Prevent settings/userexport to be used by anonymous users

[friendica.git] / src / Module / Proxy.php

diff --git a/src/Module/Proxy.php b/src/Module/Proxy.php
index e0d5716d69cf490fdad9e32a8b58c1fe274fed88..e43852baba0e8906890cb3be41f5261ca755b05b 100644 (file)
--- a/src/Module/Proxy.php
+++ b/src/Module/Proxy.php
@@ -1,8 +1,24 @@
 <?php
 /**
- * @file src/Module/Proxy.php
- * Based upon "Privacy Image Cache" by Tobias Hößl <https://github.com/CatoTH/>
+ * @copyright Copyright (C) 2010-2021, the Friendica project
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ *
  */
+
 namespace Friendica\Module;
 
 use Friendica\BaseModule;
@@ -88,7 +104,7 @@ class Proxy extends BaseModule
 
                // It shouldn't happen but it does - spaces in URL
                $request['url'] = str_replace(' ', '+', $request['url']);
-               $fetchResult = HTTPSignature::fetchRaw($request['url'], local_user(), true, ['timeout' => 10]);
+               $fetchResult = HTTPSignature::fetchRaw($request['url'], local_user(), ['timeout' => 10]);
                $img_str = $fetchResult->getBody();
 
                // If there is an error then return a blank image
@@ -111,11 +127,16 @@ class Proxy extends BaseModule
                }
 
                $basepath = $a->getBasePath();
+               $filepermission = DI::config()->get('system', 'proxy_file_chmod');
 
                // Store original image
                if ($direct_cache) {
                        // direct cache , store under ./proxy/
-                       file_put_contents($basepath . '/proxy/' . ProxyUtils::proxifyUrl($request['url'], true), $image->asString());
+                       $filename = $basepath . '/proxy/' . ProxyUtils::proxifyUrl($request['url'], true);
+                       file_put_contents($filename, $image->asString());
+                       if (!empty($filepermission)) {
+                               chmod($filename, $filepermission);
+                       }
                } elseif($cachefile !== '') {
                        // cache file
                        file_put_contents($cachefile, $image->asString());
@@ -133,7 +154,11 @@ class Proxy extends BaseModule
 
                // Store scaled image
                if ($direct_cache && $request['sizetype'] != '') {
-                       file_put_contents($basepath . '/proxy/' . ProxyUtils::proxifyUrl($request['url'], true) . $request['sizetype'], $image->asString());
+                       $filename = $basepath . '/proxy/' . ProxyUtils::proxifyUrl($request['url'], true) . $request['sizetype'];
+                       file_put_contents($filename, $image->asString());
+                       if (!empty($filepermission)) {
+                               chmod($filename, $filepermission);
+                       }
                }
 
                self::responseImageHttpCache($image);