From f39b1bb14d930d15a6d4997fb70f43d31acebcc8 Mon Sep 17 00:00:00 2001 From: the-djmaze <> Date: Tue, 19 Apr 2022 09:40:29 +0200 Subject: [PATCH] Changes for #326 --- dev/Common/Html.js | 2 +- dev/Common/Links.js | 9 +------ .../app/libraries/RainLoop/ServiceActions.php | 25 ++++++++----------- .../libraries/snappymail/http/response.php | 7 ++++-- 4 files changed, 17 insertions(+), 26 deletions(-) diff --git a/dev/Common/Html.js b/dev/Common/Html.js index 7af8e07d7..2a5b53b8a 100644 --- a/dev/Common/Html.js +++ b/dev/Common/Html.js @@ -236,7 +236,7 @@ export const setAttribute('data-x-src-cid', value.slice(4)); result.foundCIDs.push(value.slice(4)); } - else if (/^https?:\/\//i.test(value) || '//' === value.slice(0, 2)) + else if (/^(https?:)?\/\//i.test(value)) { setAttribute('data-x-src', useProxy ? proxy(value) : value); result.hasExternals = true; diff --git a/dev/Common/Links.js b/dev/Common/Links.js index cae3e49f6..9e896f2a2 100644 --- a/dev/Common/Links.js +++ b/dev/Common/Links.js @@ -47,14 +47,7 @@ export const serverRequestRaw('Download', download, customSpecSuffix), proxy = url => - SERVER_PREFIX + '/ProxyExternal/' + btoa(url).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, ''), -/* - return './?/ProxyExternal/'.Utils::EncodeKeyValuesQ(array( - 'Rnd' => \md5(\microtime(true)), - 'Token' => Utils::GetConnectionToken(), - 'Url' => $sUrl - )).'/'; -*/ + SERVER_PREFIX + '/ProxyExternal/' + btoa(url.replace(/ /g, '%20')).replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, ''), /** * @param {string} type diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/ServiceActions.php b/snappymail/v/0.0.0/app/libraries/RainLoop/ServiceActions.php index b4cccedcd..074632756 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/ServiceActions.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/ServiceActions.php @@ -344,28 +344,19 @@ class ServiceActions public function ServiceProxyExternal() : string { $sData = empty($this->aPaths[1]) ? '' : $this->aPaths[1]; - if (!empty($sData) && $this->Config()->Get('labs', 'use_local_proxy_for_external_images', false)) - { + if ($sData && $this->Config()->Get('labs', 'use_local_proxy_for_external_images', false)) { $this->oActions->verifyCacheByKey($sData); - $aData = Utils::DecodeKeyValuesQ($sData); - if (!\is_array($aData) && $this->oActions->GetAccount()) { - $aData = [ -// 'Rnd' => md5(\microtime(true)), - 'Token' => Utils::GetConnectionToken(), - 'Url' => \MailSo\Base\Utils::UrlSafeBase64Decode($sData) - ]; - } - if (\is_array($aData) && !empty($aData['Token']) && !empty($aData['Url']) && $aData['Token'] === Utils::GetConnectionToken()) - { - \header('X-Content-Location: '.$aData['Url']); + $sUrl = \MailSo\Base\Utils::UrlSafeBase64Decode($sData); + if (!empty($sUrl)) { + \header('X-Content-Location: '.$sUrl); $tmp = \tmpfile(); $HTTP = \SnappyMail\HTTP\Request::factory(); $HTTP->max_redirects = 2; $HTTP->streamBodyTo($tmp); - $oResponse = $HTTP->doRequest('GET', $aData['Url']); + $oResponse = $HTTP->doRequest('GET', $sUrl); if ($oResponse && 200 === $oResponse->status && \str_starts_with($oResponse->getHeader('content-type'), 'image/') - ) { + ) try { $this->oActions->cacheByKey($sData); \header('Content-Type: ' . $oResponse->getHeader('content-type')); \header('Cache-Control: public'); @@ -374,6 +365,10 @@ class ServiceActions \rewind($tmp); \fpassthru($tmp); exit; + } catch (\Throwable $e) { + $msg = \get_class($HTTP) . ': ' . $e->getMessage(); + \SnappyMail\Log::error('Proxy', $msg); +// \error_log(\get_class($HTTP) . ': ' . $e->getMessage()); } } } diff --git a/snappymail/v/0.0.0/app/libraries/snappymail/http/response.php b/snappymail/v/0.0.0/app/libraries/snappymail/http/response.php index aba9be140..3593aa41d 100644 --- a/snappymail/v/0.0.0/app/libraries/snappymail/http/response.php +++ b/snappymail/v/0.0.0/app/libraries/snappymail/http/response.php @@ -76,9 +76,9 @@ class Response { if ($location = $this->getHeader('location')) { $uri = \is_array($location) ? $location[0] : $location; - if (!\preg_match('#^[a-z][a-z0-9\\+\\.\\-]+://[^/]+#i', $uri)) { + if (!\preg_match('#^([a-z][a-z0-9\\+\\.\\-]+:)?//[^/]+#i', $uri)) { // no host - \preg_match('#^([a-z][a-z0-9\\+\\.\\-]+://[^/]+)(/[^\\?\\#]*)#i', $this->final_uri, $match); + \preg_match('#^((?:[a-z][a-z0-9\\+\\.\\-]+:)?//[^/]+)(/[^\\?\\#]*)#i', $this->final_uri, $match); if ('/' === $uri[0]) { // absolute path $uri = $match[1] . $uri; @@ -88,6 +88,9 @@ class Response $uri = $match[1] . \substr($match[2], 0, $rpos+1) . $uri; } } + if ('//' === \substr($uri, 0, 2)) { + $uri = \explode(':', $this->request_uri)[0] . ':' . $uri; + } return $uri; } return null;