init.php 7.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260
  1. <?php
  2. class Af_Zz_ImgProxy extends Plugin {
  3. private $host;
  4. function about() {
  5. return array(1.0,
  6. "Load insecure images via built-in proxy",
  7. "fox");
  8. }
  9. private $ssl_known_whitelist = "imgur.com gfycat.com i.reddituploads.com pbs.twimg.com i.redd.it i.sli.mg media.tumblr.com";
  10. function is_public_method($method) {
  11. return $method === "imgproxy";
  12. }
  13. function init($host) {
  14. $this->host = $host;
  15. $host->add_hook($host::HOOK_RENDER_ARTICLE, $this);
  16. $host->add_hook($host::HOOK_RENDER_ARTICLE_CDM, $this);
  17. $host->add_hook($host::HOOK_ENCLOSURE_ENTRY, $this);
  18. $host->add_hook($host::HOOK_PREFS_TAB, $this);
  19. }
  20. function hook_enclosure_entry($enc) {
  21. if (preg_match("/image/", $enc["content_type"])) {
  22. $proxy_all = $this->host->get($this, "proxy_all");
  23. $enc["content_url"] = $this->rewrite_url_if_needed($enc["content_url"], $proxy_all);
  24. }
  25. return $enc;
  26. }
  27. function hook_render_article($article) {
  28. return $this->hook_render_article_cdm($article);
  29. }
  30. public function imgproxy() {
  31. $url = rewrite_relative_url(get_self_url_prefix(), $_REQUEST["url"]);
  32. // called without user context, let's just redirect to original URL
  33. if (!$_SESSION["uid"]) {
  34. header("Location: $url");
  35. return;
  36. }
  37. $local_filename = CACHE_DIR . "/images/" . sha1($url);
  38. if ($_REQUEST["debug"] == "1") { print $url . "\n" . $local_filename; die; }
  39. header("Content-Disposition: inline; filename=\"".basename($local_filename)."\"");
  40. if (file_exists($local_filename)) {
  41. $mimetype = mime_content_type($local_filename);
  42. header("Content-type: $mimetype");
  43. $stamp = gmdate("D, d M Y H:i:s", filemtime($local_filename)). " GMT";
  44. header("Last-Modified: $stamp", true);
  45. readfile($local_filename);
  46. } else {
  47. $data = fetch_file_contents(array("url" => $url));
  48. if ($data) {
  49. $disable_cache = $this->host->get($this, "disable_cache");
  50. if (!$disable_cache && strlen($data) > MIN_CACHE_FILE_SIZE) {
  51. if (file_put_contents($local_filename, $data)) {
  52. $mimetype = mime_content_type($local_filename);
  53. header("Content-type: $mimetype");
  54. }
  55. }
  56. print $data;
  57. } else {
  58. global $fetch_last_error;
  59. global $fetch_last_error_code;
  60. global $fetch_last_error_content;
  61. if (function_exists("imagecreate") && !isset($_REQUEST["text"])) {
  62. $img = imagecreate(450, 75);
  63. /*$bg =*/ imagecolorallocate($img, 255, 255, 255);
  64. $textcolor = imagecolorallocate($img, 255, 0, 0);
  65. imagerectangle($img, 0, 0, 450-1, 75-1, $textcolor);
  66. imagestring($img, 5, 5, 5, "Proxy request failed", $textcolor);
  67. imagestring($img, 5, 5, 30, truncate_middle($url, 46, "..."), $textcolor);
  68. imagestring($img, 5, 5, 55, "HTTP Code: $fetch_last_error_code", $textcolor);
  69. header("Content-type: image/png");
  70. print imagepng($img);
  71. imagedestroy($img);
  72. } else {
  73. header("Content-type: text/html");
  74. http_response_code(400);
  75. print "<h1>Proxy request failed.</h1>";
  76. print "<p>Fetch error $fetch_last_error ($fetch_last_error_code)</p>";
  77. print "<p>URL: $url</p>";
  78. print "<textarea cols='80' rows='25'>" . htmlspecialchars($fetch_last_error_content) . "</textarea>";
  79. }
  80. }
  81. }
  82. }
  83. function rewrite_url_if_needed($url, $all_remote = false) {
  84. $scheme = parse_url($url, PHP_URL_SCHEME);
  85. if ($all_remote) {
  86. $host = parse_url($url, PHP_URL_HOST);
  87. $self_host = parse_url(get_self_url_prefix(), PHP_URL_HOST);
  88. $is_remote = $host != $self_host;
  89. } else {
  90. $is_remote = false;
  91. }
  92. if (($scheme != 'https' && $scheme != "") || $is_remote) {
  93. if (strpos($url, "data:") !== 0) {
  94. $parts = parse_url($url);
  95. foreach (explode(" " , $this->ssl_known_whitelist) as $host) {
  96. if (substr(strtolower($parts['host']), -strlen($host)) === strtolower($host)) {
  97. $parts['scheme'] = 'https';
  98. $url = build_url($parts);
  99. if ($all_remote && $is_remote) {
  100. break;
  101. } else {
  102. return $url;
  103. }
  104. }
  105. }
  106. return get_self_url_prefix() . "/public.php?op=pluginhandler&plugin=af_zz_imgproxy&pmethod=imgproxy&url=" .
  107. urlencode($url);
  108. }
  109. }
  110. return $url;
  111. }
  112. /**
  113. * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  114. */
  115. function hook_render_article_cdm($article, $api_mode = false) {
  116. $need_saving = false;
  117. $proxy_all = $this->host->get($this, "proxy_all");
  118. $doc = new DOMDocument();
  119. if (@$doc->loadHTML($article["content"])) {
  120. $xpath = new DOMXPath($doc);
  121. $imgs = $xpath->query("//img[@src]");
  122. foreach ($imgs as $img) {
  123. $new_src = $this->rewrite_url_if_needed($img->getAttribute("src"), $proxy_all);
  124. if ($new_src != $img->getAttribute("src")) {
  125. $img->setAttribute("src", $new_src);
  126. $img->removeAttribute("srcset");
  127. $need_saving = true;
  128. }
  129. }
  130. $vids = $xpath->query("//video");
  131. foreach ($vids as $vid) {
  132. if ($vid->hasAttribute("poster")) {
  133. $new_src = $this->rewrite_url_if_needed($vid->getAttribute("poster"), $proxy_all);
  134. if ($new_src != $vid->getAttribute("poster")) {
  135. $vid->setAttribute("poster", $new_src);
  136. $need_saving = true;
  137. }
  138. }
  139. $vsrcs = $xpath->query("source", $vid);
  140. foreach ($vsrcs as $vsrc) {
  141. $new_src = $this->rewrite_url_if_needed($vsrc->getAttribute("src"), $proxy_all);
  142. if ($new_src != $vsrc->getAttribute("src")) {
  143. $vid->setAttribute("src", $new_src);
  144. $need_saving = true;
  145. }
  146. }
  147. }
  148. }
  149. if ($need_saving) $article["content"] = $doc->saveXML();
  150. return $article;
  151. }
  152. function hook_prefs_tab($args) {
  153. if ($args != "prefFeeds") return;
  154. print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Image proxy settings (af_zz_imgproxy)')."\">";
  155. print "<form dojoType=\"dijit.form.Form\">";
  156. print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
  157. evt.preventDefault();
  158. if (this.validate()) {
  159. console.log(dojo.objectToQuery(this.getValues()));
  160. new Ajax.Request('backend.php', {
  161. parameters: dojo.objectToQuery(this.getValues()),
  162. onComplete: function(transport) {
  163. notify_info(transport.responseText);
  164. }
  165. });
  166. //this.reset();
  167. }
  168. </script>";
  169. print_hidden("op", "pluginhandler");
  170. print_hidden("method", "save");
  171. print_hidden("plugin", "af_zz_imgproxy");
  172. $proxy_all = $this->host->get($this, "proxy_all");
  173. print_checkbox("proxy_all", $proxy_all);
  174. print "&nbsp;<label for=\"proxy_all\">" . __("Enable proxy for all remote images.") . "</label><br/>";
  175. $disable_cache = $this->host->get($this, "disable_cache");
  176. print_checkbox("disable_cache", $disable_cache);
  177. print "&nbsp;<label for=\"disable_cache\">" . __("Don't cache files locally.") . "</label>";
  178. print "<p>"; print_button("submit", __("Save"));
  179. print "</form>";
  180. print "</div>";
  181. }
  182. function save() {
  183. $proxy_all = checkbox_to_sql_bool($_POST["proxy_all"]) == "true";
  184. $disable_cache = checkbox_to_sql_bool($_POST["disable_cache"]) == "true";
  185. $this->host->set($this, "proxy_all", $proxy_all, false);
  186. $this->host->set($this, "disable_cache", $disable_cache);
  187. echo __("Configuration saved");
  188. }
  189. function api_version() {
  190. return 2;
  191. }
  192. }