]> git.wh0rd.org - tt-rss.git/blobdiff - include/functions.php
git.wh0rd.org / tt-rss.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
split transparent rewriting of locally cached media URLs to execute after both saniti...
[tt-rss.git] / include / functions.php
diff --git a/include/functions.php b/include/functions.php
index 7ebbe38b38b447137fad23c2cce88290e851b04f..8acea8ef49e652eda2c24f0a79c7dd8a8be7e8d9 100755 (executable)
--- a/include/functions.php
+++ b/include/functions.php
@@ -1564,38 +1564,31 @@
                return false;
        }
 
-       function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) {
-               if (!$owner) $owner = $_SESSION["uid"];
-
-               $res = trim($str); if (!$res) return '';
+       // check for locally cached (media) URLs and rewrite to local versions
+       // this is called separately after sanitize() and plugin render article hooks to allow
+       // plugins work on original source URLs used before caching
 
+       function rewrite_cached_urls($str) {
                $charset_hack = '<head>
                                <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
                        </head>';
 
-               $res = trim($res); if (!$res) return '';
-
-               libxml_use_internal_errors(true);
+               $res = trim($str); if (!$res) return '';
 
                $doc = new DOMDocument();
                $doc->loadHTML($charset_hack . $res);
                $xpath = new DOMXPath($doc);
 
-               $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix();
+               $entries = $xpath->query('(//img[@src]|//video/source[@src]|//audio/source[@src])');
 
-               $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])');
+               $need_saving = false;
 
                foreach ($entries as $entry) {
 
-                       if ($entry->hasAttribute('href')) {
-                               $entry->setAttribute('href',
-                                       rewrite_relative_url($rewrite_base_url, $entry->getAttribute('href')));
-
-                               $entry->setAttribute('rel', 'noopener noreferrer');
-                       }
-
                        if ($entry->hasAttribute('src')) {
-                               $src = rewrite_relative_url($rewrite_base_url, $entry->getAttribute('src'));
+
+                               // should be already absolutized because this is called after sanitize()
+                               $src = $entry->getAttribute('src');
                                $cached_filename = CACHE_DIR . '/images/' . sha1($src);
 
                                if (file_exists($cached_filename)) {
@@ -1613,14 +1606,54 @@
 
                                        $src = get_self_url_prefix() . '/public.php?op=cached_url&hash=' . sha1($src) . $suffix;
 
-                                       if ($entry->hasAttribute('srcset')) {
-                                               $entry->removeAttribute('srcset');
-                                       }
-
-                                       if ($entry->hasAttribute('sizes')) {
-                                               $entry->removeAttribute('sizes');
-                                       }
+                                       $entry->setAttribute('src', $src);
+                                       $need_saving = true;
                                }
+                       }
+               }
+
+               if ($need_saving) {
+                       $doc->removeChild($doc->firstChild); //remove doctype
+                       $res = $doc->saveHTML();
+               }
+
+               return $res;
+       }
+
+       function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) {
+               if (!$owner) $owner = $_SESSION["uid"];
+
+               $res = trim($str); if (!$res) return '';
+
+               $charset_hack = '<head>
+                               <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+                       </head>';
+
+               $res = trim($res); if (!$res) return '';
+
+               libxml_use_internal_errors(true);
+
+               $doc = new DOMDocument();
+               $doc->loadHTML($charset_hack . $res);
+               $xpath = new DOMXPath($doc);
+
+               $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix();
+
+               $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])');
+
+               foreach ($entries as $entry) {
+
+                       if ($entry->hasAttribute('href')) {
+                               $entry->setAttribute('href',
+                                       rewrite_relative_url($rewrite_base_url, $entry->getAttribute('href')));
+
+                               $entry->setAttribute('rel', 'noopener noreferrer');
+                       }
+
+                       if ($entry->hasAttribute('src')) {
+                               $src = rewrite_relative_url($rewrite_base_url, $entry->getAttribute('src'));
+
+                               // cache stuff has gone to rewrite_cached_urls()
 
                                $entry->setAttribute('src', $src);
                        }
@@ -2574,12 +2607,25 @@
                        }
 
                        $mimetype = mime_content_type($filename);
+
+                       // this is hardly ideal but 1) only media is cached in images/ and 2) seemingly only mp4
+                       // video files are detected as octet-stream by mime_content_type()
+
+                       if ($mimetype == "application/octet-stream")
+                               $mimetype = "video/mp4";
+
                        header("Content-type: $mimetype");
 
                        $stamp = gmdate("D, d M Y H:i:s", filemtime($filename)) . " GMT";
                        header("Last-Modified: $stamp", true);
 
-                       return readfile($filename);
+                       if (defined('_NGINX_XACCEL_PREFIX') && _NGINX_XACCEL_PREFIX) {
+                               header("X-Accel-Redirect: " . _NGINX_XACCEL_PREFIX . "/" . $filename);
+
+                               return false;
+                       } else {
+                               return readfile($filename);
+                       }
                } else {
                        return false;
                }
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/