Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // To run this proxy as a stand-alone script, edit the options below to the appropriate values ( as-is they use the RePress Wordpress options )
- // You should normally NOT have to change any of these values
- /** -- options -- **/
- $rewritebase = repress_make_rewrite_base();
- $remoteservers = json_decode( get_option('repress_remoteservers'), TRUE );
- $agentstring = "RePress plugin/" . plugin_get_version() . " (PHP " . phpversion() . " streamer) - please read https://all4xs.net";
- if (get_option('repress_push_post') == 'yes') {
- $doPosts = true;
- } else {
- $doPosts = false;
- }
- if (get_option('repress_push_cookie') == 'yes') {
- $doCookies = true;
- } else {
- $doCookies = false;
- }
- if (get_option('repress_secret') !== '') {
- $secret = get_option('repress_secret');
- } else {
- $secret = 'repress'; // make something up if you want to support hashed cookies
- }
- $acceptCookies = array ( '' );
- $GLOBALS['proxydebug'] = false; // debugging? will dump all output to flat file.
- error_reporting(E_NONE);
- /** -- end of options -- **/
- /*** Proxy code begins here. ***/
- // Include dependencies
- // proxyhelp requirement
- require_once('proxyhelp/proxify_html_resource.php');
- // domain functions
- require_once('domains.php');
- // Attempt to destroy cookies above RePress base
- require_once("emptycookieredirect.php");
- /* Process request */
- logline("Proxy intercepted request: " . $_SERVER['REQUEST_URI']);
- $hit = false; $extra = ''; $remoteserver = ''; $abbreviation = ''; $text = false;
- $len = strlen($rewritebase);
- if (strncmp($_SERVER['REQUEST_URI'], $rewritebase, $len) == 0) {
- logline("$rewritebase/ in url. Seems promising at first sight.");
- // strip repress/ part
- if (preg_match("/#/", $rewritebase)) { continue; }
- $strippedRepress = preg_replace("#^" . $rewritebase . "[\/]?#", "", $_SERVER['REQUEST_URI']);
- // strip everything after first slash
- $stripped = preg_replace("/\/.*$/", "", $strippedRepress);
- // domain name should be left over
- // generic domain name validation regular expression
- /** Possible hit. Is the domain one we proxy? **/
- // split into subdomains
- $subdomains = explode('.', $stripped);
- $illegalPart = false;
- foreach ($subdomains as $subdom) {
- if (!is_legal_domain_part($subdom)) {
- logline("ILLEGAL DOMAIN PART $subdom");
- $illegalPart = true;
- break;
- }
- }
- if (!$illegalPart) {
- foreach ($remoteservers as $hostname) {
- // future work: support hash matching in URLs instead of hostnames.
- logline("$hostname -> match checking");
- // split the proxied domain into subdomains
- $proxiedSubdomains = explode('.', $hostname);
- $numParts = count($proxiedSubdomains);
- $okMatch = true;
- if ($numParts > count($subdomains)) {
- logline("no match: subdomains count of request is less");
- $okMatch = false;
- } else {
- for ($i = $numParts - 1, $b = count($subdomains) - 1; $i >= 0; $i--,$b--) {
- if ($proxiedSubdomains[$i] !== $subdomains[$b]) {
- logline("proxied domain subpart " . $proxiedSubdomains[$i] . " does not match " . $subdomains[$b]);
- $okMatch = false;
- break;
- } else {
- logline("proxied domain subpart " . $proxiedSubdomains[$i] . " MATCHES " . $subdomains[$b]);
- }
- }
- }
- if ($okMatch) {
- $hit = true; $remoteserver = $stripped; $abbreviation = $hostname;
- logline("looking for something extra");
- // now strippedRepress looks something like: wikileaks.org[/][....]
- // if no slashes, no extra
- if (strpos($strippedRepress,'/') == FALSE) {
- $extra = '';
- } else {
- // extra is everything after the first slash
- $extra = preg_replace("/^.*?\//", "", $strippedRepress);
- }
- }
- }
- }
- if ($hit == false) {
- header('HTTP/1.0 404 Not Found');
- exit; // close, but no cigar.
- }
- }
- if ($hit) {
- // try to protect against XSS attacks on Wordpress sessions if running as plugin
- if (function_exists('repress_logout_wordpress_user')) {
- repress_logout_wordpress_user();
- }
- // determine net link by stripping the ?GET parameters
- $fopenLink = preg_replace("/\?.*$/", "", "http://$remoteserver/$extra");
- logline("Interpreted! hit as follows:");
- logline("Remoteserver = $remoteserver, abbreviation = $abbreviation, extra = $extra and net open link is http://$remoteserver/$extra");
- // do we do a POST?
- if ($doPosts && is_array($_POST) && count($_POST) > 0) {
- $requestType = 'POST';
- } else {
- $requestType = 'GET';
- }
- // do we do cookies?
- $cookieHeaders = '';
- if ($doCookies && is_array($_COOKIE) && count($_COOKIE) > 0) {
- foreach ($_COOKIE as $name => $val) {
- $encodeName = rawurlencode($name);
- $encodeVal = rawurlencode($val);
- $cookieHeaders .= "Cookie: $encodeName=$encodeVal\r\n";
- }
- }
- /* Establish streaming connection to the remote server */
- if ($requestType == 'GET') {
- $streamOptions = array(
- 'http'=>array(
- 'method'=>"GET",
- 'host'=>$remoteserver,
- 'user_agent'=>$agentstring,
- 'header'=>$cookieHeaders
- )
- );
- } else {
- $postData = http_build_query($_POST);
- $streamOptions = array(
- 'http'=>array(
- 'method'=>"POST",
- 'host'=>$remoteserver,
- 'user_agent'=>$agentstring,
- 'header'=>"Content-type: application/x-www-form-urlencoded\r\n" .
- "Content-Length: " . strlen($postData) . "\r\n" .
- $cookieHeaders,
- 'content'=>$postData
- )
- );
- }
- $context = stream_context_create($streamOptions);
- logline("Open to location " . "http://$remoteserver/$extra");
- $handle = fopen("http://$remoteserver/$extra", "rb", false, $context);
- if ($handle == FALSE) {
- if (isset($GLOBALS['proxydebug']) && $GLOBALS['proxydebug']) {
- echo("Proxy error to: http://$remoteserver/$extra");
- }
- exit;
- }
- /* Start working on headers */
- $one_byte = fread($handle, 1); // mh_edit this is used to stop the "bug" reported here https://bugs.php.net/bug.php?id=46896 where the responce headers are missing
- $meta = stream_get_meta_data($handle);
- $headerData = $meta['wrapper_data'];
- if(is_array($headerData) && is_array(@$headerData['headers'])) $headerData = $headerData['headers']; // mh_edit this is added to get to the actual response headers into $headerData
- if (preg_match("/HTTP.... 30./", $headerData[0])) $redirect = true;
- else {
- $redirect = false;
- }
- $i = 0;
- foreach ($headerData as $line) {
- $i++;
- if ($i > 1 && preg_match("/^HTTP\/1../", $line)) {
- // no multiple HTTP headers will be replied
- exit;
- }
- // make 302 redirects work
- if ($redirect && !preg_match("#$rewritebase#", $line)) {
- // a redirect to root is a redirect to main page here
- $line = preg_replace("#^Location: /#", "Location: $rewritebase/$abbreviation/", $line);
- // we localize redirects to all known hosts, and subdomains of those hosts
- foreach ($remoteservers as $knownhost) {
- $knownhostAbbr = $knownhost; // future work: support hashing
- // an absolute redirect to a main page
- $line = preg_replace("#^Location: http://$knownhost#", "Location: $rewritebase/$knownhostAbbr", $line);
- $line = preg_replace("#^Location: http://$knownhost/#", "Location: $rewritebase/$knownhostAbbr", $line);
- // an absolute redirect to a lower page
- $line = preg_replace("#^Location: http://$knownhost/(.*)$#", "Location: $rewritebase/$knownhostAbbr/$1", $line);
- // Support subdomains
- // an absolute redirect to a main page
- $line = preg_replace("#^Location: http://(.*?)\.$knownhost#", "Location: $rewritebase/$1.$knownhostAbbr", $line);
- $line = preg_replace("#^Location: http://(.*?)\.$knownhost/#", "Location: $rewritebase/$1.$knownhostAbbr", $line);
- // an absolute redirect to a lower page
- $line = preg_replace("#^Location: http://(.*?)\.$knownhost/(.*)$#", "Location: $rewritebase/$1.$knownhostAbbr/$2", $line);
- }
- }
- // cookie handling
- if (preg_match("/^Set-Cookie: /i", $line)) {
- if ($doCookies == false) {
- continue;
- }
- logline("Found cookie header $line");
- // rewrite cookie paths
- if (preg_match("#; path=([^;]*)#", $line, $matches)) {
- $pathNow = $matches[1];
- logline("Cookie path found $pathNow");
- if (preg_match("/^/", $pathNow)) {
- $pathNew = "$rewritebase/$abbreviation" . $pathNow;
- $line = preg_replace("#; path=([^;]*)#", "; path=$pathNew", $line);
- logline("Insecure path. Setting to $pathNew");
- }
- }
- }
- // get content type
- if (preg_match("/^Content-Type: text\/.*$/i", $line)) {
- $text = true;
- }
- // ignore robots header. we have our own
- if (preg_match("/^X-Robots-Tag: /i", $line)) {
- continue;
- }
- // pass through headers
- logline("Give header: $line");
- header($line);
- }
- // After a 30x relocation response, exit immediatly
- if ($redirect) {
- logline("EXIT because relocate");
- exit;
- }
- // add no robots header
- header("X-Robots-Tag: noindex, nofollow", true);
- if ($text) {
- /* Read text page and close handle */
- $contents = $one_byte . stream_get_contents($handle); // mh_edit add the one byte read already to $contents
- fclose($handle);
- } else {
- /* Pass through binary content or non-parsed content */
- echo $one_byte; // mh_edit add the one byte read already to the output stream
- $size = fpassthru($handle)+1; // mh_edit add the one byte read already to the size of the data read
- fclose($handle);
- register_bandwidth_usage($size);
- exit;
- }
- // Proxy rewrite resource
- proxyhelp_init_for_repress($rewritebase, $abbreviation, $remoteservers);
- $contents = proxify_html_resource($contents);
- /* Push text. */
- $size = strlen($contents);
- register_bandwidth_usage($size);
- echo $contents;
- /* Done. */
- exit;
- }
- function register_bandwidth_usage($size) {
- if ( function_exists('repress_register_bandwidth_usage') ) {
- repress_register_bandwidth_usage($size);
- }
- }
- /** Log and debug functions **/
- function logline($line) {
- if (!$GLOBALS['proxydebug']) { return; }
- if (!is_link("/tmp/repress.module.debug.log")) {
- $f = fopen("/tmp/repress.module.debug.log", "a");
- fputs($f, $line . "\n");
- fclose($f);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement