<?php
/**
- * @copyright Copyright (C) 2020, Friendica
+ * @copyright Copyright (C) 2010-2021, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
namespace Friendica\Util;
-use DOMDocument;
-use DomXPath;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
-use Friendica\Core\System;
use Friendica\DI;
+use Friendica\Model\Contact;
class Network
{
return false;
}
+ /**
+ * Checks if the provided url is on the list of domains where redirects are blocked.
+ * Returns true if it is or malformed URL, false if not.
+ *
+ * @param string $url The url to check the domain from
+ *
+ * @return boolean
+ */
+ public static function isRedirectBlocked(string $url)
+ {
+ $host = @parse_url($url, PHP_URL_HOST);
+ if (!$host) {
+ return false;
+ }
+
+ $no_redirect_list = DI::config()->get('system', 'no_redirect_list', []);
+ if (!$no_redirect_list) {
+ return false;
+ }
+
+ foreach ($no_redirect_list as $no_redirect) {
+ if (fnmatch(strtolower($no_redirect), strtolower($host))) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
/**
* Check if email address is allowed to register here.
*
Hook::callAll('avatar_lookup', $avatar);
if (! $avatar['success']) {
- $avatar['url'] = DI::baseUrl() . '/images/person-300.jpg';
+ $avatar['url'] = DI::baseUrl() . Contact::DEFAULT_AVATAR_PHOTO;
}
Logger::log('Avatar: ' . $avatar['email'] . ' ' . $avatar['url'], Logger::DEBUG);
return self::unparseURL($parts);
}
- /**
- * Returns the original URL of the provided URL
- *
- * This function strips tracking query params and follows redirections, either
- * through HTTP code or meta refresh tags. Stops after 10 redirections.
- *
- * @todo Remove the $fetchbody parameter that generates an extraneous HEAD request
- *
- * @see ParseUrl::getSiteinfo
- *
- * @param string $url A user-submitted URL
- * @param int $depth The current redirection recursion level (internal)
- * @param bool $fetchbody Wether to fetch the body or not after the HEAD requests
- * @return string A canonical URL
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
- */
- public static function finalUrl(string $url, int $depth = 1, bool $fetchbody = false)
- {
- $a = DI::app();
-
- $url = self::stripTrackingQueryParams($url);
-
- if ($depth > 10) {
- return $url;
- }
-
- $url = trim($url, "'");
-
- $stamp1 = microtime(true);
-
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_NOBODY, 1);
- curl_setopt($ch, CURLOPT_TIMEOUT, 10);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_USERAGENT, $a->getUserAgent());
-
- curl_exec($ch);
- $curl_info = @curl_getinfo($ch);
- $http_code = $curl_info['http_code'];
- curl_close($ch);
-
- DI::profiler()->saveTimestamp($stamp1, "network", System::callstack());
-
- if ($http_code == 0) {
- return $url;
- }
-
- if (in_array($http_code, ['301', '302'])) {
- if (!empty($curl_info['redirect_url'])) {
- return self::finalUrl($curl_info['redirect_url'], ++$depth, $fetchbody);
- } elseif (!empty($curl_info['location'])) {
- return self::finalUrl($curl_info['location'], ++$depth, $fetchbody);
- }
- }
-
- // Check for redirects in the meta elements of the body if there are no redirects in the header.
- if (!$fetchbody) {
- return(self::finalUrl($url, ++$depth, true));
- }
-
- // if the file is too large then exit
- if ($curl_info["download_content_length"] > 1000000) {
- return $url;
- }
-
- // if it isn't a HTML file then exit
- if (!empty($curl_info["content_type"]) && !strstr(strtolower($curl_info["content_type"]), "html")) {
- return $url;
- }
-
- $stamp1 = microtime(true);
-
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_NOBODY, 0);
- curl_setopt($ch, CURLOPT_TIMEOUT, 10);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_USERAGENT, $a->getUserAgent());
-
- $body = curl_exec($ch);
- curl_close($ch);
-
- DI::profiler()->saveTimestamp($stamp1, "network", System::callstack());
-
- if (trim($body) == "") {
- return $url;
- }
-
- // Check for redirect in meta elements
- $doc = new DOMDocument();
- @$doc->loadHTML($body);
-
- $xpath = new DomXPath($doc);
-
- $list = $xpath->query("//meta[@content]");
- foreach ($list as $node) {
- $attr = [];
- if ($node->attributes->length) {
- foreach ($node->attributes as $attribute) {
- $attr[$attribute->name] = $attribute->value;
- }
- }
-
- if (@$attr["http-equiv"] == 'refresh') {
- $path = $attr["content"];
- $pathinfo = explode(";", $path);
- foreach ($pathinfo as $value) {
- if (substr(strtolower($value), 0, 4) == "url=") {
- return self::finalUrl(substr($value, 4), ++$depth);
- }
- }
- }
- }
-
- return $url;
- }
-
/**
* Find the matching part between two url
*
projects / friendica.git / blobdiff