flashii/misuzu
flashii/misuzu
1
1
Fork 0
Code Issues Pull requests Releases 159 Wiki Activity Actions

Removed unused built-in media proxy.

Browse source
This commit is contained in:
flash 2023-01-01 20:27:25 +00:00
parent 4f35e5e487
commit 08f8f59fe6
6 changed files with 6 additions and 115 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

96
public/proxy.php
View file

@ -1,96 +0,0 @@
<?php
namespace Misuzu;
use Index\Serialisation\Serialiser;
use Misuzu\Config\CfgType;
require_once '../misuzu.php';
$acceptedProtocols = ['http', 'https'];
$acceptedMimeTypes = [
'image/png', 'image/jpeg', 'image/jpg', 'image/bmp', 'image/x-bmp', 'image/gif', 'image/svg', 'image/svg+xml', 'image/tiff', 'image/tiff-fx', 'image/webp',
'video/mp4', 'video/webm', 'video/x-msvideo', 'video/vnd.avi', 'video/msvideo', 'video/avi', 'video/mpeg', 'video/ogg',
'audio/aac', 'audio/aacp', 'audio/3gpp', 'audio/3gpp2', 'audio/mp4', 'audio/mp4a-latm', 'audio/mpeg4-generic',
'audio/ogg', 'audio/mp3', 'audio/mpeg', 'audio/mpa', 'audio/mpa-robust',
'audio/wav', 'audio/vnd.wave', 'audio/wave', 'audio/x-wav', 'audio/webm', 'audio/x-flac', 'audio/flac',
];
header('Cache-Control: max-age=600');
$splitPath = explode('/', $_SERVER['PATH_INFO'] ?? '', 3);
$proxyHash = $splitPath[1] ?? '';
$proxyUrl = $splitPath[2] ?? '';
if(empty($proxyHash) || empty($proxyUrl)) {
http_response_code(400);
echo '400.1';
return;
}
$proxyUrlDecoded = Serialiser::uriBase64()->deserialise($proxyUrl, true);
$parsedUrl = parse_url($proxyUrlDecoded);
if(empty($parsedUrl['scheme'])
|| empty($parsedUrl['host'])
|| !in_array($parsedUrl['scheme'], $acceptedProtocols, true)) {
http_response_code(400);
echo '400.2';
return;
}
if(!$cfg->getValue('media_proxy.enable', CfgType::T_BOOL)) {
redirect($proxyUrlDecoded);
return;
}
$proxySecret = $cfg->getValue('media_proxy.secret', CfgType::T_STR, 'insecure');
$expectedHash = hash_hmac('sha256', $proxyUrl, $proxySecret);
if(!hash_equals($expectedHash, $proxyHash)) {
http_response_code(400);
echo '400.3';
return;
}
$curl = curl_init($proxyUrlDecoded);
curl_setopt_array($curl, [
CURLOPT_CERTINFO => false,
CURLOPT_FAILONERROR => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TCP_FASTOPEN => true,
CURLOPT_CONNECTTIMEOUT => 2,
CURLOPT_MAXREDIRS => 4,
CURLOPT_PROTOCOLS => CURLPROTO_HTTP | CURLPROTO_HTTPS,
CURLOPT_TIMEOUT => 10,
CURLOPT_USERAGENT => 'Mozilla/5.0 (compatible) Misuzu/' . GitInfo::tag(),
]);
$curlBody = curl_exec($curl);
curl_close($curl);
$entityTag = 'W/"' . hash('sha256', $curlBody) . '"';
if(!empty($_SERVER['HTTP_IF_NONE_MATCH']) && $_SERVER['HTTP_IF_NONE_MATCH'] === $entityTag) {
http_response_code(304);
return;
}
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$fileMime = strtolower(finfo_buffer($finfo, $curlBody));
finfo_close($finfo);
if(!in_array($fileMime, $acceptedMimeTypes, true)) {
http_response_code(404);
echo '404.1';
return;
}
$fileSize = strlen($curlBody);
$fileName = basename($parsedUrl['path'] ?? "proxied-image-{$expectedHash}");
header("Content-Type: {$fileMime}");
header("Content-Length: {$fileSize}");
header("Content-Disposition: inline; filename=\"{$fileName}\"");
header("ETag: {$entityTag}");
echo $curlBody;

2
src/Parsers/BBCode/Tags/AudioTag.php
View file

@ -16,7 +16,7 @@ final class AudioTag extends BBCodeTag {
//$url['host'] = mb_strtolower($url['host']); //$url['host'] = mb_strtolower($url['host']);
$mediaUrl = url_proxy_media($matches[1]); //$mediaUrl = url_proxy_media($matches[1]);
return "<audio controls src='{$mediaUrl}'></audio>"; return "<audio controls src='{$mediaUrl}'></audio>";
}, },
$text $text

2
src/Parsers/BBCode/Tags/ImageTag.php
View file

@ -6,7 +6,7 @@ use Misuzu\Parsers\BBCode\BBCodeTag;
final class ImageTag extends BBCodeTag { final class ImageTag extends BBCodeTag {
public function parseText(string $text): string { public function parseText(string $text): string {
return preg_replace_callback("/\[img\]((?:https?:\/\/).+?)\[\/img\]/", function ($matches) { return preg_replace_callback("/\[img\]((?:https?:\/\/).+?)\[\/img\]/", function ($matches) {
$mediaUrl = url_proxy_media($matches[1]); //$mediaUrl = url_proxy_media($matches[1]);
return sprintf('<img src="%s" alt="%s" style="max-width:100%%;max-height:900px;">', $mediaUrl, $matches[1]); return sprintf('<img src="%s" alt="%s" style="max-width:100%%;max-height:900px;">', $mediaUrl, $matches[1]);
}, $text); }, $text);
} }

2
src/Parsers/BBCode/Tags/VideoTag.php
View file

@ -43,7 +43,7 @@ final class VideoTag extends BBCodeTag {
} }
} }
$mediaUrl = url_proxy_media($matches[1]); //$mediaUrl = url_proxy_media($matches[1]);
return sprintf('<video controls src="%s" style="max-width:100%%;max-height:100%%;"></video>', $mediaUrl); return sprintf('<video controls src="%s" style="max-width:100%%;max-height:100%%;"></video>', $mediaUrl);
}, },
$text $text

6
src/Parsers/MarkdownParser.php
View file

@ -15,9 +15,9 @@ class MarkdownParser extends Parsedown implements ParserInterface {
protected function inlineImage($excerpt) { protected function inlineImage($excerpt) {
$object = parent::inlineImage($excerpt); $object = parent::inlineImage($excerpt);
if(!empty($object['element']['attributes']['src']) && !is_local_url($object['element']['attributes']['src'])) { //if(!empty($object['element']['attributes']['src']) && !is_local_url($object['element']['attributes']['src'])) {
$object['element']['attributes']['src'] = url_proxy_media($object['element']['attributes']['src']); // $object['element']['attributes']['src'] = url_proxy_media($object['element']['attributes']['src']);
} //}
return $object; return $object;
} }

13
src/url.php
View file

@ -10,7 +10,6 @@
define('MSZ_URLS', [ define('MSZ_URLS', [
'index' => ['/'], 'index' => ['/'],
'info' => ['/info/<title>'], 'info' => ['/info/<title>'],
'media-proxy' => ['/proxy.php/<hash>/<url>'],
'search-index' => ['/search.php'], 'search-index' => ['/search.php'],
'search-query' => ['/search.php', ['q' => '<query>']], 'search-query' => ['/search.php', ['q' => '<query>']],
@ -248,18 +247,6 @@ function url_construct(string $url, array $query = [], ?string $fragment = null)
return $url; return $url;
} }
function url_proxy_media(?string $url): ?string {
if(empty($url) || !\Misuzu\Config::get('media_proxy.enable', \Misuzu\Config\CfgType::T_BOOL) || is_local_url($url)) {
return $url;
}
$secret = \Misuzu\Config::get('media_proxy.secret', \Misuzu\Config\CfgType::T_STR, 'insecure');
$url = \Index\Serialisation\Serialiser::uriBase64()->serialise($url);
$hash = hash_hmac('sha256', $url, $secret);
return url('media-proxy', compact('hash', 'url'));
}
function url_prefix(bool $trailingSlash = true): string { function url_prefix(bool $trailingSlash = true): string {
return 'http' . (empty($_SERVER['HTTPS']) ? '' : 's') . '://' . $_SERVER['HTTP_HOST'] . ($trailingSlash ? '/' : ''); return 'http' . (empty($_SERVER['HTTPS']) ? '' : 's') . '://' . $_SERVER['HTTP_HOST'] . ($trailingSlash ? '/' : '');
} }