3 if (!defined('GNUSOCIAL')) { exit(1); }
5 // FIXME: To support remote video/whatever files, this plugin needs reworking.
7 class StoreRemoteMediaPlugin extends Plugin
9 // settings which can be set in config.php with addPlugin('Oembed', array('param'=>'value', ...));
10 // WARNING, these are _regexps_ (slashes added later). Always escape your dots and end your strings
11 public $domain_whitelist = array( // hostname => service provider
12 '^i\d*\.ytimg\.com$' => 'YouTube',
13 '^i\d*\.vimeocdn\.com$' => 'Vimeo',
15 public $append_whitelist = array(); // fill this array as domain_whitelist to add more trusted sources
16 public $check_whitelist = false; // security/abuse precaution
18 public $domain_blacklist = array();
19 public $check_blacklist = false;
21 protected $imgData = array();
23 // these should be declared protected everywhere
24 public function initialize()
28 $this->domain_whitelist = array_merge($this->domain_whitelist, $this->append_whitelist);
32 * Save embedding information for a File, if applicable.
34 * Normally this event is called through File::saveNew()
36 * @param File $file The abount-to-be-inserted File object.
38 * @return boolean success
40 public function onStartFileSaveNew(File &$file)
42 // save given URL as title if it's a media file this plugin understands
43 // which will make it shown in the AttachmentList widgets
45 if (isset($file->title) && strlen($file->title)>0) {
46 // Title is already set
49 if (!isset($file->mimetype)) {
50 // Unknown mimetype, it's not our job to figure out what it is.
53 switch (common_get_mime_media($file->mimetype)) {
55 // Just to set something for now at least...
56 $file->title = $file->mimetype;
63 public function onCreateFileImageThumbnailSource(File $file, &$imgPath, $media=null)
65 // If we are on a private node, we won't do any remote calls (just as a precaution until
66 // we can configure this from config.php for the private nodes)
67 if (common_config('site', 'private')) {
71 if ($media !== 'image') {
75 // If there is a local filename, it is either a local file already or has already been downloaded.
76 if (!empty($file->filename)) {
80 $remoteUrl = $file->getUrl();
82 if (!$this->checkWhiteList($remoteUrl) ||
83 !$this->checkBlackList($remoteUrl)) {
88 $http = new HTTPClient();
89 common_debug(sprintf('Performing HEAD request for remote file id==%u to avoid unnecessarily downloading too large files. URL: %s', $file->getID(), $remoteUrl));
90 $head = $http->head($remoteUrl);
91 $headers = $head->getHeader();
92 if (!isset($headers['content-length'])) {
93 // file size not specified on remote server
94 common_debug(sprintf('%s: Ignoring remote media because we did not get a content length for file id==%u', __CLASS__, $file->getID()));
96 } elseif (intval($headers['content-length']) > common_config('attachments', 'file_quota')) {
98 common_debug(sprintf('%s: Skipping remote media because content length (%u) is larger than file_quota (%u) for file id==%u', __CLASS__, intval($headers['content-length']), common_config('attachments', 'file_quota'), $file->getID()));
102 $remoteUrl = $head->effectiveUrl; // to avoid going through redirects again
103 if (!$this->checkBlackList($remoteUrl)) {
104 common_log(LOG_WARN, sprintf('%s: Non-blacklisted URL %s redirected to blacklisted URL %s', __CLASS__, $file->getUrl(), $remoteUrl));
108 // Then we download the file to memory and test whether it's actually an image file
109 common_debug(sprintf('Downloading remote file id==%u with effective URL: %s', $file->getID(), _ve($remoteUrl)));
110 $imgData = $http->get($remoteUrl);
111 } catch (HTTP_Request2_ConnectionException $e) {
112 common_log(LOG_ERR, __CLASS__.': quickGet on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage());
115 $info = @getimagesizefromstring($imgData);
116 if ($info === false) {
117 throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $remoteUrl);
118 } elseif (!$info[0] || !$info[1]) {
119 throw new UnsupportedMediaException(_('Image file had impossible geometry (0 width or height)'));
122 $filehash = hash(File::FILEHASH_ALG, $imgData);
124 // Exception will be thrown before $file is set to anything, so old $file value will be kept
125 $file = File::getByHash($filehash);
127 //FIXME: Add some code so we don't have to store duplicate File rows for same hash files.
128 } catch (NoResultException $e) {
129 $filename = $filehash . '.' . common_supported_mime_to_ext($info['mime']);
130 $fullpath = File::path($filename);
132 // Write the file to disk if it doesn't exist yet. Throw Exception on failure.
133 if (!file_exists($fullpath) && file_put_contents($fullpath, $imgData) === false) {
134 throw new ServerException(_('Could not write downloaded file to disk.'));
137 // Updated our database for the file record
138 $orig = clone($file);
139 $file->filehash = $filehash;
140 $file->filename = $filename;
141 $file->width = $info[0]; // array indexes documented on php.net:
142 $file->height = $info[1]; // https://php.net/manual/en/function.getimagesize.php
143 // Throws exception on failure.
144 $file->updateWithKeys($orig);
146 // Get rid of the file from memory
149 $imgPath = $file->getPath();
155 * @return boolean true if given url passes blacklist check
157 protected function checkBlackList($url)
159 if (!$this->check_blacklist) {
162 $host = parse_url($url, PHP_URL_HOST);
163 foreach ($this->domain_blacklist as $regex => $provider) {
164 if (preg_match("/$regex/", $host)) {
173 * @return boolean true if given url passes whitelist check
175 protected function checkWhiteList($url)
177 if (!$this->check_whitelist) {
180 $host = parse_url($url, PHP_URL_HOST);
181 foreach ($this->domain_whitelist as $regex => $provider) {
182 if (preg_match("/$regex/", $host)) {
190 public function onPluginVersion(array &$versions)
192 $versions[] = array('name' => 'StoreRemoteMedia',
193 'version' => GNUSOCIAL_VERSION,
194 'author' => 'Mikael Nordfeldth',
195 'homepage' => 'https://gnu.io/',
197 // TRANS: Plugin description.
198 _m('Plugin for downloading remotely attached files to local server.'));