Merge branch '25-remove-subdocument-iframe-url-2' into 'master'

Resolve "Remove Subdocument Iframe URL" Closes #25 See merge request !24

Merge branch '25-remove-subdocument-iframe-url-2' into 'master'
Resolve "Remove Subdocument Iframe URL" Closes #25 See merge request !24
2decf788 · Dominik Hebeler · aecf63ff · 002cf4cc · 2decf788 · 2decf788
Commit 2decf788 authored 3 years ago by Dominik Hebeler
--- a/app/Console/Commands/RequestFetcher.php
+++ b/app/Console/Commands/RequestFetcher.php
@@ -237,7 +237,7 @@ class RequestFetcher extends Command
            CURLOPT_PRIVATE => $job["resulthash"] . ";" . $job["cacheDuration"],
            CURLOPT_RETURNTRANSFER => 1,
            CURLOPT_USERAGENT => $job["useragent"],
-            CURLOPT_FOLLOWLOCATION => true,
+            CURLOPT_FOLLOWLOCATION => false,
            CURLOPT_CONNECTTIMEOUT => 10,
            CURLOPT_MAXCONNECTS => 500,
            CURLOPT_LOW_SPEED_LIMIT => 50000,

--- a/app/Http/Controllers/ProxyController.php
+++ b/app/Http/Controllers/ProxyController.php
@@ -96,7 +96,42 @@ class ProxyController extends Controller
        $this->writeLog($targetUrl, $request->ip());
       
        $urlToProxy = self::generateProxyUrl($targetUrl);
-        
+       
+        // Already Fetch the Contents of the website.
+        // If it's a Download we can already deliver it
+        // Hash Value under which a possible cached file would've been stored
+        $answer = $this->fetchUrl($targetUrl);
+
+        if (!empty($answer["error"])) {
+            if ($answer["error"] === CURLE_ABORTED_BY_CALLBACK) {
+                // File Downloads aren't working anymore within an IFrame.
+                // We will show the user a page to download the File
+                $postData = \App\Http\Controllers\DownloadController::generateDownloadLinkParameters($targetUrl);
+                $downloadUrl = route('download', $postData);
+                return redirect($downloadUrl);
+            }else if($answer["error"] === CURLE_COULDNT_RESOLVE_HOST){
+                return view('curl_errors.6', ["answer" => $answer]);
+            }
+        }
+
+        foreach ($answer["headers"] as $index => $value) {
+            if (strtolower($index) === "location") {
+                $redLink = $value;
+                if (strpos($redLink, "/") === 0) {
+                    $parse = parse_url($targetUrl);
+                    $redLink = $parse["scheme"] . "://" . $parse["host"] . $redLink;
+                } elseif (preg_match("/^\w+\.\w+$/si", $redLink)) {
+                    $parse = parse_url($targetUrl);
+                    $redLink = $parse["scheme"] . "://" . $parse["host"] . "/" . $redLink;
+                }
+                return redirect(self::generateProxyWrapperUrl($redLink));
+            } elseif (strtolower($index) === "content-disposition") {
+                return response(base64_decode($answer["body"]), $answer["http-code"], $answer["headers"]);
+            } else {
+                $headerArray[trim($index)] = trim($value);
+            }
+        }
+
        return view('ProxyPage')
            ->with('iframeUrl', $urlToProxy)
            ->with('targetUrl', $targetUrl);
@@ -141,36 +176,8 @@ class ProxyController extends Controller
        }

        // Hash Value under which a possible cached file would've been stored
-        $hash = md5($targetUrl);
        $httpcode = 200;
-
-        if (!Cache::has($hash) || env("CACHE_ENABLED") === false) {
-            $useragent = $_SERVER['HTTP_USER_AGENT'];
-            if (preg_match('/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i', $useragent) || preg_match('/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i', substr($useragent, 0, 4))) {
-                // Mobile Browser Dummy Mobile Useragent
-                $useragent = 'Mozilla/5.0 (Android 10; Mobile; rv:83.0) Gecko/83.0 Firefox/83.0';
-            } else {
-                // Not Mobile Dummy Desktop useragent
-                $useragent = 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0';
-            }
-
-            $mission = [
-                "resulthash" => $hash,
-                "url" => $targetUrl,
-                "useragent" => $useragent,
-                "cacheDuration" => $this::PROXY_CACHE,
-            ];
-
-            $mission = json_encode($mission);
-            Redis::rpush(RequestFetcher::FETCHQUEUE_KEY, $mission);
-            $answer = Redis::brpoplpush($hash, $hash, 10);
-            Redis::expire($hash, 15);
-            if ($answer) {
-                $answer = json_decode($answer, true);
-            }
-        } else {
-            $answer = Cache::get($hash);
-        }
+        $answer = $this->fetchUrl($targetUrl);

        if (!empty($answer["error"])) {
            if ($answer["error"] === CURLE_ABORTED_BY_CALLBACK) {
@@ -233,14 +240,7 @@ class ProxyController extends Controller
            $contentEncoding = stripos($contentTypeHeader, "charset=") !== false ? trim(substr($contentTypeHeader, stripos($contentTypeHeader, "charset=") + 8)) : null;
            $contentEncoding = rtrim($contentEncoding, ";");
            if (isset($answer["headers"]["content-disposition"]) && stripos(trim($answer["headers"]["content-type"]), "image/") !== 0) {
-                // File Downloads aren't working anymore within an IFrame.
-                // We will show the user a page to download the File
-                $postData = \App\Http\Controllers\DownloadController::generateDownloadLinkParameters($targetUrl);
-                return response(view("downloadrequired")->with([
-                    "url" => $postData["url"],
-                    "validuntil" => $postData["valid-until"],
-                    "password" => $postData["password"]
-                ]), 413);
+                return response(base64_decode($answer["body"]), $answer["http-code"], $answer["headers"]);
            }
            $body = base64_decode($answer["body"]);
            switch ($contentType) {
@@ -310,6 +310,39 @@ class ProxyController extends Controller
            ->withHeaders($answer["headers"]);
    }

+    private function fetchUrl($targetUrl){
+        $hash = md5($targetUrl);
+
+        if (!Cache::has($hash) || env("CACHE_ENABLED") === false) {
+            $useragent = $_SERVER['HTTP_USER_AGENT'];
+            if (preg_match('/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i', $useragent) || preg_match('/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i', substr($useragent, 0, 4))) {
+                // Mobile Browser Dummy Mobile Useragent
+                $useragent = 'Mozilla/5.0 (Android 10; Mobile; rv:83.0) Gecko/83.0 Firefox/83.0';
+            } else {
+                // Not Mobile Dummy Desktop useragent
+                $useragent = 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0';
+            }
+
+            $mission = [
+                "resulthash" => $hash,
+                "url" => $targetUrl,
+                "useragent" => $useragent,
+                "cacheDuration" => $this::PROXY_CACHE,
+            ];
+
+            $mission = json_encode($mission);
+            Redis::rpush(RequestFetcher::FETCHQUEUE_KEY, $mission);
+            $answer = Redis::brpoplpush($hash, $hash, 10);
+            Redis::expire($hash, 15);
+            if ($answer) {
+                $answer = json_decode($answer, true);
+            }
+        } else {
+            $answer = Cache::get($hash);
+        }
+        return $answer;
+    }
+
    /**
     * This function is called if a proxied page submits a form
     * It should take the submitted parameters and add them to the url

--- a/resources/views/ProxyPage.blade.php
+++ b/resources/views/ProxyPage.blade.php
@@ -2,16 +2,13 @@

 @section('content')

-<iframe
-	id="site-proxy-iframe"
-	src="{!!$iframeUrl!!}"
-	sandbox="
-	allow-forms
-	allow-popups
-	allow-top-navigation
-	allow-same-origin
-	"
->
+    <iframe id="site-proxy-iframe" src="{!! $iframeUrl !!}" sandbox="
+     allow-forms
+     allow-popups
+     allow-top-navigation
+     allow-same-origin
+     allow-downloads
+     ">

-</iframe>
+    </iframe>
 @endsection