<?php
/**
- * @file src/Util/Network.php
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
*/
+
namespace Friendica\Util;
use DOMDocument;
use DomXPath;
-use Friendica\Core\Config;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\System;
* Set the cookiejar argument to a string (e.g. "/tmp/friendica-cookies.txt")
* to preserve cookies from one request to the next.
*
- * @brief Curl wrapper
* @param string $url URL to fetch
* @param bool $binary default false
* TRUE if asked to return binary results (file download)
* Inner workings and parameters are the same as @ref fetchUrl but returns an array with
* all the information collected during the fetch.
*
- * @brief Curl wrapper with array of return values.
* @param string $url URL to fetch
* @param bool $binary default false
* TRUE if asked to return binary results (file download)
}
/**
- * @brief fetches an URL.
+ * fetches an URL.
*
* @param string $url URL to fetch
* @param bool $binary default false
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@curl_setopt($ch, CURLOPT_USERAGENT, $a->getUserAgent());
- $range = intval(Config::get('system', 'curl_range_bytes', 0));
+ $range = intval(DI::config()->get('system', 'curl_range_bytes', 0));
if ($range > 0) {
@curl_setopt($ch, CURLOPT_RANGE, '0-' . $range);
if (!empty($opts['timeout'])) {
@curl_setopt($ch, CURLOPT_TIMEOUT, $opts['timeout']);
} else {
- $curl_time = Config::get('system', 'curl_timeout', 60);
+ $curl_time = DI::config()->get('system', 'curl_timeout', 60);
@curl_setopt($ch, CURLOPT_TIMEOUT, intval($curl_time));
}
// by default we will allow self-signed certs
// but you can override this
- $check_cert = Config::get('system', 'verifyssl');
+ $check_cert = DI::config()->get('system', 'verifyssl');
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
if ($check_cert) {
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
}
- $proxy = Config::get('system', 'proxy');
+ $proxy = DI::config()->get('system', 'proxy');
if (strlen($proxy)) {
@curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
@curl_setopt($ch, CURLOPT_PROXY, $proxy);
- $proxyuser = @Config::get('system', 'proxyuser');
+ $proxyuser = @DI::config()->get('system', 'proxyuser');
if (strlen($proxyuser)) {
@curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyuser);
}
}
- if (Config::get('system', 'ipv4_resolve', false)) {
+ if (DI::config()->get('system', 'ipv4_resolve', false)) {
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
}
}
/**
- * @brief Send POST request to $url
+ * Send POST request to $url
*
* @param string $url URL to post
* @param mixed $params array of POST variables
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_USERAGENT, $a->getUserAgent());
- if (Config::get('system', 'ipv4_resolve', false)) {
+ if (DI::config()->get('system', 'ipv4_resolve', false)) {
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
}
if (intval($timeout)) {
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
} else {
- $curl_time = Config::get('system', 'curl_timeout', 60);
+ $curl_time = DI::config()->get('system', 'curl_timeout', 60);
curl_setopt($ch, CURLOPT_TIMEOUT, intval($curl_time));
}
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
}
- $check_cert = Config::get('system', 'verifyssl');
+ $check_cert = DI::config()->get('system', 'verifyssl');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
if ($check_cert) {
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
}
- $proxy = Config::get('system', 'proxy');
+ $proxy = DI::config()->get('system', 'proxy');
if (strlen($proxy)) {
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
curl_setopt($ch, CURLOPT_PROXY, $proxy);
- $proxyuser = Config::get('system', 'proxyuser');
+ $proxyuser = DI::config()->get('system', 'proxyuser');
if (strlen($proxyuser)) {
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyuser);
}
}
/**
- * @brief Check URL to see if it's real
+ * Check URL to see if it's real
*
* Take a URL from the wild, prepend http:// if necessary
* and check DNS to see if it's real (or check if is a valid IP address)
*/
public static function isUrlValid(string $url)
{
- if (Config::get('system', 'disable_url_validation')) {
+ if (DI::config()->get('system', 'disable_url_validation')) {
return $url;
}
}
/**
- * @brief Checks that email is an actual resolvable internet address
+ * Checks that email is an actual resolvable internet address
*
* @param string $addr The email address
* @return boolean True if it's a valid email address, false if it's not
*/
public static function isEmailDomainValid(string $addr)
{
- if (Config::get('system', 'disable_email_validation')) {
+ if (DI::config()->get('system', 'disable_email_validation')) {
return true;
}
}
/**
- * @brief Check if URL is allowed
+ * Check if URL is allowed
*
* Check $url against our list of allowed sites,
* wildcards allowed. If allowed_sites is unset return true;
return false;
}
- $str_allowed = Config::get('system', 'allowed_sites');
+ $str_allowed = DI::config()->get('system', 'allowed_sites');
if (! $str_allowed) {
return true;
}
return false;
}
- $domain_blocklist = Config::get('system', 'blocklist', []);
+ $domain_blocklist = DI::config()->get('system', 'blocklist', []);
if (!$domain_blocklist) {
return false;
}
}
/**
- * @brief Check if email address is allowed to register here.
+ * Check if email address is allowed to register here.
*
* Compare against our list (wildcards allowed).
*
return false;
}
- $str_allowed = Config::get('system', 'allowed_email', '');
+ $str_allowed = DI::config()->get('system', 'allowed_email', '');
if (empty($str_allowed)) {
return true;
}
/**
* Checks for the existence of a domain in a domain list
*
- * @brief Checks for the existence of a domain in a domain list
* @param string $domain
* @param array $domain_list
* @return boolean
}
/**
- * @brief Remove Google Analytics and other tracking platforms params from URL
+ * Remove Google Analytics and other tracking platforms params from URL
*
* @param string $url Any user-submitted URL that may contain tracking params
* @return string The same URL stripped of tracking parameters
}
/**
- * @brief Returns the original URL of the provided URL
+ * Returns the original URL of the provided URL
*
* This function strips tracking query params and follows redirections, either
* through HTTP code or meta refresh tags. Stops after 10 redirections.
}
/**
- * @brief Find the matching part between two url
+ * Find the matching part between two url
*
* @param string $url1
* @param string $url2
}
/**
- * @brief Glue url parts together
+ * Glue url parts together
*
* @param array $parsed URL parts
*
return $url;
}
+
+ /**
+ * Adds query string parameters to the provided URI. Replace the value of existing keys.
+ *
+ * @param string $path
+ * @param array $additionalParams Associative array of parameters
+ * @return string
+ */
+ public static function appendQueryParam(string $path, array $additionalParams)
+ {
+ $parsed = parse_url($path);
+
+ $params = [];
+ if (!empty($parsed['query'])) {
+ parse_str($parsed['query'], $params);
+ }
+
+ $params = array_merge($params, $additionalParams);
+
+ $parsed['query'] = http_build_query($params);
+
+ return self::unparseURL($parsed);
+ }
+
+ /**
+ * Generates ETag and Last-Modified response headers and checks them against
+ * If-None-Match and If-Modified-Since request headers if present.
+ *
+ * Blocking function, sends 304 headers and exits if check passes.
+ *
+ * @param string $etag The page etag
+ * @param string $last_modified The page last modification UTC date
+ * @throws \Exception
+ */
+ public static function checkEtagModified(string $etag, string $last_modified)
+ {
+ $last_modified = DateTimeFormat::utc($last_modified, 'D, d M Y H:i:s') . ' GMT';
+
+ /**
+ * @see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.26
+ */
+ $if_none_match = filter_input(INPUT_SERVER, 'HTTP_IF_NONE_MATCH');
+ $if_modified_since = filter_input(INPUT_SERVER, 'HTTP_IF_MODIFIED_SINCE');
+ $flag_not_modified = null;
+ if ($if_none_match) {
+ $result = [];
+ preg_match('/^(?:W\/")?([^"]+)"?$/i', $etag, $result);
+ $etagTrimmed = $result[1];
+ // Lazy exact ETag match, could check weak/strong ETags
+ $flag_not_modified = $if_none_match == '*' || strpos($if_none_match, $etagTrimmed) !== false;
+ }
+
+ if ($if_modified_since && (!$if_none_match || $flag_not_modified)) {
+ // Lazy exact Last-Modified match, could check If-Modified-Since validity
+ $flag_not_modified = $if_modified_since == $last_modified;
+ }
+
+ header('Etag: ' . $etag);
+ header('Last-Modified: ' . $last_modified);
+
+ if ($flag_not_modified) {
+ header("HTTP/1.1 304 Not Modified");
+ exit;
+ }
+ }
}