function css_src_unique($input) { return 'src=' . $input[1] . '<UNIQUE[' . absoluteURL($input[2]) . ']URL>' . $input[1]; }
function proxyURL($url, $givenFlag = false) { global $CONFIG, $options, $bitfield, $flag; # Remove excess whitespace $url = trim($url); # check for binary images if (stripos($url, 'data:image') === 0) { return $url; } # handle javascript if (stripos($url, 'javascript:') === 0 || stripos($url, 'livescript:') === 0) { # return JS($url); return ''; } # Validate the input if (empty($url) || $url[0] == '#' || $url == 'about:' || stripos($url, 'data:') === 0 || stripos($url, 'file:') === 0 || stripos($url, 'res:') === 0 || stripos($url, 'C:') === 0 || strpos($url, GLYPE_BROWSE) === 0) { return ''; } # Extract any #anchor since we don't want to encode that if ($tmp = strpos($url, '#')) { $anchor = substr($url, $tmp); $url = substr($url, 0, $tmp); } else { $anchor = ''; } # Convert to absolute URL (if not already) $url = absoluteURL($url); # Add encoding if ($options['encodeURL']) { # Part of our encoding is to remove HTTP (saves space and helps avoid detection) $url = substr($url, 4); # Encrypt if (isset($GLOBALS['unique_salt'])) { $url = arcfour('encrypt', $GLOBALS['unique_salt'], $url); } } # Protect chars that have other meaning in URLs $url = rawurlencode($url); # Determine flag to use - $givenFlag is passed into function, $flag # is global flag currently in use (used here for persisting the frame state) $addFlag = $givenFlag ? $givenFlag : ($flag == 'frame' ? 'frame' : ''); # Return in path info format (only when encoding is on) if ($CONFIG['path_info_urls'] && $options['encodeURL']) { return GLYPE_BROWSE . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ($addFlag ? 'f' . $addFlag : '') . $anchor; } # Otherwise, return in 'normal' (query string) format return GLYPE_BROWSE . '?u=' . $url . '&b=' . $bitfield . ($addFlag ? '&f=' . $addFlag : '') . $anchor; }
function proxifyURL($url, $flag = '', $absolute = true) { global $CONFIG, $options, $bitfield; // First, validate the input if (empty($url)) { return ''; } // Is it an anchor? if ($url[0] == '#') { return $url; } // Is it javascript? if (stripos($url, 'javascript:') === 0) { return $url; } // Is it already proxified? if (strpos($url, GLYPE_BROWSE) === 0) { return $url; } // URLs occur as values of HTML attributes so decode it $url = $url; // Convert to absolute url (if not already) $url = absoluteURL($url); // Extract an #anchor $jumpTo = ''; if ($tmp = strpos($url, '#')) { // Split into jumpTo (append it after proxifying) and $url $jumpTo = substr($url, $tmp); $url = substr($url, 0, $tmp); } // Add encoding if ($options['encodeURL']) { // Part of our encoding is to remove HTTP (saves space and helps avoid detection) $url = substr($url, 4); // Add base64 $url = base64_encode($url); // Are we using unique URLs? if ($CONFIG['unique_urls']) { // Add the salt $url = $GLOBALS['unique_salt'] . $url; } } // Protect chars that have other meaning in URLs $url = rawurlencode($url); // If generating absolute URL, add prefix $prefix = $absolute ? GLYPE_BROWSE : ''; // Return in path info format (only when encoding is on) if ($CONFIG['path_info_urls'] && $options['encodeURL']) { return $prefix . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ($flag ? 'f' . $flag : '') . $jumpTo; } // Otherwise, return in 'normal' (query string) format return $prefix . '?u=' . $url . '&b=' . $bitfield . ($flag ? '&f=' . $flag : '') . $jumpTo; }
function proxifyURL($url, $givenFlag = false) { global $CONFIG, $options, $bitfield, $flag; // Remove excess whitespace $url = trim($url); // Validate the input - ensure it's not empty, not an anchor, not javascript // and not already proxified if (empty($url) || $url[0] == '#' || stripos($url, 'javascript:') === 0 || strpos($url, GLYPE_BROWSE) === 0) { return ''; } // Extract any #anchor since we don't want to encode that if ($tmp = strpos($url, '#')) { $anchor = substr($url, $tmp); $url = substr($url, 0, $tmp - 1); } else { $anchor = ''; } // Convert to absolute URL (if not already) $url = absoluteURL($url); // Add encoding if ($options['encodeURL']) { // Part of our encoding is to remove HTTP (saves space and helps avoid detection) $url = substr($url, 4); // Apply base64 $url = base64_encode($url); // Add the salt if we're using unique URLs if ($CONFIG['unique_urls']) { $url = $GLOBALS['unique_salt'] . $url; } } // Protect chars that have other meaning in URLs $url = rawurlencode($url); // Determine flag to use - $givenFlag is passed into function, $flag // is global flag currently in use (used here for persisting the frame state) $addFlag = $givenFlag ? $givenFlag : ($flag == 'frame' ? 'frame' : ''); // Return in path info format (only when encoding is on) if ($CONFIG['path_info_urls'] && $options['encodeURL']) { return GLYPE_BROWSE . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ($addFlag ? 'f' . $addFlag : '') . $anchor; } // Otherwise, return in 'normal' (query string) format return GLYPE_BROWSE . '?url=' . $url . '&b=' . $bitfield . ($addFlag ? '&f=' . $addFlag : '') . $anchor; }
function proxifyURL($url, $givenFlag = false) { global $CONFIG, $options, $bitfield, $flag, $hostname; // Remove excess whitespace $url = trim($url); // Validate the input - ensure it's not empty, not an anchor, not javascript // and not already proxified if (empty($url) || $url[0] == '#' || stripos($url, 'javascript:') === 0 || strpos($url, GLYPE_BROWSE) === 0) { return ''; } // Extract any #anchor since we don't want to encode that if ($tmp = strpos($url, '#')) { $anchor = substr($url, $tmp); $url = substr($url, 0, $tmp - 1); } else { $anchor = ''; } // Convert to absolute URL (if not already) $url = absoluteURL($url); // Add encoding if ($options['encodeURL']) { // Part of our encoding is to remove HTTP (saves space and helps avoid detection) $url = substr($url, 4); // Apply base64 $url = base64_encode($url); // Add the salt if we're using unique URLs if ($CONFIG['unique_urls']) { $url = $GLOBALS['unique_salt'] . $url; } } // Protect chars that have other meaning in URLs $url = rawurlencode($url); // Determine flag to use - $givenFlag is passed into function, $flag // is global flag currently in use (used here for persisting the frame state) $addFlag = $givenFlag ? $givenFlag : ($flag == 'frame' ? 'frame' : ''); // It is on the same domain if (preg_match("/" . $hostname['onion'] . "/", $url)) { $glype_browse = GLYPE_BROWSE; if (preg_match('/(?:([a-z0-9-.]+:[a-z0-9-.]+)@)?([a-z0-9-.]+)\\.onion(.*)/', $url, $tmp)) { return urldecode($tmp[3]); } } else { preg_match('/(?:([a-z0-9-.]+:[a-z0-9-.]+)@)?([a-z0-9-.]+)\\.onion(.*)/', $url, $tmp); // It is an external non tor2web site if (!$tmp) { return "/leaving.php?url=" . $url; } else { $new_onion = $tmp[2]; } $glype_browse = 'http' . (HTTPS ? 's' : '') . '://' . $new_onion . $hostname['base'] . preg_replace('#/(?:(?:includes/)?[^/]*|' . preg_quote(SCRIPT_NAME) . '.*)$#', '', $_SERVER['PHP_SELF']); } // Return in path info format (only when encoding is on) if ($CONFIG['path_info_urls'] && $options['encodeURL']) { return $glype_browse . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ($addFlag ? 'f' . $addFlag : '') . $anchor; } // Otherwise, return in 'normal' (query string) format return $glype_browse . '?u=' . $url . '&b=' . $bitfield . ($addFlag ? '&f=' . $addFlag : '') . $anchor; }