use Friendica\Core\Cache\Duration;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
+use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Contact;
+use Friendica\Model\GServer;
use Friendica\Model\Profile;
use Friendica\Protocol\ActivityNamespace;
use Friendica\Protocol\ActivityPub;
private static $baseurl;
private static $istimeout;
+ /**
+ * Remove stuff from an URI that doesn't belong there
+ *
+ * @param string $URI
+ * @return string Cleaned URI
+ */
+ public static function cleanURI(string $URI)
+ {
+ // At first remove leading and trailing junk
+ $URI = trim($URI, "@#?:/ \t\n\r\0\x0B");
+
+ $parts = parse_url($URI);
+
+ if (empty($parts['scheme'])) {
+ return $URI;
+ }
+
+ // Remove the URL fragment, since these shouldn't be part of any profile URL
+ unset($parts['fragment']);
+
+ $URI = Network::unparseURL($parts);
+
+ return $URI;
+ }
+
/**
* Rearrange the array so that it always has the same order
*
private static function rearrangeData($data)
{
$fields = ["name", "nick", "guid", "url", "addr", "alias", "photo", "account-type",
- "community", "keywords", "location", "about", "gender", "hide",
+ "community", "keywords", "location", "about", "hide",
"batch", "notify", "poll", "request", "confirm", "poco",
"following", "followers", "inbox", "outbox", "sharedinbox",
- "priority", "network", "pubkey", "baseurl"];
+ "priority", "network", "pubkey", "baseurl", "gsid"];
$newdata = [];
foreach ($fields as $field) {
if (isset($data[$field])) {
$newdata[$field] = $data[$field];
- } else {
+ } elseif ($field != "gsid") {
$newdata[$field] = "";
+ } else {
+ $newdata[$field] = null;
}
}
// Reset the static variable
self::$baseurl = '';
- $ssl_url = "https://".$host."/.well-known/host-meta";
- $url = "http://".$host."/.well-known/host-meta";
+ // Handles the case when the hostname contains the scheme
+ if (!parse_url($host, PHP_URL_SCHEME)) {
+ $ssl_url = "https://" . $host . "/.well-known/host-meta";
+ $url = "http://" . $host . "/.well-known/host-meta";
+ } else {
+ $ssl_url = $host . "/.well-known/host-meta";
+ $url = '';
+ }
$xrd_timeout = DI::config()->get('system', 'xrd_timeout', 20);
- Logger::log("Probing for ".$host, Logger::DEBUG);
+ Logger::info('Probing', ['host' => $host, 'ssl_url' => $ssl_url, 'url' => $url, 'callstack' => System::callstack(20)]);
$xrd = null;
$curlResult = Network::curl($ssl_url, false, ['timeout' => $xrd_timeout, 'accept_content' => 'application/xrd+xml']);
$ssl_connection_error = ($curlResult->getErrorNumber() == CURLE_COULDNT_CONNECT) || ($curlResult->getReturnCode() == 0);
if ($curlResult->isSuccess()) {
$xml = $curlResult->getBody();
- $xrd = XML::parseString($xml, false);
- $host_url = 'https://'.$host;
+ $xrd = XML::parseString($xml, true);
+ if (!empty($url)) {
+ $host_url = 'https://' . $host;
+ } else {
+ $host_url = $host;
+ }
} elseif ($curlResult->isTimeout()) {
Logger::info('Probing timeout', ['url' => $ssl_url], Logger::DEBUG);
self::$istimeout = true;
return false;
}
- if (!is_object($xrd)) {
+ if (!is_object($xrd) && !empty($url)) {
$curlResult = Network::curl($url, false, ['timeout' => $xrd_timeout, 'accept_content' => 'application/xrd+xml']);
$connection_error = ($curlResult->getErrorNumber() == CURLE_COULDNT_CONNECT) || ($curlResult->getReturnCode() == 0);
if ($curlResult->isTimeout()) {
}
$xml = $curlResult->getBody();
- $xrd = XML::parseString($xml, false);
+ $xrd = XML::parseString($xml, true);
$host_url = 'http://'.$host;
}
if (!is_object($xrd)) {
/**
* Check an URI for LRDD data
*
- * this is a replacement for the "lrdd" function.
- * It isn't used in this class and has some redundancies in the code.
- * When time comes we can check the existing calls for "lrdd" if we can rework them.
- *
* @param string $uri Address that should be probed
*
* @return array uri data
return [];
}
- $host = $parts["host"];
+ $host = $parts['scheme'] . '://' . $parts["host"];
if (!empty($parts["port"])) {
$host .= ':'.$parts["port"];
}
$data[] = ["@attributes" => $link];
}
- if (is_array($webfinger["aliases"])) {
+ if (!empty($webfinger["aliases"]) && is_array($webfinger["aliases"])) {
foreach ($webfinger["aliases"] as $alias) {
$data[] = ["@attributes" =>
["rel" => "alias",
$data['url'] = $uri;
}
- if (!empty($data['photo']) && !empty($data['baseurl'])) {
- $data['baseurl'] = Network::getUrlMatch(Strings::normaliseLink($data['baseurl']), Strings::normaliseLink($data['photo']));
- } elseif (empty($data['photo'])) {
+ if (empty($data['photo'])) {
$data['photo'] = DI::baseUrl() . '/images/person-300.jpg';
}
$data['baseurl'] = self::$baseurl;
}
+ if (!empty($data['baseurl']) && empty($data['gsid'])) {
+ $data['gsid'] = GServer::getID($data['baseurl']);
+ }
+
if (empty($data['network'])) {
$data['network'] = Protocol::PHANTOM;
}
if (!empty($profile['description'])) {
$data['about'] = $profile['description'];
}
- if (!empty($profile['gender'])) {
- $data['gender'] = $profile['gender'];
- }
if (!empty($profile['keywords'])) {
$keywords = implode(', ', $profile['keywords']);
if (!empty($keywords)) {
}
// If it is not JSON, maybe it is XML
- $xrd = XML::parseString($data, false);
+ $xrd = XML::parseString($data, true);
if (!is_object($xrd)) {
Logger::log("No webfinger data retrievable for ".$url, Logger::DEBUG);
return false;
$data["about"] = $json["about"];
}
- if (!empty($json["gender"])) {
- $data["gender"] = $json["gender"];
- }
-
if (!empty($json["key"])) {
$data["pubkey"] = $json["key"];
}
}
/**
- * Check page for feed link
- *
- * @param string $url Page link
+ * Checks HTML page for RSS feed link
*
- * @return string feed link
+ * @param string $url Page link
+ * @param string $body Page body string
+ * @return string|false Feed link or false if body was invalid HTML document
*/
- private static function getFeedLink($url)
+ public static function getFeedLink(string $url, string $body)
{
- $curlResult = Network::curl($url);
- if (!$curlResult->isSuccess()) {
- return false;
- }
-
$doc = new DOMDocument();
- if (!@$doc->loadHTML($curlResult->getBody())) {
+ if (!@$doc->loadHTML($body)) {
return false;
}
- $xpath = new DomXPath($doc);
+ $xpath = new DOMXPath($doc);
- //$feeds = $xpath->query("/html/head/link[@type='application/rss+xml']");
- $feeds = $xpath->query("/html/head/link[@type='application/rss+xml' and @rel='alternate']");
- if (!is_object($feeds)) {
- return false;
- }
+ $feedUrl = $xpath->evaluate('string(/html/head/link[@type="application/rss+xml" and @rel="alternate"]/@href)');
- if ($feeds->length == 0) {
- return false;
+ $feedUrl = $feedUrl ? self::ensureAbsoluteLinkFromHTMLDoc($feedUrl, $url, $xpath) : '';
+
+ return $feedUrl;
+ }
+
+ /**
+ * Return an absolute URL in the context of a HTML document retrieved from the provided URL.
+ *
+ * Loosely based on RFC 1808
+ *
+ * @see https://tools.ietf.org/html/rfc1808
+ *
+ * @param string $href The potential relative href found in the HTML document
+ * @param string $base The HTML document URL
+ * @param DOMXPath $xpath The HTML document XPath
+ * @return string
+ */
+ private static function ensureAbsoluteLinkFromHTMLDoc(string $href, string $base, DOMXPath $xpath)
+ {
+ if (filter_var($href, FILTER_VALIDATE_URL)) {
+ return $href;
}
- $feed_url = "";
+ $base = $xpath->evaluate('string(/html/head/base/@href)') ?: $base;
- foreach ($feeds as $feed) {
- $attr = [];
- foreach ($feed->attributes as $attribute) {
- $attr[$attribute->name] = trim($attribute->value);
- }
+ $baseParts = parse_url($base);
- if (empty($feed_url) && !empty($attr['href'])) {
- $feed_url = $attr["href"];
+ // Naked domain case (scheme://basehost)
+ $path = $baseParts['path'] ?? '/';
+
+ // Remove the filename part of the path if it exists (/base/path/file)
+ $path = implode('/', array_slice(explode('/', $path), 0, -1));
+
+ $hrefParts = parse_url($href);
+
+ // Root path case (/path) including relative scheme case (//host/path)
+ if ($hrefParts['path'] && $hrefParts['path'][0] == '/') {
+ $path = $hrefParts['path'];
+ } else {
+ $path = $path . '/' . $hrefParts['path'];
+
+ // Resolve arbitrary relative path
+ // Lifted from https://www.php.net/manual/en/function.realpath.php#84012
+ $parts = array_filter(explode('/', $path), 'strlen');
+ $absolutes = array();
+ foreach ($parts as $part) {
+ if ('.' == $part) continue;
+ if ('..' == $part) {
+ array_pop($absolutes);
+ } else {
+ $absolutes[] = $part;
+ }
}
+
+ $path = '/' . implode('/', $absolutes);
}
- return $feed_url;
+ // Relative scheme case (//host/path)
+ $baseParts['host'] = $hrefParts['host'] ?? $baseParts['host'];
+ $baseParts['path'] = $path;
+ unset($baseParts['query']);
+ unset($baseParts['fragment']);
+
+ return Network::unparseURL($baseParts);
}
/**
return false;
}
- $feed_url = self::getFeedLink($url);
+ $feed_url = self::getFeedLink($url, $feed);
if (!$feed_url) {
return false;