daily pastebin goal
52%
SHARE
TWEET

Untitled

a guest Mar 17th, 2018 94 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.     /*
  3.         The MIT License (MIT)
  4.  
  5.         Copyright (c) 2014 Oliver Moran
  6.  
  7.         Permission is hereby granted, free of charge, to any person obtaining a copy of
  8.         this software and associated documentation files (the "Software"), to deal in
  9.         the Software without restriction, including without limitation the rights to
  10.         use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
  11.         of the Software, and to permit persons to whom the Software is furnished to do
  12.         so, subject to the following conditions:
  13.  
  14.         The above copyright notice and this permission notice shall be included in all
  15.         copies or substantial portions of the Software.
  16.  
  17.         THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18.         IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  19.         FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  20.         AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  21.         LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  22.         OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  23.         SOFTWARE.
  24.     */
  25.  
  26.     // Used to enable cross-domain AJAX calls.
  27.     // Example: index.php?url=http://www.example.org/resource.json
  28.  
  29.     $url = $_REQUEST["url"];
  30.  
  31.     if (substr ($url, 0, 7) != "http://"
  32.         && substr ($url, 0, 8) != "https://"
  33.         && substr ($url, 0, 6) != "ftp://") {
  34.         // NB: only absolute URLs are allowed -
  35.         // otherwise the script could be used to access local-to-file system files
  36.         die("ERROR: The argument 'url' must be an absolute URL beginning with 'http://', 'https://', or 'ftp://'.");
  37.     }
  38.  
  39.     // temporarily override CURLs user agent with the user's own
  40.     ini_set("user_agent", $_SERVER['HTTP_USER_AGENT']);
  41.  
  42.     // enable access from all domains
  43.     enable_cors();
  44.  
  45.     switch ($_SERVER["REQUEST_METHOD"]) {
  46.         case "GET":
  47.             get($url);
  48.             break;
  49.         default:
  50.             post($url);
  51.             break;
  52.     }
  53.  
  54.  
  55.     // get the contents of the URL and echo the results
  56.     function get($url) {
  57.         if (substr ($url, 0, 8) == "https://") {
  58.             echo getSSL($url);
  59.          } else {
  60.             echo file_get_contents($url);
  61.          }
  62.     }
  63.  
  64.     // gets over HTTPS
  65.     function getSSL($url) {
  66.         $ch = curl_init();
  67.         curl_setopt($ch, CURLOPT_HEADER, false);
  68.         curl_setopt($ch, CURLOPT_URL, $url);
  69.         curl_setopt($ch, CURLOPT_SSLVERSION,3);
  70.         $result = curl_exec($ch);
  71.         curl_close($ch);
  72.         return $result[0];
  73.     }
  74.  
  75.     // post (or put or delete?) the encoded form to the URL and echo the results
  76.     function post($url) {
  77.         $postdata = http_build_query(
  78.             array()
  79.         );
  80.  
  81.         $opts = array('http' =>
  82.             array(
  83.                 'method'  => $_SERVER['REQUEST_METHOD'],
  84.                 'header'  => 'Content-type: application/x-www-form-urlencoded',
  85.                 'content' => $postdata
  86.             )
  87.         );
  88.  
  89.         $context  = stream_context_create($opts);
  90.  
  91.         // get the contents of the external URL and echo it
  92.         echo file_get_contents($url, false, $context);
  93.     }
  94.  
  95.     /**
  96.      *  An example CORS-compliant method.  It will allow any GET, POST, or OPTIONS requests from any
  97.      *  origin.
  98.      *
  99.      *  In a production environment, you probably want to be more restrictive, but this gives you
  100.      *  the general idea of what is involved.  For the nitty-gritty low-down, read:
  101.      *
  102.      *  - https://developer.mozilla.org/en/HTTP_access_control
  103.      *  - http://www.w3.org/TR/cors/
  104.      *
  105.      */
  106.     function enable_cors() {
  107.         // Allow from any origin
  108.         if (isset($_SERVER['HTTP_ORIGIN'])) {
  109.             header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
  110.             header('Access-Control-Allow-Credentials: true');;
  111.             header('Access-Control-Max-Age: 86400');    // cache for 1 day
  112.         } else {
  113.             header("Access-Control-Allow-Origin: *");
  114.             header('Access-Control-Allow-Credentials: true');;
  115.             header('Access-Control-Max-Age: 86400');    // cache for 1 day
  116.         }
  117.  
  118.         // Access-Control headers are received during OPTIONS requests
  119.         if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
  120.  
  121.             if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
  122.                 header("Access-Control-Allow-Methods: GET, POST, OPTIONS");      
  123.  
  124.             if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
  125.                 header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
  126.  
  127.             exit(0);
  128.         }
  129.     }
  130. ?>
  131.    
  132. <!DOCTYPE html>
  133. <html>
  134.  
  135. <head>
  136.  
  137.     <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
  138.  
  139.     <script>
  140.         $(document).ready(function(){
  141.             $( "#result" ).load( "http://mywebsite.com/proxy.php?url=https://externalwebsite.com/index.php" );
  142.         });
  143.         </script>
  144.  
  145. </head>
  146.  
  147. <body>
  148.  
  149.     <h1> Test Page Index </h1>
  150.  
  151.     <div id="result"></div>
  152.  
  153. </body>
  154.  
  155. </html>
  156.    
  157. $username = myusername;
  158. $password = mypassword;
  159. curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
  160.    
  161. <!DOCTYPE html>
  162. <html>
  163.  
  164. <head>
  165.  
  166.     <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
  167.  
  168.     <script>
  169.         $(document).ready(function(){
  170.             $( "#result" ).load( "http://mywebsite.com/corsproxy.php?url=http://google.com" );
  171.         });
  172.         </script>
  173.  
  174. </head>
  175.  
  176. <body>
  177.  
  178.     <h1> Test Page Index </h1>
  179.  
  180.     <div id="result"></div>
  181.  
  182. </body>
  183.  
  184. </html>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top