| Line 41... |
Line 41... |
| 41 |
|
41 |
|
| 42 |
if (version_compare(PHP_VERSION, "5.4.7", "<")) {
|
42 |
if (version_compare(PHP_VERSION, "5.4.7", "<")) {
|
| 43 |
die("miniProxy requires PHP version 5.4.7 or later.");
|
43 |
die("miniProxy requires PHP version 5.4.7 or later.");
|
| 44 |
}
|
44 |
}
|
| 45 |
|
45 |
|
| 46 |
$requiredExtensions = ['curl', 'mbstring', 'xml'];
|
46 |
$requiredExtensions = ["curl", "mbstring", "xml"];
|
| 47 |
foreach($requiredExtensions as $requiredExtension) {
|
47 |
foreach($requiredExtensions as $requiredExtension) {
|
| 48 |
if (!extension_loaded($requiredExtension)) {
|
48 |
if (!extension_loaded($requiredExtension)) {
|
| 49 |
die("miniProxy requires PHP's \"" . $requiredExtension . "\" extension. Please install/enable it on your server and try again.");
|
49 |
die("miniProxy requires PHP's \"" . $requiredExtension . "\" extension. Please install/enable it on your server and try again.");
|
| 50 |
}
|
50 |
}
|
| 51 |
}
|
51 |
}
|
| Line 150... |
Line 150... |
| 150 |
"Content-Length",
|
150 |
"Content-Length",
|
| 151 |
"Host",
|
151 |
"Host",
|
| 152 |
"Origin"
|
152 |
"Origin"
|
| 153 |
));
|
153 |
));
|
| 154 |
|
154 |
|
| 155 |
array_change_key_case($removedHeaders, CASE_LOWER);
|
155 |
$removedHeaders = array_map("strtolower", $removedHeaders);
|
| 156 |
|
156 |
|
| 157 |
curl_setopt($ch, CURLOPT_ENCODING, "");
|
157 |
curl_setopt($ch, CURLOPT_ENCODING, "");
|
| 158 |
//Transform the associative array from getallheaders() into an
|
158 |
//Transform the associative array from getallheaders() into an
|
| 159 |
//indexed array of header strings to be passed to cURL.
|
159 |
//indexed array of header strings to be passed to cURL.
|
| 160 |
$curlRequestHeaders = array();
|
160 |
$curlRequestHeaders = array();
|
| Line 164... |
Line 164... |
| 164 |
if (!$anonymize) {
|
164 |
if (!$anonymize) {
|
| 165 |
$curlRequestHeaders[] = "X-Forwarded-For: " . $_SERVER["REMOTE_ADDR"];
|
165 |
$curlRequestHeaders[] = "X-Forwarded-For: " . $_SERVER["REMOTE_ADDR"];
|
| 166 |
}
|
166 |
}
|
| 167 |
//Any `origin` header sent by the browser will refer to the proxy itself.
|
167 |
//Any `origin` header sent by the browser will refer to the proxy itself.
|
| 168 |
//If an `origin` header is present in the request, rewrite it to point to the correct origin.
|
168 |
//If an `origin` header is present in the request, rewrite it to point to the correct origin.
|
| 169 |
if (array_key_exists('origin', $removedHeaders)) {
|
169 |
if (in_array("origin", $removedHeaders)) {
|
| 170 |
$urlParts = parse_url($url);
|
170 |
$urlParts = parse_url($url);
|
| 171 |
$port = $urlParts['port'];
|
171 |
$port = $urlParts['port'];
|
| 172 |
$curlRequestHeaders[] = "Origin: " . $urlParts['scheme'] . "://" . $urlParts['host'] . (empty($port) ? "" : ":" . $port);
|
172 |
$curlRequestHeaders[] = "Origin: " . $urlParts['scheme'] . "://" . $urlParts['host'] . (empty($port) ? "" : ":" . $port);
|
| 173 |
};
|
173 |
};
|
| 174 |
curl_setopt($ch, CURLOPT_HTTPHEADER, $curlRequestHeaders);
|
174 |
curl_setopt($ch, CURLOPT_HTTPHEADER, $curlRequestHeaders);
|
| Line 476... |
Line 476... |
| 476 |
//Proxify any of these attributes appearing in any tag.
|
476 |
//Proxify any of these attributes appearing in any tag.
|
| 477 |
$proxifyAttributes = array("href", "src");
|
477 |
$proxifyAttributes = array("href", "src");
|
| 478 |
foreach($proxifyAttributes as $attrName) {
|
478 |
foreach($proxifyAttributes as $attrName) {
|
| 479 |
foreach($xpath->query("//*[@" . $attrName . "]") as $element) { //For every element with the given attribute...
|
479 |
foreach($xpath->query("//*[@" . $attrName . "]") as $element) { //For every element with the given attribute...
|
| 480 |
$attrContent = $element->getAttribute($attrName);
|
480 |
$attrContent = $element->getAttribute($attrName);
|
| 481 |
if ($attrName == "href" && preg_match("/^(about|javascript|magnet|mailto):/i", $attrContent)) continue;
|
481 |
if ($attrName == "href" && preg_match("/^(about|javascript|magnet|mailto):|#/i", $attrContent)) continue;
|
| - |
|
482 |
if ($attrName == "src" && preg_match("/^(data):/i", $attrContent)) continue;
|
| 482 |
$attrContent = rel2abs($attrContent, $url);
|
483 |
$attrContent = rel2abs($attrContent, $url);
|
| 483 |
$attrContent = PROXY_PREFIX . $attrContent;
|
484 |
$attrContent = PROXY_PREFIX . $attrContent;
|
| 484 |
$element->setAttribute($attrName, $attrContent);
|
485 |
$element->setAttribute($attrName, $attrContent);
|
| 485 |
}
|
486 |
}
|
| 486 |
}
|
487 |
}
|
| Line 496... |
Line 497... |
| 496 |
//TODO: This is obviously only useful for browsers that use XMLHttpRequest but
|
497 |
//TODO: This is obviously only useful for browsers that use XMLHttpRequest but
|
| 497 |
//it's better than nothing.
|
498 |
//it's better than nothing.
|
| 498 |
|
499 |
|
| 499 |
$head = $xpath->query("//head")->item(0);
|
500 |
$head = $xpath->query("//head")->item(0);
|
| 500 |
$body = $xpath->query("//body")->item(0);
|
501 |
$body = $xpath->query("//body")->item(0);
|
| 501 |
$prependElem = $head != NULL ? $head : $body;
|
502 |
$prependElem = $head != null ? $head : $body;
|
| 502 |
|
503 |
|
| 503 |
//Only bother trying to apply this hack if the DOM has a <head> or <body> element;
|
504 |
//Only bother trying to apply this hack if the DOM has a <head> or <body> element;
|
| 504 |
//insert some JavaScript at the top of whichever is available first.
|
505 |
//insert some JavaScript at the top of whichever is available first.
|
| 505 |
//Protects against cases where the server sends a Content-Type of "text/html" when
|
506 |
//Protects against cases where the server sends a Content-Type of "text/html" when
|
| 506 |
//what's coming back is most likely not actually HTML.
|
507 |
//what's coming back is most likely not actually HTML.
|
| 507 |
//TODO: Do this check before attempting to do any sort of DOM parsing?
|
508 |
//TODO: Do this check before attempting to do any sort of DOM parsing?
|
| 508 |
if ($prependElem != NULL) {
|
509 |
if ($prependElem != null) {
|
| 509 |
|
510 |
|
| 510 |
$scriptElem = $doc->createElement("script",
|
511 |
$scriptElem = $doc->createElement("script",
|
| 511 |
'(function() {
|
512 |
'(function() {
|
| 512 |
|
513 |
|
| 513 |
if (window.XMLHttpRequest) {
|
514 |
if (window.XMLHttpRequest) {
|
| Line 559... |
Line 560... |
| 559 |
var proxied = window.XMLHttpRequest.prototype.open;
|
560 |
var proxied = window.XMLHttpRequest.prototype.open;
|
| 560 |
window.XMLHttpRequest.prototype.open = function() {
|
561 |
window.XMLHttpRequest.prototype.open = function() {
|
| 561 |
if (arguments[1] !== null && arguments[1] !== undefined) {
|
562 |
if (arguments[1] !== null && arguments[1] !== undefined) {
|
| 562 |
var url = arguments[1];
|
563 |
var url = arguments[1];
|
| 563 |
url = rel2abs("' . $url . '", url);
|
564 |
url = rel2abs("' . $url . '", url);
|
| - |
|
565 |
if (url.indexOf("' . PROXY_PREFIX . '") == -1) {
|
| 564 |
url = "' . PROXY_PREFIX . '" + url;
|
566 |
url = "' . PROXY_PREFIX . '" + url;
|
| - |
|
567 |
}
|
| 565 |
arguments[1] = url;
|
568 |
arguments[1] = url;
|
| 566 |
}
|
569 |
}
|
| 567 |
return proxied.apply(this, [].slice.call(arguments));
|
570 |
return proxied.apply(this, [].slice.call(arguments));
|
| 568 |
};
|
571 |
};
|
| 569 |
|
572 |
|