search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
This commit starts the refactoring of the gadget rendering implementation to accomeda...
[shindig.git] / php / src / gadgets / ProxyHandler.php
blob7c1f388d33f6f4a52183c086493f321103e7767b
1 <?php
2 /**
3 * Licensed to the Apache Software Foundation (ASF) under one
4 * or more contributor license agreements. See the NOTICE file
5 * distributed with this work for additional information
6 * regarding copyright ownership. The ASF licenses this file
7 * to you under the Apache License, Version 2.0 (the
8 * "License"); you may not use this file except in compliance
9 * with the License. You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing,
14 * software distributed under the License is distributed on an
15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 * KIND, either express or implied. See the License for the
17 * specific language governing permissions and limitations
18 * under the License.
19 */
20
21 // according to features/core/io.js, this is high on the list of things to scrap
22 define('UNPARSEABLE_CRUFT', "throw 1; < don't be evil' >");
23
24 /**
25 * The ProxyHandler class does the actual proxy'ing work. it deals both with
26 * GET and POST based input, and peforms a request based on the input, headers and
27 * httpmethod params.
28 *
29 */
30 class ProxyHandler extends ProxyBase {
31
32 /**
33 * Fetches the content and returns it as-is using the headers as returned
34 * by the remote host.
35 *
36 * @param string $url the url to retrieve
37 */
38 public function fetch($url) {
39 $url = $this->validateUrl($url);
40 $result = $this->fetchContent($url, 'GET');
41 $status = (int)$result->getHttpCode();
42 if ($status == 200) {
43 $headers = explode("\n", $result->getResponseHeaders());
44 $isShockwaveFlash = false;
45 foreach ($headers as $header) {
46 if (strpos($header, ':')) {
47 $key = trim(substr($header, 0, strpos($header, ':')));
48 $key = str_replace(' ', '-', ucwords(str_replace('-', ' ', $key))); // force the header name to have the proper Header-Name casing
49 $val = trim(substr($header, strpos($header, ':') + 1));
50 // filter out headers that would otherwise mess up our output
51 if (! in_array($key, $this->disallowedHeaders)) {
52 header("$key: $val", true);
53 } else {
54 }
55 if ($key == 'Content-Type' && strtolower($val) == 'application/x-shockwave-flash') {
56 // We're skipping the content disposition header for flash due to an issue with Flash player 10
57 // This does make some sites a higher value phishing target, but this can be mitigated by
58 // additional referer checks.
59 $isShockwaveFlash = true;
60 }
61 }
62 }
63 if (! $isShockwaveFlash) {
64 header('Content-Disposition: attachment;filename=p.txt');
65 }
66 $lastModified = $result->getResponseHeader('Last-Modified') != null ? $result->getResponseHeader('Last-Modified') : gmdate('D, d M Y H:i:s', $result->getCreated()) . ' GMT';
67 $notModified = false;
68 if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $lastModified && ! isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
69 $if_modified_since = strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']);
70 // Use the request's Last-Modified, otherwise fall back on our internal time keeping (the time the request was created)
71 $lastModified = strtotime($lastModified);
72 if ($lastModified <= $if_modified_since) {
73 $notModified = true;
74 }
75 }
76 $this->setCachingHeaders($lastModified);
77 // If the cached file time is within the refreshInterval params value, return not-modified
78 if ($notModified) {
79 header('HTTP/1.0 304 Not Modified', true);
80 header('Content-Length: 0', true);
81 } else {
82 // then echo the content
83 echo $result->getResponseContent();
84 }
85 } else {
86 @ob_end_clean();
87 header("HTTP/1.0 404 Not Found", true);
88 echo "<html><body><h1>404 - Not Found ($status)</h1>";
89 echo "</body></html>";
90 }
91 }
92 }
Apache Shindig clone (open social container)