Domů Procházet Nápověda
Přihlásit se
LBP
/
FressRSS
zrcadlo https://github.com/FreshRSS/FreshRSS.git
4
0
Rozštěpit 0
Soubory Úkoly 0 Wiki
Procházet zdrojové kódy

Merge pull request #1087 from Alkarex/HTTPS_Everywhere

Force HTTPS for selected embed providers
Alexandre Alapetite před 10 roky
rodič
911bf6aefe 685c0ad2f8
revize
1e644b6470
6 změnil soubory, kde provedl 113 přidání a 3 odebrání
Rozdělené zobrazení Ukázat statistiku rozdílových dat
  1. 1 0
      data/.gitignore
  2. 6 0
      data/force-https.default.txt
  3. 14 0
      lib/SimplePie/SimplePie.php
  4. 2 2
      lib/SimplePie/SimplePie/Misc.php
  5. 80 1
      lib/SimplePie/SimplePie/Sanitize.php
  6. 10 0
      lib/lib_rss.php

+ 1 - 0
data/.gitignore
Zobrazit soubor 

@@ -7,3 +7,4 @@ no-cache.txt
 
 *.lock.txt
 
 last_update.txt
 
 update.php
 
+force-https.txt

+ 6 - 0
data/force-https.default.txt
Zobrazit soubor 

@@ -0,0 +1,6 @@
 
+dailymotion.com
 
+feedburner.com
 
+gstatic.com
 
+tumblr.com
 
+wordpress.com
 
+youtube.com

+ 14 - 0
lib/SimplePie/SimplePie.php
Zobrazit soubor 

@@ -1123,6 +1123,7 @@ class SimplePie
 
 			$this->strip_attributes(false);
 
 			$this->add_attributes(false);
 
 			$this->set_image_handler(false);
 
+			$this->set_https_domains(array());
 
 		}
 
 	}
 
 
@@ -1233,6 +1234,19 @@ class SimplePie
 
 		$this->sanitize->set_url_replacements($element_attribute);
 
 	}
 
 
+	/**
 
+	 * Set the list of domains for which force HTTPS.
 
+	 * @see SimplePie_Sanitize::set_https_domains()
 
+	 * FreshRSS
 
+	 */
 
+	public function set_https_domains($domains = array())
 
+	{
 
+		if (is_array($domains))
 
+		{
 
+			$this->sanitize->set_https_domains($domains);
 
+		}
 
+	}
 
+
 
 	/**
 
 	 * Set the handler to enable the display of cached images.
 
 	 *

+ 2 - 2
lib/SimplePie/SimplePie/Misc.php
Zobrazit soubor 

@@ -80,8 +80,8 @@ class SimplePie_Misc
 
 	public static function absolutize_url($relative, $base)
 
 	{
 
 		if (substr($relative, 0, 2) === '//')
 
-		{//Allow protocol-relative URLs "//www.example.net" which will pick HTTP or HTTPS automatically
 
-			return $relative;
 
+		{//Protocol-relative URLs "//www.example.net"
 
+			return 'https:' . $relative;
 
 		}
 
 		$iri = SimplePie_IRI::absolutize(new SimplePie_IRI($base), $relative);
 
 		if ($iri === false)

+ 80 - 1
lib/SimplePie/SimplePie/Sanitize.php
Zobrazit soubor 

@@ -73,6 +73,15 @@ class SimplePie_Sanitize
 
 	var $force_fsockopen = false;
 
 	var $replace_url_attributes = null;
 
 
+	/**
 
+	 * List of domains for which force HTTPS.
 
+	 * @see SimplePie_Sanitize::set_https_domains()
 
+	 * Array is tree split at DNS levels. Example:
 
+	 * array('biz' => true, 'com' => array('example' => true), 'net' => array('example') => array('www' => true))
 
+	 * FreshRSS
 
+	 */
 
+	var $https_domains = array('com' => array('dailymotion' => true, 'youtube' => true));
 
+
 
 	public function __construct()
 
 	{
 
 		// Set defaults
 
@@ -242,6 +251,75 @@ class SimplePie_Sanitize
 
 		$this->replace_url_attributes = (array) $element_attribute;
 
 	}
 
 
+	/**
 
+	 * Set the list of domains for which force HTTPS.
 
+	 * @see SimplePie_Misc::https_url()
 
+	 * Example array('biz', 'example.com', 'example.org', 'www.example.net');
 
+	 * FreshRSS
 
+	 */
 
+	public function set_https_domains($domains)
 
+	{
 
+		$this->https_domains = array();
 
+		foreach ($domains as $domain)
 
+		{
 
+			$domain = trim($domain, ". \t\n\r\0\x0B");
 
+			$segments = array_reverse(explode('.', $domain));
 
+			$node =& $this->https_domains;
 
+			foreach ($segments as $segment)
 
+			{//Build a tree
 
+				if ($node === true)
 
+				{
 
+					break;
 
+				}
 
+				if (!isset($node[$segment]))
 
+				{
 
+					$node[$segment] = array();
 
+				}
 
+				$node =& $node[$segment];
 
+			}
 
+			$node = true;
 
+		}
 
+	}
 
+
 
+	/**
 
+	 * Check if the domain is in the list of forced HTTPS
 
+	 * FreshRSS
 
+	 */
 
+	protected function is_https_domain($domain)
 
+	{
 
+		$domain = trim($domain, '. ');
 
+		$segments = array_reverse(explode('.', $domain));
 
+		$node =& $this->https_domains;
 
+		foreach ($segments as $segment)
 
+		{//Explore the tree
 
+			if ($node === true)
 
+			{
 
+				return true;
 
+			}
 
+			if (isset($node[$segment]))
 
+			{
 
+				$node =& $node[$segment];
 
+			}
 
+			else
 
+			{
 
+				break;
 
+			}
 
+		}
 
+		return false;
 
+	}
 
+
 
+	/**
 
+	 * Force HTTPS for selected Web sites
 
+	 * FreshRSS
 
+	 */
 
+	protected function https_url($url)
 
+	{
 
+		return (strtolower(substr($url, 0, 7)) === 'http://') &&
 
+			$this->is_https_domain(parse_url($url, PHP_URL_HOST)) ?
 
+			substr_replace($url, 's', 4, 0) :	//Add the 's' to HTTPS
 
+			$url;
 
+	}
 
+
 
 	public function sanitize($data, $type, $base = '')
 
 	{
 
 		$data = trim($data);
 
@@ -451,7 +529,8 @@ class SimplePie_Sanitize
 
 					if ($element->hasAttribute($attribute))
 
 					{
 
 						$value = $this->registry->call('Misc', 'absolutize_url', array($element->getAttribute($attribute), $this->base));
 
-						if ($value !== false)
 
+						$value = $this->https_url($value);	//FreshRSS
 
+						if ($value)
 
 						{
 
 							$element->setAttribute($attribute, $value);
 
 						}

+ 10 - 0
lib/lib_rss.php
Zobrazit soubor 

@@ -238,6 +238,16 @@ function customSimplePie() {
 
 			'src',
 
 		),
 
 	));
 
+	$https_domains = array();
 
+	$force = @file(DATA_PATH . '/force-https.default.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
 
+	if (is_array($force)) {
 
+		$https_domains = array_merge($https_domains, $force);
 
+	}
 
+	$force = @file(DATA_PATH . '/force-https.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
 
+	if (is_array($force)) {
 
+		$https_domains = array_merge($https_domains, $force);
 
+	}
 
+	$simplePie->set_https_domains($https_domains);
 
 	return $simplePie;
 
 }