From ecab435420438e355d45a4adea33aeee26b9ca0d Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 20 Apr 2017 09:09:00 +0300 Subject: [PATCH] af_zz_imgproxy: implement a whitelist of known sites that have optional SSL --- plugins/af_zz_imgproxy/init.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/plugins/af_zz_imgproxy/init.php b/plugins/af_zz_imgproxy/init.php index a07ff561..43b3fe7f 100644 --- a/plugins/af_zz_imgproxy/init.php +++ b/plugins/af_zz_imgproxy/init.php @@ -8,6 +8,8 @@ class Af_Zz_ImgProxy extends Plugin { "fox"); } + private $ssl_known_whitelist = "imgur.com i.reddituploads.com pbs.twimg.com i.redd.it i.sli.mg media.tumblr.com"; + function is_public_method($method) { return $method === "imgproxy"; } @@ -119,7 +121,17 @@ class Af_Zz_ImgProxy extends Plugin { if (($scheme != 'https' && $scheme != "") || $is_remote) { if (strpos($url, "data:") !== 0) { - $url = get_self_url_prefix() . "/public.php?op=pluginhandler&plugin=af_zz_imgproxy&pmethod=imgproxy&url=" . + $parts = parse_url($url); + + foreach (explode(" " , $this->ssl_known_whitelist) as $host) { + if (strpos($parts['host'], $host) !== FALSE) { + $parts['scheme'] = 'https'; + + return build_url($parts); + } + } + + return get_self_url_prefix() . "/public.php?op=pluginhandler&plugin=af_zz_imgproxy&pmethod=imgproxy&url=" . urlencode($url); } } -- 2.39.5