rewrite_relative: whitelist specific schemes for URLs with 'known' content-types i.e. specified for enclosures
This commit is contained in:
parent
89ef98e57e
commit
74a247fc5c
|
@ -736,7 +736,7 @@ class RSSUtils {
|
||||||
|
|
||||||
// TODO: Just use FeedEnclosure (and modify it to cover whatever justified this)?
|
// TODO: Just use FeedEnclosure (and modify it to cover whatever justified this)?
|
||||||
$e_item = array(
|
$e_item = array(
|
||||||
UrlHelper::rewrite_relative($site_url, $e->link),
|
UrlHelper::rewrite_relative($site_url, $e->link, "", "", $e->type),
|
||||||
$e->type, $e->length, $e->title, $e->width, $e->height);
|
$e->type, $e->length, $e->title, $e->width, $e->height);
|
||||||
|
|
||||||
// Yet another episode of "mysql utf8_general_ci is gimped"
|
// Yet another episode of "mysql utf8_general_ci is gimped"
|
||||||
|
|
|
@ -6,6 +6,10 @@ class UrlHelper {
|
||||||
"tel"
|
"tel"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
const EXTRA_SCHEMES_BY_CONTENT_TYPE = [
|
||||||
|
"application/x-bittorrent" => [ "magnet" ],
|
||||||
|
];
|
||||||
|
|
||||||
// TODO: class properties can be switched to PHP typing if/when the minimum PHP_VERSION is raised to 7.4.0+
|
// TODO: class properties can be switched to PHP typing if/when the minimum PHP_VERSION is raised to 7.4.0+
|
||||||
/** @var string */
|
/** @var string */
|
||||||
static $fetch_last_error;
|
static $fetch_last_error;
|
||||||
|
@ -52,10 +56,16 @@ class UrlHelper {
|
||||||
* @param string $rel_url Possibly relative URL in the document
|
* @param string $rel_url Possibly relative URL in the document
|
||||||
* @param string $owner_element Owner element tag name (i.e. "a") (optional)
|
* @param string $owner_element Owner element tag name (i.e. "a") (optional)
|
||||||
* @param string $owner_attribute Owner attribute (i.e. "href") (optional)
|
* @param string $owner_attribute Owner attribute (i.e. "href") (optional)
|
||||||
|
* @param string $content_type URL content type as specified by enclosures, etc.
|
||||||
*
|
*
|
||||||
* @return false|string Absolute URL or false on failure (either during URL parsing or validation)
|
* @return false|string Absolute URL or false on failure (either during URL parsing or validation)
|
||||||
*/
|
*/
|
||||||
public static function rewrite_relative($base_url, $rel_url, string $owner_element = "", string $owner_attribute = "") {
|
public static function rewrite_relative($base_url,
|
||||||
|
$rel_url,
|
||||||
|
string $owner_element = "",
|
||||||
|
string $owner_attribute = "",
|
||||||
|
string $content_type = "") {
|
||||||
|
|
||||||
$rel_parts = parse_url($rel_url);
|
$rel_parts = parse_url($rel_url);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -80,6 +90,11 @@ class UrlHelper {
|
||||||
$owner_element == "a" &&
|
$owner_element == "a" &&
|
||||||
$owner_attribute == "href") {
|
$owner_attribute == "href") {
|
||||||
return $rel_url;
|
return $rel_url;
|
||||||
|
// allow some extra schemes for links with feed-specified content type i.e. enclosures
|
||||||
|
} else if ($content_type &&
|
||||||
|
is_array(self::EXTRA_SCHEMES_BY_CONTENT_TYPE[$content_type]) &&
|
||||||
|
in_array($rel_parts["scheme"], self::EXTRA_SCHEMES_BY_CONTENT_TYPE[$content_type])) {
|
||||||
|
return $rel_url;
|
||||||
// allow limited subset of inline base64-encoded images for IMG elements
|
// allow limited subset of inline base64-encoded images for IMG elements
|
||||||
} else if (($rel_parts["scheme"] ?? "") == "data" &&
|
} else if (($rel_parts["scheme"] ?? "") == "data" &&
|
||||||
preg_match('%^image/(webp|gif|jpg|png|svg);base64,%', $rel_parts["path"]) &&
|
preg_match('%^image/(webp|gif|jpg|png|svg);base64,%', $rel_parts["path"]) &&
|
||||||
|
|
Loading…
Reference in New Issue