private static function apply(simple_html_dom $dom, $attribute, $elements, ProxyHttpRequest $request)
{
foreach ($dom->find($elements . '[' . $attribute . ']') as $element) {
$attr_val = $element->getAttribute($attribute);
if ($attr_val) {
// Ignore these links.
if (startsWith($attr_val, array('data:', 'javascript:', 'mailto:', '.'))) {
continue;
}
// Turn protocol relative URLs into HTTPS.
if (isset($attr_val[1]) && $attr_val[1] == '/' && $attr_val[0] == '/') {
$attr_val = 'https:' . $attr_val;
$element->setAttribute($attribute, $attr_val);
} else {
$attr_val_components = parse_url($attr_val);
// Nothing to do without paths.
if (isset($attr_val_components['path'])) {
// Remove current host.
if (isset($attr_val_components['host']) && $attr_val_components['host'] == $request->getUrlComponent('host')) {
unset($attr_val_components['host']);
}
// If URL without host.
if (!isset($attr_val_components['host'])) {
// If path does not start with a slash, prepend current path directory.
if ($attr_val_components['path'][0] != '/') {
$attr_val_components['path'] = dirname($request->getUrlComponent('path')) . '/' . $attr_val_components['path'];
}
$attr_val = '.' . http_build_path_query_fragment($attr_val_components);
$element->setAttribute($attribute, $attr_val);
}
}
}
/*
* Special for existing base href values. They should always end with a slash,
* but browsers are lenient if it's eg http://example.com. But since we may rewrite
* the value later, it might have a path and without the slash it will fail.
*/
if ($element->tag == 'base') {
$last_char = $attr_val[strlen($attr_val) - 1];
if ($last_char != '/') {
$attr_val .= '/';
$element->setAttribute($attribute, $attr_val);
}
}
}
}
}
exit;
}
}
}
if (Conf::$apk_url) {
if ($_GET[RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME] == Conf::OUTPUT_TYPE_APP) {
require 'app.php';
exit;
}
if ($_GET[RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME] == Conf::OUTPUT_TYPE_APP_QR) {
require 'app-qr.php';
exit;
}
}
}
$request = new ProxyHttpRequest();
// Hijack crossdomain.xml.
if ($request->getUrlComponent('path') == '/crossdomain.xml' && getDownstreamOrigin()) {
header('Content-Type: application/xml');
$downstream_origin = getDownstreamOrigin();
print <<<EOF
<?xml version="1.0" ?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="{$downstream_origin}"/>
<allow-http-request-headers-from domain="{$downstream_origin}" headers="*"/>
</cross-domain-policy>
EOF;
exit;
}
$client = new http\Client();
exit;
}
}
}
if (Conf::$apk_url) {
if ($_GET[RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME] == Conf::OUTPUT_TYPE_APP) {
require 'app.php';
exit;
}
if ($_GET[RedirectWhenBlockedFull::QUERY_STRING_PARAM_NAME] == Conf::OUTPUT_TYPE_APP_QR) {
require 'app-qr.php';
exit;
}
}
}
$request = new ProxyHttpRequest();
// Hijack crossdomain.xml.
if ($request->getUrlComponent('path') == '/crossdomain.xml' && getDownstreamOrigin()) {
header('Content-Type: application/xml');
$downstream_origin = getDownstreamOrigin();
print <<<EOF
<?xml version="1.0" ?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="{$downstream_origin}"/>
<allow-http-request-headers-from domain="{$downstream_origin}" headers="*"/>
</cross-domain-policy>
EOF;
exit;
}
/*
