<?php
/**
- * @file src/Module/Proxy.php
- * @brief Based upon "Privacy Image Cache" by Tobias Hößl <https://github.com/CatoTH/>
+ * @copyright Copyright (C) 2010-2023, the Friendica project
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
*/
+
namespace Friendica\Module;
-use Friendica\App;
use Friendica\BaseModule;
-use Friendica\Core\Config;
-use Friendica\Core\L10n;
+use Friendica\Core\Logger;
use Friendica\Core\System;
-use Friendica\Database\DBA;
-use Friendica\Model\Photo;
+use Friendica\DI;
+use Friendica\Network\HTTPClient\Client\HttpClientAccept;
+use Friendica\Network\HTTPClient\Client\HttpClientOptions;
+use Friendica\Network\HTTPException\NotModifiedException;
use Friendica\Object\Image;
-use Friendica\Util\DateTimeFormat;
-use Friendica\Util\Network;
+use Friendica\Util\HTTPSignature;
+use Friendica\Util\Images;
use Friendica\Util\Proxy as ProxyUtils;
/**
- * @brief Module Proxy
+ * Module Proxy
+ *
+ * urls:
+ * /proxy/[sub1/[sub2/]]<base64url image url>[.ext][:size]
+ * /proxy?url=<image url>
*/
class Proxy extends BaseModule
{
/**
- * @brief Initializer method for this class.
- *
- * Sets application instance and checks if /proxy/ path is writable.
- *
- * @param \Friendica\App $app Application instance
+ * Fetch remote image content
*/
- public static function init()
+ protected function rawContent(array $request = [])
{
- // Set application instance here
- $a = self::getApp();
+ $request = $this->getRequestInfo();
- /*
- * Pictures are stored in one of the following ways:
- *
- * 1. If a folder "proxy" exists and is writeable, then use this for caching
- * 2. If a cache path is defined, use this
- * 3. If everything else failed, cache into the database
- *
- * Question: Do we really need these three methods?
- */
- if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
- header('HTTP/1.1 304 Not Modified');
+ if (!DI::config()->get('system', 'proxify_content')) {
+ Logger::notice('Proxy access is forbidden', ['request' => $request, 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '', 'accept' => $_SERVER['HTTP_ACCEPT'] ?? '']);
+ throw new \Friendica\Network\HTTPException\NotFoundException();
+ }
+
+ if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
- header('Etag: ' . $_SERVER['HTTP_IF_NONE_MATCH']);
+ if (!empty($_SERVER['HTTP_IF_NONE_MATCH'])) {
+ header('Etag: ' . $_SERVER['HTTP_IF_NONE_MATCH']);
+ }
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT');
header('Cache-Control: max-age=31536000');
-
if (function_exists('header_remove')) {
header_remove('Last-Modified');
header_remove('Expires');
header_remove('Cache-Control');
}
+ throw new NotModifiedException();
+ }
- /// @TODO Stop here?
- exit();
+ if (empty($request['url'])) {
+ throw new \Friendica\Network\HTTPException\BadRequestException();
}
- if (function_exists('header_remove')) {
- header_remove('Pragma');
- header_remove('pragma');
+ if (!DI::userSession()->getLocalUserId()) {
+ Logger::debug('Redirecting not logged in user to original address', ['url' => $request['url']]);
+ System::externalRedirect($request['url']);
}
- $thumb = false;
- $size = 1024;
- $sizetype = '';
- $basepath = $a->getBasePath();
+ // It shouldn't happen but it does - spaces in URL
+ $request['url'] = str_replace(' ', '+', $request['url']);
+
+ // Fetch the content with the local user
+ try {
+ $fetchResult = HTTPSignature::fetchRaw($request['url'], DI::userSession()->getLocalUserId(), [HttpClientOptions::ACCEPT_CONTENT => [HttpClientAccept::IMAGE], 'timeout' => 10]);
+ $img_str = $fetchResult->getBody();
- // If the cache path isn't there, try to create it
- if (!is_dir($basepath . '/proxy') && is_writable($basepath)) {
- mkdir($basepath . '/proxy');
+ if (!$fetchResult->isSuccess() || empty($img_str)) {
+ Logger::notice('Error fetching image', ['image' => $request['url'], 'return' => $fetchResult->getReturnCode(), 'empty' => empty($img_str)]);
+ self::responseError();
+ // stop.
+ }
+ } catch (\Exception $exception) {
+ Logger::notice('Error fetching image', ['image' => $request['url'], 'exception' => $exception]);
+ self::responseError();
}
- // Checking if caching into a folder in the webroot is activated and working
- $direct_cache = (is_dir($basepath . '/proxy') && is_writable($basepath . '/proxy'));
+ Logger::debug('Got picture', ['Content-Type' => $fetchResult->getHeader('Content-Type'), 'uid' => DI::userSession()->getLocalUserId(), 'image' => $request['url']]);
- // Look for filename in the arguments
- if ((isset($a->argv[1]) || isset($a->argv[2]) || isset($a->argv[3])) && !isset($_REQUEST['url'])) {
- if (isset($a->argv[3])) {
- $url = $a->argv[3];
- } elseif (isset($a->argv[2])) {
- $url = $a->argv[2];
- } else {
- $url = $a->argv[1];
- }
+ $mime = Images::getMimeTypeByData($img_str);
- if (isset($a->argv[3]) && ($a->argv[3] == 'thumb')) {
- $size = 200;
- }
+ $image = new Image($img_str, $mime);
+ if (!$image->isValid()) {
+ Logger::notice('The image is invalid', ['image' => $request['url'], 'mime' => $mime]);
+ self::responseError();
+ // stop.
+ }
+
+ // reduce quality - if it isn't a GIF
+ if ($image->getType() != 'image/gif') {
+ $image->scaleDown($request['size']);
+ }
+
+ self::responseImageHttpCache($image);
+ // stop.
+ }
+
+ /**
+ * Build info about requested image to be proxied
+ *
+ * @return array
+ * [
+ * 'url' => requested url,
+ * 'size' => requested image size (int)
+ * 'sizetype' => requested image size (string): ':micro', ':thumb', ':small', ':medium', ':large'
+ * ]
+ * @throws \Exception
+ */
+ private function getRequestInfo(): array
+ {
+ $size = ProxyUtils::PIXEL_LARGE;
+ $sizetype = '';
+
+ if (!empty($this->parameters['url']) && empty($_REQUEST['url'])) {
+ $url = $this->parameters['url'];
// thumb, small, medium and large.
if (substr($url, -6) == ':micro') {
- $size = 48;
+ $size = ProxyUtils::PIXEL_MICRO;
$sizetype = ':micro';
$url = substr($url, 0, -6);
} elseif (substr($url, -6) == ':thumb') {
- $size = 80;
+ $size = ProxyUtils::PIXEL_THUMB;
$sizetype = ':thumb';
$url = substr($url, 0, -6);
} elseif (substr($url, -6) == ':small') {
- $size = 175;
+ $size = ProxyUtils::PIXEL_SMALL;
$url = substr($url, 0, -6);
$sizetype = ':small';
} elseif (substr($url, -7) == ':medium') {
- $size = 600;
+ $size = ProxyUtils::PIXEL_MEDIUM;
$url = substr($url, 0, -7);
$sizetype = ':medium';
} elseif (substr($url, -6) == ':large') {
- $size = 1024;
+ $size = ProxyUtils::PIXEL_LARGE;
$url = substr($url, 0, -6);
$sizetype = ':large';
}
$url = str_replace(['.jpg', '.jpeg', '.gif', '.png'], ['','','',''], $url);
$url = base64_decode(strtr($url, '-_', '+/'), true);
-
- if ($url) {
- $_REQUEST['url'] = $url;
- }
- } else {
- $direct_cache = false;
- }
-
- if (empty($_REQUEST['url'])) {
- System::httpExit(400, ["title" => L10n::t('Bad Request.')]);
- }
-
- if (!$direct_cache) {
- $urlhash = 'pic:' . sha1($_REQUEST['url']);
-
- $cachefile = get_cachefile(hash('md5', $_REQUEST['url']));
- if ($cachefile != '' && file_exists($cachefile)) {
- $img_str = file_get_contents($cachefile);
- $mime = mime_content_type($cachefile);
-
- header('Content-type: ' . $mime);
- header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
- header('Etag: "' . md5($img_str) . '"');
- header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT');
- header('Cache-Control: max-age=31536000');
-
- // reduce quality - if it isn't a GIF
- if ($mime != 'image/gif') {
- $image = new Image($img_str, $mime);
-
- if ($image->isValid()) {
- $img_str = $image->asString();
- }
- }
-
- echo $img_str;
- exit();
- }
} else {
- $cachefile = '';
+ $url = $_REQUEST['url'] ?? '';
}
- $valid = true;
- $photo = null;
-
- if (!$direct_cache && ($cachefile == '')) {
- $photo = DBA::selectFirst('photo', ['data', 'desc'], ['resource-id' => $urlhash]);
-
- if (DBA::isResult($photo)) {
- $img_str = $photo['data'];
- $mime = $photo['desc'];
-
- if ($mime == '') {
- $mime = 'image/jpeg';
- }
- }
- }
-
- if (!DBA::isResult($photo)) {
- // It shouldn't happen but it does - spaces in URL
- $_REQUEST['url'] = str_replace(' ', '+', $_REQUEST['url']);
- $redirects = 0;
- $fetchResult = Network::fetchUrlFull($_REQUEST['url'], true, $redirects, 10);
- $img_str = $fetchResult->getBody();
-
- $tempfile = tempnam(get_temppath(), 'cache');
- file_put_contents($tempfile, $img_str);
- $mime = mime_content_type($tempfile);
- unlink($tempfile);
-
- // If there is an error then return a blank image
- if ((substr($fetchResult->getReturnCode(), 0, 1) == '4') || (!$img_str)) {
- $img_str = file_get_contents('images/blank.png');
- $mime = 'image/png';
- $cachefile = ''; // Clear the cachefile so that the dummy isn't stored
- $valid = false;
- $image = new Image($img_str, 'image/png');
-
- if ($image->isValid()) {
- $image->scaleDown(10);
- $img_str = $image->asString();
- }
- } elseif ($mime != 'image/jpeg' && !$direct_cache && $cachefile == '') {
- $image = @imagecreatefromstring($img_str);
-
- if ($image === FALSE) {
- die();
- }
-
- $fields = ['uid' => 0, 'contact-id' => 0, 'guid' => System::createGUID(), 'resource-id' => $urlhash, 'created' => DateTimeFormat::utcNow(), 'edited' => DateTimeFormat::utcNow(),
- 'filename' => basename($_REQUEST['url']), 'type' => '', 'album' => '', 'height' => imagesy($image), 'width' => imagesx($image),
- 'datasize' => 0, 'data' => $img_str, 'scale' => 100, 'profile' => 0,
- 'allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => '', 'desc' => $mime];
- DBA::insert('photo', $fields);
- } else {
- $image = new Image($img_str, $mime);
-
- if ($image->isValid() && !$direct_cache && ($cachefile == '')) {
- Photo::store($image, 0, 0, $urlhash, $_REQUEST['url'], '', 100);
- }
- }
- }
-
- $img_str_orig = $img_str;
-
- // reduce quality - if it isn't a GIF
- if ($mime != 'image/gif') {
- $image = new Image($img_str, $mime);
-
- if ($image->isValid()) {
- $image->scaleDown($size);
- $img_str = $image->asString();
- }
- }
-
- /*
- * If there is a real existing directory then put the cache file there
- * advantage: real file access is really fast
- * Otherwise write in cachefile
- */
- if ($valid && $direct_cache) {
- file_put_contents($basepath . '/proxy/' . ProxyUtils::proxifyUrl($_REQUEST['url'], true), $img_str_orig);
-
- if ($sizetype != '') {
- file_put_contents($basepath . '/proxy/' . ProxyUtils::proxifyUrl($_REQUEST['url'], true) . $sizetype, $img_str);
- }
- } elseif ($cachefile != '') {
- file_put_contents($cachefile, $img_str_orig);
- }
+ return [
+ 'url' => $url,
+ 'size' => $size,
+ 'sizetype' => $sizetype,
+ ];
+ }
- header('Content-type: ' . $mime);
+ /**
+ * In case of an error just stop. We don't return content to avoid caching problems
+ *
+ * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ */
+ private static function responseError()
+ {
+ throw new \Friendica\Network\HTTPException\InternalServerErrorException();
+ }
- // Only output the cache headers when the file is valid
- if ($valid) {
- header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
- header('Etag: "' . md5($img_str) . '"');
- header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT');
- header('Cache-Control: max-age=31536000');
+ /**
+ * Output the image with cache headers
+ *
+ * @param Image $img
+ * @return void
+ * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ */
+ private static function responseImageHttpCache(Image $img)
+ {
+ if (is_null($img) || !$img->isValid()) {
+ Logger::notice('The cached image is invalid');
+ self::responseError();
+ // stop.
}
-
- echo $img_str;
-
- exit();
+ header('Content-type: ' . $img->getType());
+ header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
+ header('Etag: "' . md5($img->asString()) . '"');
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time() + (31536000)) . ' GMT');
+ header('Cache-Control: max-age=31536000');
+ echo $img->asString();
+ System::exit();
}
-
}