Erster Commit

app/Http/Controllers/ProxyController.php

+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+
+class ProxyController extends Controller
+{
+    public function proxyPage(Request $request, $password, $url)
+    {
+        $targetUrl = str_rot13(base64_decode($url));
+
+        // Password already got checked by the middleware:
+
+        $newPW   = md5(env('PROXY_PASSWORD') . date('dmy'));
+        $toggles = "111000A";
+
+        # Script Toggle Url:
+        $params         = $request->all();
+        $scriptsEnabled = false;
+        if ($request->has('enableJS')) {
+            $scriptsEnabled = true;
+            array_forget($params, 'enableJS');
+        } else {
+            $toggles[1]         = "0";
+            $params['enableJS'] = "true";
+        }
+
+        $params['password'] = $password;
+        $params['url']      = $url;
+        $scriptUrl          = action('ProxyController@proxyPage', $params);
+        //$scriptUrl          = "javascript:alert('Diese Funktion wurde auf Grund von technischen Problemen vorerst deaktiviert. Sie können JavaScript wieder aktivieren sobald diese behoben wurden.');";
+
+        # Cookie Toggle Url:
+        $params         = $request->all();
+        $cookiesEnabled = false;
+        if ($request->has('enableCookies')) {
+            $cookiesEnabled = true;
+            array_forget($params, 'enableCookies');
+        } else {
+            $toggles[0]              = "0";
+            $params['enableCookies'] = "true";
+        }
+
+        $params['password'] = $password;
+        $params['url']      = $url;
+        $cookieUrl          = action('ProxyController@proxyPage', $params);
+
+        # IFrame URL
+        $urlToProxy = $targetUrl;
+        $urlToProxy = str_replace("=", "=3d", $urlToProxy);
+        $urlToProxy = str_replace("?", "=3f", $urlToProxy);
+        $urlToProxy = str_replace("%", "=25", $urlToProxy);
+        $urlToProxy = str_replace("&", "=26", $urlToProxy);
+        $urlToProxy = str_replace(";", "=3b", $urlToProxy);
+        $urlToProxy = preg_replace('/^(http[s]{0,1}):\/\//', '$1/', $urlToProxy);
+
+        $settings = "u0";
+        if ($cookiesEnabled && !$scriptsEnabled) {
+            $settings = "O0";
+        } elseif (!$cookiesEnabled && $scriptsEnabled) {
+            $settings = "e0";
+        } elseif ($cookiesEnabled && $scriptsEnabled) {
+            $settings = "80";
+        }
+
+        $urlToProxy = "/en/$settings/" . $urlToProxy;
+
+        $params             = $request->all();
+        $params['password'] = urlencode($newPW);
+        $params['url']      = $urlToProxy;
+
+        $iframeUrl = action('ProxyController@proxy', $params);
+
+        return view('ProxyPage')
+            ->with('iframeUrl', $iframeUrl)
+            ->with('scriptsEnabled', $scriptsEnabled)
+            ->with('scriptUrl', $scriptUrl)
+            ->with('cookiesEnabled', $cookiesEnabled)
+            ->with('cookieUrl', $cookieUrl)
+            ->with('targetUrl', $targetUrl);
+    }
+
+    public function redir(Request $request, $password, $url)
+    {
+        $params = $request->all();
+
+        $params['password'] = urlencode($password);
+        $params['page']     = urlencode(base64_encode(str_rot13("/test/nph-proxy.cgi/" . $url)));
+        $newUrl             = action('ProxyController@proxy', $params);
+        return redirect($newUrl);
+    }
+
+    public function proxy(Request $request, $password, $url)
+    {
+        $proxyUrl = "https://proxy.suma-ev.de/test/nph-proxy.cgi/" . ltrim($url, "/");
+        $r        = $this->getUrlContent($proxyUrl);
+        $httpcode = 200;
+        if (isset($r["http_code"]) && $r["http_code"] !== 0) {
+            $httpcode = $r["http_code"];
+        }
+
+        $r["data"] = $this->parseProxyLink($r["data"], $password, $request);
+        return response($r["data"], $httpcode)
+            ->withHeaders($r["header"]);
+
+        return var_dump($r);
+
+    }
+
+    private function parseProxyLink($data, $password, $request)
+    {
+        $result = $data;
+
+        $proxyLink = env('PROXY_URL');
+        $host      = $request->root();
+        $result    = str_replace($proxyLink, $host, $data);
+        $result    = str_replace("/test/nph-proxy.cgi", "/proxy/$password", $result);
+        return $result;
+    }
+
+    private function getUrlContent($url)
+    {
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_URL, $url);
+        curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)');
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
+        curl_setopt($ch, CURLOPT_TIMEOUT, 5);
+        curl_setopt($ch, CURLOPT_HEADER, 1);
+        $data = curl_exec($ch);
+
+        $httpcode = intval(curl_getinfo($ch, CURLINFO_HTTP_CODE));
+
+        $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
+        $header      = substr($data, 0, $header_size);
+
+        $data = substr($data, $header_size);
+
+        curl_close($ch);
+        $headerArray = [];
+        foreach (explode(PHP_EOL, $header) as $index => $value) {
+            if ($index > 0) {
+                $ar = explode(': ', $value);
+                if (sizeof($ar) === 2) {
+                    $headerArray[trim($ar[0])] = trim($ar[1]);
+                } else {
+                    //die(var_dump($value) . var_dump($ar));
+                }
+            }
+        }
+        return ['header' => $headerArray, 'data' => $data, 'http_code' => $httpcode];
+    }
+}

app/Http/Kernel.php

@@ -32,7 +32,7 @@ class Kernel extends HttpKernel
             \Illuminate\Session\Middleware\StartSession::class,
             // \Illuminate\Session\Middleware\AuthenticateSession::class,
             \Illuminate\View\Middleware\ShareErrorsFromSession::class,
-            \App\Http\Middleware\VerifyCsrfToken::class,
+            //\App\Http\Middleware\VerifyCsrfToken::class,
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
         ],
 
@@ -56,5 +56,6 @@ class Kernel extends HttpKernel
         'can'        => \Illuminate\Auth\Middleware\Authorize::class,
         'guest'      => \App\Http\Middleware\RedirectIfAuthenticated::class,
         'throttle'   => \Illuminate\Routing\Middleware\ThrottleRequests::class,
+        'checkpw'    => \App\Http\Middleware\CheckPassword::class,
     ];
 }

app/Http/Middleware/CheckPassword.php

+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class CheckPassword
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next, $timed = "false")
+    {
+
+        $password = $request->route('password');
+        if ($timed === "true") {
+            $checkPw = md5(env('PROXY_PASSWORD') . date('dmy'));
+            if ($checkPw === $password) {
+                return $next($request);
+            }
+        } else {
+            $targetUrl = str_rot13(base64_decode($request->route('url')));
+            // Check Password:
+            $checkPw  = md5(env('PROXY_PASSWORD') . $targetUrl);
+            $password = $request->route('password');
+            if ($checkPw === $password) {
+                return $next($request);
+            }
+        }
+        return abort(403);
+    }
+}

public/css/style.css

+nav {
+    margin-top: 10px;
+    border-bottom: 10px solid #fb0;
+}
+
+nav #proxy-logo {
+    max-width: 200px;
+}
+
+nav #proxy-logo img {
+    width: 100%;
+}
+
+nav #proxy-text {
+    text-align: center;
+}
+
+nav #proxy-text > ul > li + li {
+    color: #428bca;
+}
+
+nav #proxy-options > ul > li {
+    padding-bottom: 1px;
+}
+
+nav #proxy-options > ul > li > a {
+    display: block;
+}
+
+#site-proxy-iframe {
+    border: 0;
+    width: 100%;
+}
\ No newline at end of file

public/js/script.js

+$(document).ready(function() {
+    resizeIframe();
+    $(window).resize(function(){
+    	resizeIframe();
+    });
+});
+
+function resizeIframe(){
+	$("#site-proxy-iframe").height(500);
+	var navHeight = $("nav").outerHeight();
+    var bodyHeight = $("body").innerHeight();
+    $("#site-proxy-iframe").height(bodyHeight - navHeight);
+}
\ No newline at end of file

resources/views/ProxyPage.blade.php

+<html>
+	<head>
+		<link href="/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
+		<link href="/css/style.css" rel="stylesheet" type="text/css" />
+	</head>
+	<body>
+		<nav>
+			<div class="container-fluid">
+				<div class="row">
+					<div id="proxy-logo" class="col-xs-2">
+						<img src="/img/mglogo_klein.png" />
+					</div>
+					<div id="proxy-text" class="col-xs-8">
+						<ul class="list-unstyled">
+							<li>MetaGer/SUMA-EV Proxy (Beta): Anonymisiert & verschlüsselt. SUMA-EV ist weder Eigentümer noch Urheber von Inhalten.</li>
+							<li>Skripte sind deaktiviert. Webseiten-Darstellung kann verändert sein.</li>
+						</ul>
+					</div>
+					<div id="proxy-options" class="col-xs-2">
+						<ul class="list-unstyled">
+						@if(!$scriptsEnabled)
+						<li><a href="{{$scriptUrl}}" class="btn btn-warning btn-xs">Skripte blockiert</a></li>
+						@else
+						<li><a href="{{$scriptUrl}}" class="btn btn-info btn-xs">Skripte zugelassen</a></li>
+						@endif
+						@if(!$cookiesEnabled)
+						<li><a href="{{$cookieUrl}}" class="btn btn-warning btn-xs">Cookies gesperrt</a></li>
+						@else
+						<li><a href="{{$cookieUrl}}" class="btn btn-info btn-xs">Cookies zugelassen</a></li>
+						@endif
+						<li><a href="{!!$targetUrl!!}" class="btn btn-danger btn-xs">Proxy ausschalten</a></li>
+						</ul>
+					</div>
+				</div>
+			</div>
+		</nav>
+		<div class ="container-fluid">
+		</div>
+		<iframe id="site-proxy-iframe" src="{!!$iframeUrl!!}" >
+
+		</iframe>
+		<script src="/js/jquery.min.js"></script>
+		<script src="/js/bootstrap.min.js"></script>
+		<script src="/js/script.js"></script>
+	</body>
+</html>

resources/views/welcome.blade.php

-<!DOCTYPE html>
-<html lang="en">
-    <head>
-        <meta charset="utf-8">
-        <meta http-equiv="X-UA-Compatible" content="IE=edge">
-        <meta name="viewport" content="width=device-width, initial-scale=1">
-
-        <title>Laravel</title>
-
-        <!-- Fonts -->
-        <link href="https://fonts.googleapis.com/css?family=Raleway:100,600" rel="stylesheet" type="text/css">
-
-        <!-- Styles -->
-        <style>
-            html, body {
-                background-color: #fff;
-                color: #636b6f;
-                font-family: 'Raleway', sans-serif;
-                font-weight: 100;
-                height: 100vh;
-                margin: 0;
-            }
-
-            .full-height {
-                height: 100vh;
-            }
-
-            .flex-center {
-                align-items: center;
-                display: flex;
-                justify-content: center;
-            }
-
-            .position-ref {
-                position: relative;
-            }
-
-            .top-right {
-                position: absolute;
-                right: 10px;
-                top: 18px;
-            }
-
-            .content {
-                text-align: center;
-            }
-
-            .title {
-                font-size: 84px;
-            }
-
-            .links > a {
-                color: #636b6f;
-                padding: 0 25px;
-                font-size: 12px;
-                font-weight: 600;
-                letter-spacing: .1rem;
-                text-decoration: none;
-                text-transform: uppercase;
-            }
-
-            .m-b-md {
-                margin-bottom: 30px;
-            }
-        </style>
-    </head>
-    <body>
-        <div class="flex-center position-ref full-height">
-            @if (Route::has('login'))
-                <div class="top-right links">
-                    @if (Auth::check())
-                        <a href="{{ url('/home') }}">Home</a>
-                    @else
-                        <a href="{{ url('/login') }}">Login</a>
-                        <a href="{{ url('/register') }}">Register</a>
-                    @endif
-                </div>
-            @endif
-
-            <div class="content">
-                <div class="title m-b-md">
-                    Laravel
-                </div>
-
-                <div class="links">
-                    <a href="https://laravel.com/docs">Documentation</a>
-                    <a href="https://laracasts.com">Laracasts</a>
-                    <a href="https://laravel-news.com">News</a>
-                    <a href="https://forge.laravel.com">Forge</a>
-                    <a href="https://github.com/laravel/laravel">GitHub</a>
-                </div>
-            </div>
-        </div>
-    </body>
-</html>

routes/web.php

@@ -12,5 +12,18 @@
  */
 
 Route::get('/', function () {
-    return view('welcome');
+    $url      = "https://facebook.de";
+    $password = md5(env('PROXY_PASSWORD') . $url);
+    $target   = urlencode(base64_encode(str_rot13($url)));
+    return "<a href=\"" . action('ProxyController@proxyPage', ['password' => $password, 'url' => $target]) . "\">$url</a>";
+    return md5(env('PROXY_PASSWORD') . "https://metager.de") . "<br>\n" . urlencode(base64_encode(str_rot13('https://metager.de')));
+    #return redirect('https://metager.de');
+});
+
+Route::get('{password}/{url}', 'ProxyController@proxyPage')->middleware('checkpw');
+
+Route::group(['prefix' => 'proxy/{password}', 'middleware' => ['checkpw:true']], function ($password) {
+
+    Route::get('{url}', 'ProxyController@proxy')->where(['url' => '.*']);
+
 });