public static function dumpUrl($url, $allowRange = true, $passHeaders = false, $additionalHeaders = null) { KalturaLog::debug("URL [{$url}], {$allowRange} [{$allowRange}], {$passHeaders} [{$passHeaders}]"); self::closeDbConnections(); $ch = curl_init(); // set URL and other appropriate options curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, "curl/7.11.1"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // in case of private ips (internal to the datacenters) no need to check the certificate validity. // otherwise curling for https://127.0.0.1/ will fail as the certificate is for *.domain.com $urlHost = parse_url($url, PHP_URL_HOST); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, infraRequestUtils::isIpPrivate($urlHost) ? 0 : 2); // prevent loop back of the proxied request by detecting the "X-Kaltura-Proxy header if (isset($_SERVER["HTTP_X_KALTURA_PROXY"])) { KExternalErrors::dieError(KExternalErrors::PROXY_LOOPBACK); } $sendHeaders = array("X-Kaltura-Proxy: dumpUrl"); if ($passHeaders) { $sentHeaders = self::getRequestHeaders(); foreach ($sentHeaders as $header => $value) { $sendHeaders[] = "{$header}: {$value}"; } } elseif ($allowRange && isset($_SERVER['HTTP_RANGE']) && $_SERVER['HTTP_RANGE']) { // get range parameters from HTTP range requst headers list(, $range) = explode('=', $_SERVER['HTTP_RANGE'], 2); curl_setopt($ch, CURLOPT_RANGE, $range); } if ($additionalHeaders) { foreach ($additionalHeaders as $header => $value) { $sendHeaders[] = "{$header}: {$value}"; } } // when proxying request to other datacenter we may be already in a proxied request (from one of the internal proxy servers) // we need to ensure the original HOST is sent in order to allow restirctions checks $host = isset($_SERVER["HTTP_X_FORWARDED_HOST"]) ? $_SERVER["HTTP_X_FORWARDED_HOST"] : $_SERVER["HTTP_HOST"]; for ($i = 0; $i < count($sendHeaders); $i++) { if (stripos($sendHeaders[$i], "host:") === 0) { array_splice($sendHeaders, $i, 1); break; } } $sendHeaders[] = "Host:{$host}"; curl_setopt($ch, CURLOPT_HTTPHEADER, $sendHeaders); if ($_SERVER['REQUEST_METHOD'] == 'HEAD') { // request was HEAD, proxy only HEAD response curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_NOBODY, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); } else { // Set callback function for body curl_setopt($ch, CURLOPT_WRITEFUNCTION, 'kFileUtils::read_body'); } // Set callback function for headers curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'kFileUtils::read_header'); //curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); header("Access-Control-Allow-Origin:*"); // avoid html5 xss issues header("X-Kaltura:dumpUrl"); // grab URL and pass it to the browser $content = curl_exec($ch); KalturaLog::debug("CURL executed [{$content}]"); // close curl resource, and free up system resources curl_close($ch); KExternalErrors::dieGracefully(); }