function css_src_unique($input)
{
return 'src=' . $input[1] . '<UNIQUE[' . absoluteURL($input[2]) . ']URL>' . $input[1];
}
function proxyURL($url, $givenFlag = false)
{
global $CONFIG, $options, $bitfield, $flag;
# Remove excess whitespace
$url = trim($url);
# check for binary images
if (stripos($url, 'data:image') === 0) {
return $url;
}
# handle javascript
if (stripos($url, 'javascript:') === 0 || stripos($url, 'livescript:') === 0) {
# return JS($url);
return '';
}
# Validate the input
if (empty($url) || $url[0] == '#' || $url == 'about:' || stripos($url, 'data:') === 0 || stripos($url, 'file:') === 0 || stripos($url, 'res:') === 0 || stripos($url, 'C:') === 0 || strpos($url, GLYPE_BROWSE) === 0) {
return '';
}
# Extract any #anchor since we don't want to encode that
if ($tmp = strpos($url, '#')) {
$anchor = substr($url, $tmp);
$url = substr($url, 0, $tmp);
} else {
$anchor = '';
}
# Convert to absolute URL (if not already)
$url = absoluteURL($url);
# Add encoding
if ($options['encodeURL']) {
# Part of our encoding is to remove HTTP (saves space and helps avoid detection)
$url = substr($url, 4);
# Encrypt
if (isset($GLOBALS['unique_salt'])) {
$url = arcfour('encrypt', $GLOBALS['unique_salt'], $url);
}
}
# Protect chars that have other meaning in URLs
$url = rawurlencode($url);
# Determine flag to use - $givenFlag is passed into function, $flag
# is global flag currently in use (used here for persisting the frame state)
$addFlag = $givenFlag ? $givenFlag : ($flag == 'frame' ? 'frame' : '');
# Return in path info format (only when encoding is on)
if ($CONFIG['path_info_urls'] && $options['encodeURL']) {
return GLYPE_BROWSE . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ($addFlag ? 'f' . $addFlag : '') . $anchor;
}
# Otherwise, return in 'normal' (query string) format
return GLYPE_BROWSE . '?u=' . $url . '&b=' . $bitfield . ($addFlag ? '&f=' . $addFlag : '') . $anchor;
}
function proxifyURL($url, $flag = '', $absolute = true)
{
global $CONFIG, $options, $bitfield;
// First, validate the input
if (empty($url)) {
return '';
}
// Is it an anchor?
if ($url[0] == '#') {
return $url;
}
// Is it javascript?
if (stripos($url, 'javascript:') === 0) {
return $url;
}
// Is it already proxified?
if (strpos($url, GLYPE_BROWSE) === 0) {
return $url;
}
// URLs occur as values of HTML attributes so decode it
$url = $url;
// Convert to absolute url (if not already)
$url = absoluteURL($url);
// Extract an #anchor
$jumpTo = '';
if ($tmp = strpos($url, '#')) {
// Split into jumpTo (append it after proxifying) and $url
$jumpTo = substr($url, $tmp);
$url = substr($url, 0, $tmp);
}
// Add encoding
if ($options['encodeURL']) {
// Part of our encoding is to remove HTTP (saves space and helps avoid detection)
$url = substr($url, 4);
// Add base64
$url = base64_encode($url);
// Are we using unique URLs?
if ($CONFIG['unique_urls']) {
// Add the salt
$url = $GLOBALS['unique_salt'] . $url;
}
}
// Protect chars that have other meaning in URLs
$url = rawurlencode($url);
// If generating absolute URL, add prefix
$prefix = $absolute ? GLYPE_BROWSE : '';
// Return in path info format (only when encoding is on)
if ($CONFIG['path_info_urls'] && $options['encodeURL']) {
return $prefix . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ($flag ? 'f' . $flag : '') . $jumpTo;
}
// Otherwise, return in 'normal' (query string) format
return $prefix . '?u=' . $url . '&b=' . $bitfield . ($flag ? '&f=' . $flag : '') . $jumpTo;
}
function proxifyURL($url, $givenFlag = false)
{
global $CONFIG, $options, $bitfield, $flag;
// Remove excess whitespace
$url = trim($url);
// Validate the input - ensure it's not empty, not an anchor, not javascript
// and not already proxified
if (empty($url) || $url[0] == '#' || stripos($url, 'javascript:') === 0 || strpos($url, GLYPE_BROWSE) === 0) {
return '';
}
// Extract any #anchor since we don't want to encode that
if ($tmp = strpos($url, '#')) {
$anchor = substr($url, $tmp);
$url = substr($url, 0, $tmp - 1);
} else {
$anchor = '';
}
// Convert to absolute URL (if not already)
$url = absoluteURL($url);
// Add encoding
if ($options['encodeURL']) {
// Part of our encoding is to remove HTTP (saves space and helps avoid detection)
$url = substr($url, 4);
// Apply base64
$url = base64_encode($url);
// Add the salt if we're using unique URLs
if ($CONFIG['unique_urls']) {
$url = $GLOBALS['unique_salt'] . $url;
}
}
// Protect chars that have other meaning in URLs
$url = rawurlencode($url);
// Determine flag to use - $givenFlag is passed into function, $flag
// is global flag currently in use (used here for persisting the frame state)
$addFlag = $givenFlag ? $givenFlag : ($flag == 'frame' ? 'frame' : '');
// Return in path info format (only when encoding is on)
if ($CONFIG['path_info_urls'] && $options['encodeURL']) {
return GLYPE_BROWSE . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ($addFlag ? 'f' . $addFlag : '') . $anchor;
}
// Otherwise, return in 'normal' (query string) format
return GLYPE_BROWSE . '?url=' . $url . '&b=' . $bitfield . ($addFlag ? '&f=' . $addFlag : '') . $anchor;
}
function proxifyURL($url, $givenFlag = false)
{
global $CONFIG, $options, $bitfield, $flag, $hostname;
// Remove excess whitespace
$url = trim($url);
// Validate the input - ensure it's not empty, not an anchor, not javascript
// and not already proxified
if (empty($url) || $url[0] == '#' || stripos($url, 'javascript:') === 0 || strpos($url, GLYPE_BROWSE) === 0) {
return '';
}
// Extract any #anchor since we don't want to encode that
if ($tmp = strpos($url, '#')) {
$anchor = substr($url, $tmp);
$url = substr($url, 0, $tmp - 1);
} else {
$anchor = '';
}
// Convert to absolute URL (if not already)
$url = absoluteURL($url);
// Add encoding
if ($options['encodeURL']) {
// Part of our encoding is to remove HTTP (saves space and helps avoid detection)
$url = substr($url, 4);
// Apply base64
$url = base64_encode($url);
// Add the salt if we're using unique URLs
if ($CONFIG['unique_urls']) {
$url = $GLOBALS['unique_salt'] . $url;
}
}
// Protect chars that have other meaning in URLs
$url = rawurlencode($url);
// Determine flag to use - $givenFlag is passed into function, $flag
// is global flag currently in use (used here for persisting the frame state)
$addFlag = $givenFlag ? $givenFlag : ($flag == 'frame' ? 'frame' : '');
// It is on the same domain
if (preg_match("/" . $hostname['onion'] . "/", $url)) {
$glype_browse = GLYPE_BROWSE;
if (preg_match('/(?:([a-z0-9-.]+:[a-z0-9-.]+)@)?([a-z0-9-.]+)\\.onion(.*)/', $url, $tmp)) {
return urldecode($tmp[3]);
}
} else {
preg_match('/(?:([a-z0-9-.]+:[a-z0-9-.]+)@)?([a-z0-9-.]+)\\.onion(.*)/', $url, $tmp);
// It is an external non tor2web site
if (!$tmp) {
return "/leaving.php?url=" . $url;
} else {
$new_onion = $tmp[2];
}
$glype_browse = 'http' . (HTTPS ? 's' : '') . '://' . $new_onion . $hostname['base'] . preg_replace('#/(?:(?:includes/)?[^/]*|' . preg_quote(SCRIPT_NAME) . '.*)$#', '', $_SERVER['PHP_SELF']);
}
// Return in path info format (only when encoding is on)
if ($CONFIG['path_info_urls'] && $options['encodeURL']) {
return $glype_browse . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ($addFlag ? 'f' . $addFlag : '') . $anchor;
}
// Otherwise, return in 'normal' (query string) format
return $glype_browse . '?u=' . $url . '&b=' . $bitfield . ($addFlag ? '&f=' . $addFlag : '') . $anchor;
}
