as $host) {
 127                                         if (substr(strtolower($parts['host']), -strlen($host)) === strtolower($host)) {
 128                                                 $parts['scheme'] = 'https';
 129                                                 $url = build_url($parts);
 130                                                 if ($all_remote && $is_remote) {
 131                                                         break;
 132                                                 } else {
 133                                                         return $url;
 134                                                 }
 135                                         }
 136                                 }
 137
 138                                 return get_self_url_prefix() . "/public.php?op=pluginhandler&plugin=af_zz_imgproxy&pmethod=imgproxy&url=" .
 139                                         urlencode($url);
 140                         }
 141                 }
 142
 143                 return $url;
 144         }
 145
 146         /**
 147          * @SuppressWarnings(PHPMD.UnusedFormalParameter)
 148          */
 149         function hook_render_article_cdm($article, $api_mode = false) {
 150
 151                 $need_saving = false;
 152                 $proxy_all = $this->host->get($this, "proxy_all");
 153
 154                 $doc = new DOMDocument();
 155                 if (@$doc->loadHTML($article["content"])) {
 156                         $xpath = new DOMXPath($doc);
 157                         $imgs = $xpath->query("//img[@src]");
 158
 159                         foreach ($imgs as $img) {
 160                                 $new_src = $this->rewrite_url_if_needed($img->getAttribute("src"), $proxy_all);
 161
 162                                 if ($new_src != $img->getAttribute("src")) {
 163                                         $img->setAttribute("src", $new_src);
 164                                         $img->removeAttribute("srcset");
 165
 166                                         $need_saving = true;
 167                                 }
 168                         }
 169
 170                         $vids = $xpath->query("//video");
 171
 172                         foreach ($vids as $vid) {
 173                                 if ($vid->hasAttribute("poster")) {
 174                                         $new_src = $this->rewrite_url_if_needed($vid->getAttribute("poster"), $proxy_all);
 175
 176                                         if ($new_src != $vid->getAttribute("poster")) {
 177                                                 $vid->setAttribute("poster", $new_src);
 178
 179                                                 $need_saving = true;
 180                                         }
 181                                 }
 182
 183                                 $vsrcs = $xpath->query("source", $vid);
 184
 185                                 foreach ($vsrcs as $vsrc) {
 186                                         $new_src = $this->rewrite_url_if_needed($vsrc->getAttribute("src"), $proxy_all);
 187
 188                                         if ($new_src != $vsrc->getAttribute("src")) {
 189                                                 $vid->setAttribute("src", $new_src);
 190
 191                                                 $need_saving = true;
 192                                         }
 193                                 }
 194                         }
 195                 }
 196
 197                 if ($need_saving) $article["content"] = $doc->saveXML();
 198
 199                 return $article;
 200         }
 201
 202         function hook_prefs_tab($args) {
 203                 if ($args != "prefFeeds") return;
 204
 205                 print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Image proxy settings (af_zz_imgproxy)')."\">";
 206
 207                 print "<form dojoType=\"dijit.form.Form\">";
 208
 209                 print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
 210                         evt.preventDefault();
 211                         if (this.validate()) {
 212                                 console.log(dojo.objectToQuery(this.getValues()));
 213                                 new Ajax.Request('backend.php', {
 214                                         parameters: dojo.objectToQuery(this.getValues()),
 215                                         onComplete: function(transport) {
 216                                                 notify_info(transport.responseText);
 217                                         }
 218                                 });
 219                                 //this.reset();
 220                         }
 221                         </script>";
 222
 223                 print_hidden("op", "pluginhandler");
 224                 print_hidden("method", "save");
 225                 print_hidden("plugin", "af_zz_imgproxy");
 226
 227                 $proxy_all = $this->host->get($this, "proxy_all");
 228                 print_checkbox("proxy_all", $proxy_all);
 229
 230                 print "&nbsp;<label for=\"proxy_all\">" . __("Enable proxy for all remote images.") . "</label>";
 231
 232                 print "<p>"; print_button("submit", __("Save"));
 233
 234                 print "</form>";
 235
 236                 print "</div>";
 237         }
 238
 239         function save() {
 240                 $proxy_all = checkbox_to_sql_bool($_POST["proxy_all"]) == "true";
 241
 242                 $this->host->set($this, "proxy_all", $proxy_all);
 243
 244                 echo __("Configuration saved");
 245         }
 246
 247         function api_version() {
 248                 return 2;
 249         }
 250 }