<?php
/**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
use Friendica\Core\Logger;
use Friendica\DI;
use Friendica\Model\Contact;
+use Friendica\Network\HTTPClient\Client\HttpClientAccept;
+use Friendica\Network\HTTPClient\Client\HttpClientOptions;
use Friendica\Network\HTTPException\NotModifiedException;
use GuzzleHttp\Psr7\Uri;
+use Psr\Http\Message\UriInterface;
class Network
{
* and check DNS to see if it's real (or check if is a valid IP address)
*
* @param string $url The URL to be validated
+ *
* @return string|boolean The actual working URL, false else
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/
$url = 'http://' . $url;
}
- /// @TODO Really suppress function outcomes? Why not find them + debug them?
- $h = @parse_url($url);
+ $xrd_timeout = DI::config()->get('system', 'xrd_timeout');
+ $host = parse_url($url, PHP_URL_HOST);
- if (!empty($h['host']) && (@dns_get_record($h['host'], DNS_A + DNS_CNAME) || filter_var($h['host'], FILTER_VALIDATE_IP))) {
- return $url;
+ if (empty($host) || !(filter_var($host, FILTER_VALIDATE_IP) || @dns_get_record($host . '.', DNS_A + DNS_AAAA))) {
+ return false;
}
- return false;
+ if (in_array(parse_url($url, PHP_URL_SCHEME), ['https', 'http'])) {
+ $options = [HttpClientOptions::VERIFY => true, HttpClientOptions::TIMEOUT => $xrd_timeout];
+ try {
+ $curlResult = DI::httpClient()->head($url, $options);
+ } catch (\Exception $e) {
+ return false;
+ }
+
+ // Workaround for systems that can't handle a HEAD request. Don't retry on timeouts.
+ if (!$curlResult->isSuccess() && ($curlResult->getReturnCode() >= 400) && !in_array($curlResult->getReturnCode(), [408, 504])) {
+ try {
+ $curlResult = DI::httpClient()->get($url, HttpClientAccept::DEFAULT, $options);
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+
+ if (!$curlResult->isSuccess()) {
+ Logger::notice('Url not reachable', ['host' => $host, 'url' => $url]);
+ return false;
+ } elseif ($curlResult->isRedirectUrl()) {
+ $url = $curlResult->getRedirectUrl();
+ }
+ }
+
+ return $url;
}
/**
$h = substr($addr, strpos($addr, '@') + 1);
// Concerning the @ see here: https://stackoverflow.com/questions/36280957/dns-get-record-a-temporary-server-error-occurred
- if ($h && (@dns_get_record($h, DNS_A + DNS_MX) || filter_var($h, FILTER_VALIDATE_IP))) {
+ if ($h && (@dns_get_record($h, DNS_A + DNS_AAAA + DNS_MX) || filter_var($h, FILTER_VALIDATE_IP))) {
return true;
}
if ($h && @dns_get_record($h, DNS_CNAME + DNS_MX)) {
* @param string $url The url to check the domain from
*
* @return boolean
+ *
+ * @deprecated since 2023.03 Use isUriBlocked instead
*/
public static function isUrlBlocked(string $url): bool
{
- $host = @parse_url($url, PHP_URL_HOST);
- if (!$host) {
+ try {
+ return self::isUriBlocked(new Uri($url));
+ } catch (\Throwable $e) {
+ Logger::warning('Invalid URL', ['url' => $url]);
+ return false;
+ }
+ }
+
+ /**
+ * Checks if the provided URI domain is on the domain blocklist.
+ *
+ * @param UriInterface $uri
+ * @return boolean
+ */
+ public static function isUriBlocked(UriInterface $uri): bool
+ {
+ if (!$uri->getHost()) {
return false;
}
}
foreach ($domain_blocklist as $domain_block) {
- if (fnmatch(strtolower($domain_block['domain']), strtolower($host))) {
+ if (fnmatch(strtolower($domain_block['domain']), strtolower($uri->getHost()))) {
return true;
}
}
*
* @param string $domain
* @param array $domain_list
+ *
* @return boolean
*/
public static function isDomainAllowed(string $domain, array $domain_list): bool
* Remove Google Analytics and other tracking platforms params from URL
*
* @param string $url Any user-submitted URL that may contain tracking params
+ *
* @return string The same URL stripped of tracking parameters
*/
public static function stripTrackingQueryParams(string $url): string
$pair = $param . '=' . str_replace(' ', '+', $value);
$url = str_replace($pair, '', $url);
- // Third try: Maybey the url isn't encoded at all
+ // Third try: Maybe the url isn't encoded at all
$pair = $param . '=' . $value;
$url = str_replace($pair, '', $url);
*
* @param string $url
* @param string $basepath
+ *
* @return string url
*/
- public static function addBasePath(string $url, string $basepath)
+ public static function addBasePath(string $url, string $basepath): string
{
+ $url = trim($url);
if (!empty(parse_url($url, PHP_URL_SCHEME)) || empty(parse_url($basepath, PHP_URL_SCHEME)) || empty($url) || empty(parse_url($url))) {
return $url;
}
*
* @param string $url1
* @param string $url2
+ *
* @return string The matching part or empty string on error
*/
public static function getUrlMatch(string $url1, string $url2): string
* Glue url parts together
*
* @param array $parsed URL parts
+ *
* @return string|null The glued URL or null on error
* @deprecated since version 2021.12, use GuzzleHttp\Psr7\Uri::fromParts($parts) instead
*/
$scheme = $get('scheme');
$query = $get('query');
$fragment = $get('fragment');
- $authority = ($userinfo !== null ? $userinfo . '@' : '') .
+ $authority = ($userinfo !== null ? $userinfo . '@' : '') .
$get('host') .
($port ? ":$port" : '');
- return (strlen($scheme) ? $scheme . ':' : '') .
- (strlen($authority) ? '//' . $authority : '') .
+ return (!empty($scheme) ? $scheme . ':' : '') .
+ (!empty($authority) ? '//' . $authority : '') .
$get('path') .
- (strlen($query) ? '?' . $query : '') .
- (strlen($fragment) ? '#' . $fragment : '');
+ (!empty($query) ? '?' . $query : '') .
+ (!empty($fragment) ? '#' . $fragment : '');
}
/**
* Convert an URI to an IDN compatible URI
*
* @param string $uri
+ *
* @return string
*/
public static function convertToIdn(string $uri): string
$parts = parse_url($uri);
if (!empty($parts['scheme']) && !empty($parts['host'])) {
$parts['host'] = idn_to_ascii($parts['host']);
- $uri = Uri::fromParts($parts);
+ $uri = (string)Uri::fromParts($parts);
} else {
$parts = explode('@', $uri);
if (count($parts) == 2) {
* Switch the scheme of an url between http and https
*
* @param string $url
+ *
* @return string Switched URL
*/
public static function switchScheme(string $url): string
*
* @param string $path
* @param array $additionalParams Associative array of parameters
+ *
* @return string
*/
public static function appendQueryParam(string $path, array $additionalParams): string
*
* @param string $etag The page etag
* @param string $last_modified The page last modification UTC date
+ *
* @return void
* @throws \Exception
*/
* Check if the given URL is a local link
*
* @param string $url
+ *
* @return bool
*/
public static function isLocalLink(string $url): bool
projects / friendica.git / blobdiff