]> git.mxchange.org Git - friendica.git/blobdiff - src/Network/Probe.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Avoid local network communication / invalid url requests
[friendica.git] / src / Network / Probe.php
diff --git a/src/Network/Probe.php b/src/Network/Probe.php
index 45b838da215cfaf7cf97544588986893c90469d9..e1bedf5e5358e1fa51bf9e26aa2d6d4c455a7d9b 100644 (file)
--- a/src/Network/Probe.php
+++ b/src/Network/Probe.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -38,8 +38,10 @@ use Friendica\Network\HTTPClient\Client\HttpClientAccept;
 use Friendica\Network\HTTPClient\Client\HttpClientOptions;
 use Friendica\Protocol\ActivityNamespace;
 use Friendica\Protocol\ActivityPub;
+use Friendica\Protocol\Diaspora;
 use Friendica\Protocol\Email;
 use Friendica\Protocol\Feed;
+use Friendica\Protocol\Salmon;
 use Friendica\Util\Crypto;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Network;
@@ -109,7 +111,8 @@ class Probe
         */
        private static function rearrangeData(array $data): array
        {
-               $fields = ['name', 'nick', 'guid', 'url', 'addr', 'alias', 'photo', 'header',
+               $fields = ['name', 'given_name', 'family_name', 'nick', 'guid', 'url', 'addr', 'alias',
+                       'photo', 'photo_medium', 'photo_small', 'header',
                                'account-type', 'community', 'keywords', 'location', 'about', 'xmpp', 'matrix',
                                'hide', 'batch', 'notify', 'poll', 'request', 'confirm', 'subscribe', 'poco',
                                'following', 'followers', 'inbox', 'outbox', 'sharedinbox',
@@ -117,13 +120,18 @@ class Probe
 
                $numeric_fields = ['gsid', 'hide', 'account-type', 'manually-approve'];
 
+               if (!empty($data['photo']) && !Network::isValidHttpUrl($data['photo'])) {
+                       Logger::info('Invalid URL for photo', ['url' => $data['url'], 'photo' => $data['photo']]);
+                       unset($data['photo']);
+               }
+
                $newdata = [];
                foreach ($fields as $field) {
                        if (isset($data[$field])) {
                                if (in_array($field, $numeric_fields)) {
                                        $newdata[$field] = (int)$data[$field];
                                } else {
-                                       $newdata[$field] = $data[$field];
+                                       $newdata[$field] = trim($data[$field]);
                                }
                        } elseif (!in_array($field, $numeric_fields)) {
                                $newdata[$field] = '';
@@ -132,6 +140,26 @@ class Probe
                        }
                }
 
+               $newdata['networks'] = [];
+               foreach ([Protocol::DIASPORA, Protocol::OSTATUS] as $network) {
+                       if (!empty($data['networks'][$network])) {
+                               $data['networks'][$network]['subscribe'] = $newdata['subscribe'] ?? '';
+                               if (empty($data['networks'][$network]['baseurl'])) {
+                                       $data['networks'][$network]['baseurl'] = $newdata['baseurl'] ?? '';
+                               } else {
+                                       $newdata['baseurl'] = $data['networks'][$network]['baseurl'];
+                               }
+                               if (!empty($newdata['baseurl'])) {
+                                       $newdata['gsid'] = $data['networks'][$network]['gsid'] = GServer::getID($newdata['baseurl']);
+                               } else {
+                                       $newdata['gsid'] = $data['networks'][$network]['gsid'] = null;
+                               }
+
+                               $newdata['networks'][$network] = self::rearrangeData($data['networks'][$network]);
+                               unset($newdata['networks'][$network]['networks']);
+                       }
+               }
+
                // We don't use the "priority" field anymore and replace it with a dummy.
                $newdata['priority'] = 0;
 
@@ -343,7 +371,13 @@ class Probe
                                $data = [];
                        }
                        if (empty($data) || (!empty($ap_profile) && empty($network) && (($data['network'] ?? '') != Protocol::DFRN))) {
+                               $networks = $data['networks'] ?? [];
+                               unset($data['networks']);
+                               if (!empty($data['network'])) {
+                                       $networks[$data['network']] = $data;
+                               }
                                $data = $ap_profile;
+                               $data['networks'] = $networks;
                        } elseif (!empty($ap_profile)) {
                                $ap_profile['batch'] = '';
                                $data = array_merge($ap_profile, $data);
@@ -667,7 +701,7 @@ class Probe
                }
 
                $parts = parse_url($uri);
-               if (empty($parts['scheme']) && empty($parts['host']) && !strstr($parts['path'], '@')) {
+               if (empty($parts['scheme']) && empty($parts['host']) && (empty($parts['path']) || strpos($parts['path'], '@') === false)) {
                        Logger::info('URI was not detectable', ['uri' => $uri]);
                        return [];
                }
@@ -714,15 +748,19 @@ class Probe
                }
                if ((!$result && ($network == '')) || ($network == Protocol::DIASPORA)) {
                        $result = self::diaspora($webfinger);
+               } else {
+                       $result['networks'][Protocol::DIASPORA] = self::diaspora($webfinger);
                }
                if ((!$result && ($network == '')) || ($network == Protocol::OSTATUS)) {
                        $result = self::ostatus($webfinger);
+               } else {
+                       $result['networks'][Protocol::OSTATUS] = self::ostatus($webfinger);
                }
                if (in_array($network, ['', Protocol::ZOT])) {
                        $result = self::zot($webfinger, $result, $baseurl);
                }
                if ((!$result && ($network == '')) || ($network == Protocol::PUMPIO)) {
-                       $result = self::pumpio($webfinger, $addr);
+                       $result = self::pumpio($webfinger, $addr, $baseurl);
                }
                if (empty($result['network']) && empty($ap_profile['network']) || ($network == Protocol::FEED)) {
                        $result = self::feed($uri);
@@ -1289,9 +1327,19 @@ class Probe
                                $data['name'] = $search->item(0)->nodeValue;
                        }
 
+                       $search = $xpath->query("//*[contains(concat(' ', @class, ' '), ' given_name ')]", $vcard); // */
+                       if ($search->length > 0) {
+                               $data["given_name"] = $search->item(0)->nodeValue;
+                       }
+
+                       $search = $xpath->query("//*[contains(concat(' ', @class, ' '), ' family_name ')]", $vcard); // */
+                       if ($search->length > 0) {
+                               $data["family_name"] = $search->item(0)->nodeValue;
+                       }
+
                        $search = $xpath->query("//*[contains(concat(' ', @class, ' '), ' searchable ')]", $vcard); // */
                        if ($search->length > 0) {
-                               $data['searchable'] = $search->item(0)->nodeValue;
+                               $data['hide'] = (strtolower($search->item(0)->nodeValue) != 'true');
                        }
 
                        $search = $xpath->query("//*[contains(concat(' ', @class, ' '), ' key ')]", $vcard); // */
@@ -1308,7 +1356,7 @@ class Probe
                        }
                }
 
-               $avatar = [];
+               $avatars = [];
                if (!empty($vcard)) {
                        $photos = $xpath->query("//*[contains(concat(' ', @class, ' '), ' photo ') or contains(concat(' ', @class, ' '), ' avatar ')]", $vcard); // */
                        foreach ($photos as $photo) {
@@ -1318,20 +1366,27 @@ class Probe
                                }
 
                                if (isset($attr['src']) && isset($attr['width'])) {
-                                       $avatar[$attr['width']] = $attr['src'];
+                                       $avatars[$attr['width']] = self::fixAvatar($attr['src'], $data['baseurl']);
                                }
 
                                // We don't have a width. So we just take everything that we got.
                                // This is a Hubzilla workaround which doesn't send a width.
-                               if ((sizeof($avatar) == 0) && !empty($attr['src'])) {
-                                       $avatar[] = $attr['src'];
+                               if (!$avatars && !empty($attr['src'])) {
+                                       $avatars[] = self::fixAvatar($attr['src'], $data['baseurl']);
                                }
                        }
                }
 
-               if (sizeof($avatar)) {
-                       ksort($avatar);
-                       $data['photo'] = self::fixAvatar(array_pop($avatar), $data['baseurl']);
+               if ($avatars) {
+                       ksort($avatars);
+                       $data['photo'] = array_pop($avatars);
+                       if ($avatars) {
+                               $data['photo_medium'] = array_pop($avatars);
+                       }
+
+                       if ($avatars) {
+                               $data['photo_small'] = array_pop($avatars);
+                       }
                }
 
                if ($dfrn) {
@@ -1355,7 +1410,6 @@ class Probe
                        }
                }
 
-
                return $data;
        }
 
@@ -1512,12 +1566,10 @@ class Probe
                                                $pubkey = $curlResult->getBody();
                                        }
 
-                                       $key = explode('.', $pubkey);
+                                       try {
+                                               $data['pubkey'] = Salmon::magicKeyToPem($pubkey);
+                                       } catch (\Throwable $e) {
 
-                                       if (sizeof($key) >= 3) {
-                                               $m = Strings::base64UrlDecode($key[1]);
-                                               $e = Strings::base64UrlDecode($key[2]);
-                                               $data['pubkey'] = Crypto::meToPem($m, $e);
                                        }
                                }
                        }
@@ -1588,7 +1640,7 @@ class Probe
         *
         * @return array Profile data
         */
-       private static function pumpioProfileData(string $profile_link): array
+       private static function pumpioProfileData(string $profile_link, string $baseurl): array
        {
                $curlResult = DI::httpClient()->get($profile_link, HttpClientAccept::HTML);
                if (!$curlResult->isSuccess() || empty($curlResult->getBody())) {
@@ -1634,6 +1686,9 @@ class Probe
                        foreach ($avatar->attributes as $attribute) {
                                if ($attribute->name == 'src') {
                                        $data['photo'] = trim($attribute->value);
+                                       if (!empty($data['photo']) && !parse_url($data['photo'], PHP_URL_SCHEME) && !parse_url($data['photo'], PHP_URL_HOST)) {
+                                               $data['photo'] = $baseurl . $data['photo'];
+                                       }
                                }
                        }
                }
@@ -1649,7 +1704,7 @@ class Probe
         *
         * @return array pump.io data
         */
-       private static function pumpio(array $webfinger, string $addr): array
+       private static function pumpio(array $webfinger, string $addr, string $baseurl): array
        {
                $data = [];
                // The array is reversed to take into account the order of preference for same-rel links
@@ -1681,7 +1736,7 @@ class Probe
                        return [];
                }
 
-               $profile_data = self::pumpioProfileData($data['url']);
+               $profile_data = self::pumpioProfileData($data['url'], $baseurl);
 
                if (!$profile_data) {
                        return [];
@@ -1721,6 +1776,7 @@ class Probe
                $xpath = new DOMXPath($doc);
 
                $feedUrl = $xpath->evaluate('string(/html/head/link[@type="application/rss+xml" and @rel="alternate"]/@href)');
+               $feedUrl = $feedUrl ?: $xpath->evaluate('string(/html/head/link[@type="application/atom+xml" and @rel="alternate"]/@href)');
 
                $feedUrl = $feedUrl ? self::ensureAbsoluteLinkFromHTMLDoc($feedUrl, $url, $xpath) : '';
 
@@ -2171,6 +2227,8 @@ class Probe
                        $owner     = User::getOwnerDataById($uid);
                        $approfile = ActivityPub\Transmitter::getProfile($uid);
 
+                       $split_name = Diaspora::splitName($owner['name']);
+
                        if (empty($owner['gsid'])) {
                                $owner['gsid'] = GServer::getID($approfile['generator']['url']);
                        }
@@ -2190,7 +2248,28 @@ class Probe
                                'inbox'            => $approfile['inbox'], 'outbox' => $approfile['outbox'],
                                'sharedinbox'      => $approfile['endpoints']['sharedInbox'], 'network' => Protocol::DFRN,
                                'pubkey'           => $owner['upubkey'], 'baseurl' => $approfile['generator']['url'], 'gsid' => $owner['gsid'],
-                               'manually-approve' => in_array($owner['page-flags'], [User::PAGE_FLAGS_NORMAL, User::PAGE_FLAGS_PRVGROUP])
+                               'manually-approve' => in_array($owner['page-flags'], [User::PAGE_FLAGS_NORMAL, User::PAGE_FLAGS_PRVGROUP]),
+                               'networks' => [
+                                       Protocol::DIASPORA => [
+                                               'name'         => $owner['name'],
+                                               'given_name'   => $split_name['first'],
+                                               'family_name'  => $split_name['last'],
+                                               'nick'         => $owner['nick'],
+                                               'guid'         => $approfile['diaspora:guid'],
+                                               'url'          => $owner['url'],
+                                               'addr'         => $owner['addr'],
+                                               'alias'        => $owner['alias'],
+                                               'photo'        => $owner['photo'],
+                                               'photo_medium' => $owner['thumb'],
+                                               'photo_small'  => $owner['micro'],
+                                               'batch'        => $approfile['generator']['url'] . '/receive/public',
+                                               'notify'       => $owner['notify'],
+                                               'poll'         => $owner['poll'],
+                                               'poco'         => $owner['poco'],
+                                               'network'      => Protocol::DIASPORA,
+                                               'pubkey'       => $owner['upubkey'],
+                                       ]
+                               ]
                        ];
                } catch (Exception $e) {
                        // Default values for non existing targets
Unnamed repository; edit this file 'description' to name the repository.