Skip to content
Snippets Groups Projects
Commit fd1315c5 authored by Dominik Hebeler's avatar Dominik Hebeler
Browse files

Nun sollten alle GET Formulare funktionieren

parent 9f00f414
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app/Http/Controllers/ProxyController.php
+ 53
39
View file @ fd1315c5
...@@ -100,8 +100,8 @@ class ProxyController extends Controller ...@@ -100,8 +100,8 @@ class ProxyController extends Controller
public function proxy(Request $request, $password, $url) public function proxy(Request $request, $password, $url)
{ {
$targetUrl = str_replace("<<SLASH>>", "/", $url); $targetUrl = str_replace("<<SLASH>>", "/", $url);
$targetUrl = str_rot13(base64_decode($targetUrl)); $targetUrl = str_rot13(base64_decode($targetUrl));
$this->password = $password; $this->password = $password;
// Hash Value under which a possible cached file would've been stored // Hash Value under which a possible cached file would've been stored
$hash = md5($targetUrl); $hash = md5($targetUrl);
...@@ -132,20 +132,22 @@ class ProxyController extends Controller ...@@ -132,20 +132,22 @@ class ProxyController extends Controller
if (isset($path)) { if (isset($path)) {
$this->base .= $path; $this->base .= $path;
} }
# Forms ohne action bekommen eine Action mit der aktuellen URL verpasst.
$result["data"] = preg_replace("/(<form\b(?:(?!action=).)*?)(>)/si", "$1 action=\"$targetUrl\"$2", $result["data"]);
if (isset($result["header"]["Content-Type"]) && stripos($result["header"]["Content-Type"], "text/html") !== false) { if (isset($result["header"]["Content-Type"]) && stripos($result["header"]["Content-Type"], "text/html") !== false) {
$result["data"] = $this->convertTargetAttributes($result["data"]); $result["data"] = $this->convertTargetAttributes($result["data"]);
} }
// First of all we will handle the URLs in the META refresh tag // First of all we will handle the URLs in the META refresh tag
/*die(var_dump($result["data"])); #die(var_dump($result["data"]));
$result["data"] = preg_replace_callback("/(<meta\b[^>]*?url=)([^\s\"\']*)([^>]*?>)/si", "self::regRel2AbsMeta", $result["data"]); $result["data"] = preg_replace_callback("/(<meta\b[^>]*?url=)([^\s\"\']*)([^>]*?>)/si", "self::regRel2AbsMeta", $result["data"]);
die("test");*/
// We define the "tag" that encloses possible URLS that are needed to be parsed // We define the "tag" that encloses possible URLS that are needed to be parsed
// Every tag is seperated by a "|" and needs to be regexp escaped // Every tag is seperated by a "|" and needs to be regexp escaped
$tagsToMatch = "href=|src=|action=|background="; $tagsToMatch = "href=|src=|action=|background=";
// We have to match all Links enclosed within Quotes // We have to match all Links enclosed within Quotes
$result["data"] = preg_replace_callback("/(<[^>]+)($tagsToMatch)\s*([\"\'])((?!\\\\3).*?)(\\3.*?>)/si", "self::regRel2AbsQuotes", $result["data"]); $result["data"] = preg_replace_callback("/(<[^>]+)($tagsToMatch)\s*([\"\'])((?!\\\\3).*?)(\\3.*?>)/si", "self::regRel2AbsQuotes", $result["data"]);
// Ommitting Quotes is valid too so we match all Links matching this here // Ommitting Quotes is valid too so we match all Links matching this here
$result["data"] = preg_replace_callback("/(<[^>]+?)($tagsToMatch)([^\"\'\s][^\s\"\/>]*?)(\s[^>]+?>|>)/si", "self::regRel2AbsNoQuotes", $result["data"]); $result["data"] = preg_replace_callback("/(<[^>]+?)($tagsToMatch)([^\"\'\s][^\s\">]*?)(\s[^>]+?>|>)/si", "self::regRel2AbsNoQuotes", $result["data"]);
// srcsets can contain multiple URLs so we handle them here srcset= // srcsets can contain multiple URLs so we handle them here srcset=
$result["data"] = preg_replace_callback("/(<[^>]+)(srcset=)\s*([\"\'])((?!\\\\3).*?)(\\3.*?>)/s", "self::regRel2AbsSrcSet", $result["data"]); $result["data"] = preg_replace_callback("/(<[^>]+)(srcset=)\s*([\"\'])((?!\\\\3).*?)(\\3.*?>)/s", "self::regRel2AbsSrcSet", $result["data"]);
...@@ -226,17 +228,28 @@ class ProxyController extends Controller ...@@ -226,17 +228,28 @@ class ProxyController extends Controller
return $string; return $string;
} }
private function regRel2AbsMeta($match){ private function regRel2AbsMeta($match)
die(var_dump($match)); {
$top = false;
$pre = $match[1];
$post = $match[3];
$link = $match[2];
$link = $this->parseRelativeToAbsolute($link);
// We will Proxify this URL
$link = $this->proxifyUrl($link, $this->password, $top);
return $pre . $link . $post;
} }
private function regRel2AbsNoQuotes($match){ private function regRel2AbsNoQuotes($match)
{
$top = false; $top = false;
if(preg_match("/target=[\"\']{0,1}\s*(_blank|_top)/si", $match[0]) === 1){ if (preg_match("/target=[\"\']{0,1}\s*(_blank|_top)/si", $match[0]) === 1) {
$top = true; $top = true;
} }
$pre = $match[1] . $match[2]; $pre = $match[1] . $match[2];
$post = $match[4]; $post = $match[4];
$link = $match[3]; $link = $match[3];
...@@ -247,13 +260,14 @@ class ProxyController extends Controller ...@@ -247,13 +260,14 @@ class ProxyController extends Controller
return $pre . $link . $post; return $pre . $link . $post;
} }
private function regRel2AbsQuotes($match){ private function regRel2AbsQuotes($match)
{
$top = false; $top = false;
if(preg_match("/target=[\"\']{0,1}\s*(_blank|_top)/si", $match[0]) === 1){ if (preg_match("/target=[\"\']{0,1}\s*(_blank|_top)/si", $match[0]) === 1) {
$top = true; $top = true;
} }
$pre = $match[1] . $match[2] . $match[3]; $pre = $match[1] . $match[2] . $match[3];
$post = $match[5]; $post = $match[5];
$link = htmlspecialchars_decode($match[4]); $link = htmlspecialchars_decode($match[4]);
...@@ -264,15 +278,16 @@ class ProxyController extends Controller ...@@ -264,15 +278,16 @@ class ProxyController extends Controller
return $pre . $link . $post; return $pre . $link . $post;
} }
private function regCssRel2Abs($match){ private function regCssRel2Abs($match)
$top = false; {
$pre = $match[1]; $top = false;
$pre = $match[1];
$post = $match[3]; $post = $match[3];
$link = htmlspecialchars_decode($match[2]); $link = htmlspecialchars_decode($match[2]);
$link = $this->parseRelativeToAbsolute($link); $link = $this->parseRelativeToAbsolute($link);
if(strpos($link, "data:") !== 0){ if (strpos($link, "data:") !== 0) {
# die($link); # die($link);
} }
// We will Proxify this URL // We will Proxify this URL
$link = $this->proxifyUrl($link, $this->password, $top); $link = $this->proxifyUrl($link, $this->password, $top);
...@@ -280,22 +295,23 @@ class ProxyController extends Controller ...@@ -280,22 +295,23 @@ class ProxyController extends Controller
return $pre . $link . $post; return $pre . $link . $post;
} }
private function regRel2AbsSrcSet($match){ private function regRel2AbsSrcSet($match)
{
$top = false; $top = false;
if(preg_match("/target=[\"\']{0,1}\s*(_blank|_top)/si", $match[0]) === 1){ if (preg_match("/target=[\"\']{0,1}\s*(_blank|_top)/si", $match[0]) === 1) {
$top = true; $top = true;
} }
$pre = $match[1] . $match[2] . $match[3]; $pre = $match[1] . $match[2] . $match[3];
$post = $match[5]; $post = $match[5];
$links = explode(",", $match[4]); $links = explode(",", $match[4]);
$result = $match[4]; $result = $match[4];
foreach($links as $link){ foreach ($links as $link) {
preg_match_all("/[\S]+/", $link, $matches); preg_match_all("/[\S]+/", $link, $matches);
if(isset($matches[0]) && isset($matches[0][0])){ if (isset($matches[0]) && isset($matches[0][0])) {
// In the srcset the Link would be the first match // In the srcset the Link would be the first match
$rel = $matches[0][0]; $rel = $matches[0][0];
$absLink = $this->parseRelativeToAbsolute($rel, "", $rel, ""); $absLink = $this->parseRelativeToAbsolute($rel, "", $rel, "");
// We will Proxify this URL // We will Proxify this URL
...@@ -310,23 +326,22 @@ class ProxyController extends Controller ...@@ -310,23 +326,22 @@ class ProxyController extends Controller
private function parseRelativeToAbsolute($link) private function parseRelativeToAbsolute($link)
{ {
// When the Link is already absolute then do not convert anything // When the Link is already absolute then do not convert anything
if(preg_match("/(?:(?!:\/\/).)+?:\/\//si", $link) === 1){ if (preg_match("/(?:(?!:\/\/).)+?:\/\//si", $link) === 1) {
return $link; return $link;
// If the Link starts with "//" that means it already is an absolute Link // If the Link starts with "//" that means it already is an absolute Link
// But it needs to get the current protocol added // But it needs to get the current protocol added
}elseif (preg_match("/^\s*?\/\//si", $link) === 1) { } elseif (preg_match("/^\s*?\/\//si", $link) === 1) {
$scheme = parse_url($this->base)["scheme"] . "://"; $scheme = parse_url($this->base)["scheme"] . "://";
$abs = preg_replace("/^\s*?\/\//si", "$scheme", $link); $abs = preg_replace("/^\s*?\/\//si", "$scheme", $link);
return $abs; return $abs;
// The Link that is following here is not absolute. But it can be invalid: // The Link that is following here is not absolute. But it can be invalid:
}else{ } else {
$absLink = $this->rel2abs($link, $this->base); $absLink = $this->rel2abs($link, $this->base);
return $absLink; return $absLink;
} }
# Convert every Link that starts with [ . | / ] but not with [ // ] # Convert every Link that starts with [ . | / ] but not with [ // ]
while (preg_match("/(href=|src=|url\(|action=|srcset=|@import |background=)(\s*[\"\']{0,1}\s*)((:?\.|\/[^\/])[^\"\'\s]+)([\"\'\s])/si", $result, $matches) === 1) { while (preg_match("/(href=|src=|url\(|action=|srcset=|@import |background=)(\s*[\"\']{0,1}\s*)((:?\.|\/[^\/])[^\"\'\s]+)([\"\'\s])/si", $result, $matches) === 1) {
$absoluteLink = $this->rel2abs($matches[3], $base); $absoluteLink = $this->rel2abs($matches[3], $base);
$result = str_replace($matches[0], $matches[1] . $matches[2] . $absoluteLink . $matches[5], $result, $count); $result = str_replace($matches[0], $matches[1] . $matches[2] . $absoluteLink . $matches[5], $result, $count);
...@@ -411,7 +426,7 @@ class ProxyController extends Controller ...@@ -411,7 +426,7 @@ class ProxyController extends Controller
$url = htmlspecialchars_decode($url); $url = htmlspecialchars_decode($url);
curl_setopt($this->ch, CURLOPT_URL, "$url"); curl_setopt($this->ch, CURLOPT_URL, "$url");
$data = curl_exec($this->ch); $data = curl_exec($this->ch);
$httpcode = intval(curl_getinfo($this->ch, CURLINFO_HTTP_CODE)); $httpcode = intval(curl_getinfo($this->ch, CURLINFO_HTTP_CODE));
$header_size = curl_getinfo($this->ch, CURLINFO_HEADER_SIZE); $header_size = curl_getinfo($this->ch, CURLINFO_HEADER_SIZE);
...@@ -463,11 +478,10 @@ class ProxyController extends Controller ...@@ -463,11 +478,10 @@ class ProxyController extends Controller
{ {
// Only convert valid URLs // Only convert valid URLs
$url = trim($url); $url = trim($url);
if(strpos($url, "http") !== 0){ if (strpos($url, "http") !== 0) {
return $url; return $url;
} }
if (!$password) { if (!$password) {
$password = urlencode(\Request::route('password')); $password = urlencode(\Request::route('password'));
} }
...@@ -505,7 +519,7 @@ class ProxyController extends Controller ...@@ -505,7 +519,7 @@ class ProxyController extends Controller
{ {
/* return if already absolute URL */ /* return if already absolute URL */
if (parse_url($rel, PHP_URL_SCHEME) != '' || strlen(trim($rel)) <= 0 ) { if (parse_url($rel, PHP_URL_SCHEME) != '' || strlen(trim($rel)) <= 0) {
return ($rel); return ($rel);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment