diff --git a/src/App.php b/src/App.php index c9a66c523d..0a7bab0e16 100644 --- a/src/App.php +++ b/src/App.php @@ -9,6 +9,7 @@ use DOMDocument; use DOMXPath; use Exception; use Friendica\App\Arguments; +use Friendica\App\BaseURL; use Friendica\Core\Config\Cache\ConfigCache; use Friendica\Core\Config\Configuration; use Friendica\Core\Config\PConfiguration; @@ -20,7 +21,6 @@ use Friendica\Model\Profile; use Friendica\Module\Login; use Friendica\Module\Special\HTTPException as ModuleHTTPException; use Friendica\Network\HTTPException; -use Friendica\Util\BaseURL; use Friendica\Util\ConfigFileLoader; use Friendica\Util\HTTPSignature; use Friendica\Util\Profiler; @@ -536,21 +536,13 @@ class App * @param string $origURL * * @return string The cleaned url - * @throws HTTPException\InternalServerErrorException + * + * @deprecated 2019.09 - Use BaseURL->remove() instead + * @see BaseURL::remove() */ public function removeBaseURL($origURL) { - // Remove the hostname from the url if it is an internal link - $nurl = Util\Strings::normaliseLink($origURL); - $base = Util\Strings::normaliseLink($this->getBaseURL()); - $url = str_replace($base . '/', '', $nurl); - - // if it is an external link return the orignal value - if ($url == Util\Strings::normaliseLink($origURL)) { - return $origURL; - } else { - return $url; - } + return $this->baseURL->remove($origURL); } /** diff --git a/src/Util/BaseURL.php b/src/App/BaseURL.php similarity index 82% rename from src/Util/BaseURL.php rename to src/App/BaseURL.php index be34de30ec..ad5fd0d4ed 100644 --- a/src/Util/BaseURL.php +++ b/src/App/BaseURL.php @@ -1,8 +1,10 @@ hostname) { if ($this->config->set('config', 'hostname', $hostname)) { - $this->hostname = $hostname; + $this->hostname = $hostname; } else { return false; } @@ -153,7 +166,7 @@ class BaseURL if ($this->config->set('system', 'ssl_policy', $sslPolicy)) { $this->sslPolicy = $sslPolicy; } else { - $this->hostname = $currHostname; + $this->hostname = $currHostname; $this->config->set('config', 'hostname', $this->hostname); return false; } @@ -229,12 +242,12 @@ class BaseURL */ public function checkRedirectHttps() { - return $this->config->get('system', 'force_ssl') - && ($this->getScheme() == "http") - && intval($this->getSSLPolicy()) == BaseURL::SSL_POLICY_FULL - && strpos($this->get(), 'https://') === 0 - && !empty($this->server['REQUEST_METHOD']) - && $this->server['REQUEST_METHOD'] === 'GET'; + return $this->config->get('system', 'force_ssl') && + ($this->getScheme() == "http") && + intval($this->getSSLPolicy()) == BaseURL::SSL_POLICY_FULL && + strpos($this->get(), 'https://') === 0 && + !empty($this->server['REQUEST_METHOD']) && + $this->server['REQUEST_METHOD'] === 'GET'; } /** @@ -359,7 +372,7 @@ class BaseURL $scheme = 'https'; } - $this->url = $scheme . '://' . $this->hostname . (!empty($this->urlPath) ? '/' . $this->urlPath : '' ); + $this->url = $scheme . '://' . $this->hostname . (!empty($this->urlPath) ? '/' . $this->urlPath : ''); } /** @@ -370,13 +383,35 @@ class BaseURL $this->scheme = 'http'; if (!empty($this->server['HTTPS']) || - !empty($this->server['HTTP_FORWARDED']) && preg_match('/proto=https/', $this->server['HTTP_FORWARDED']) || - !empty($this->server['HTTP_X_FORWARDED_PROTO']) && $this->server['HTTP_X_FORWARDED_PROTO'] == 'https' || - !empty($this->server['HTTP_X_FORWARDED_SSL']) && $this->server['HTTP_X_FORWARDED_SSL'] == 'on' || - !empty($this->server['FRONT_END_HTTPS']) && $this->server['FRONT_END_HTTPS'] == 'on' || - !empty($this->server['SERVER_PORT']) && (intval($this->server['SERVER_PORT']) == 443) // XXX: reasonable assumption, but isn't this hardcoding too much? + !empty($this->server['HTTP_FORWARDED']) && preg_match('/proto=https/', $this->server['HTTP_FORWARDED']) || + !empty($this->server['HTTP_X_FORWARDED_PROTO']) && $this->server['HTTP_X_FORWARDED_PROTO'] == 'https' || + !empty($this->server['HTTP_X_FORWARDED_SSL']) && $this->server['HTTP_X_FORWARDED_SSL'] == 'on' || + !empty($this->server['FRONT_END_HTTPS']) && $this->server['FRONT_END_HTTPS'] == 'on' || + !empty($this->server['SERVER_PORT']) && (intval($this->server['SERVER_PORT']) == 443) // XXX: reasonable assumption, but isn't this hardcoding too much? ) { $this->scheme = 'https'; } } + + /** + * Removes the base url from an url. This avoids some mixed content problems. + * + * @param string $origURL + * + * @return string The cleaned url + */ + public function remove(string $origURL) + { + // Remove the hostname from the url if it is an internal link + $nurl = Strings::normaliseLink($origURL); + $base = Strings::normaliseLink($this->get()); + $url = str_replace($base . '/', '', $nurl); + + // if it is an external link return the orignal value + if ($url == Strings::normaliseLink($origURL)) { + return $origURL; + } else { + return $url; + } + } } diff --git a/src/Core/Session.php b/src/Core/Session.php index e54c0e49b9..22909a6e6e 100644 --- a/src/Core/Session.php +++ b/src/Core/Session.php @@ -9,9 +9,7 @@ use Friendica\App; use Friendica\Core\Session\CacheSessionHandler; use Friendica\Core\Session\DatabaseSessionHandler; use Friendica\Database\DBA; -use Friendica\Model\Contact; use Friendica\Model\User; -use Friendica\Util\BaseURL; use Friendica\Util\DateTimeFormat; /** @@ -30,7 +28,7 @@ class Session ini_set('session.use_only_cookies', 1); ini_set('session.cookie_httponly', 1); - if (Config::get('system', 'ssl_policy') == BaseURL::SSL_POLICY_FULL) { + if (Config::get('system', 'ssl_policy') == App\BaseURL::SSL_POLICY_FULL) { ini_set('session.cookie_secure', 1); } diff --git a/src/Core/System.php b/src/Core/System.php index 89526bdb4e..0888f390a6 100644 --- a/src/Core/System.php +++ b/src/Core/System.php @@ -4,9 +4,9 @@ */ namespace Friendica\Core; +use Friendica\App\BaseURL; use Friendica\BaseObject; use Friendica\Network\HTTPException\InternalServerErrorException; -use Friendica\Util\BaseURL; use Friendica\Util\XML; /** diff --git a/src/Model/Contact.php b/src/Model/Contact.php index f01cb73604..df3efa0c57 100644 --- a/src/Model/Contact.php +++ b/src/Model/Contact.php @@ -4,6 +4,7 @@ */ namespace Friendica\Model; +use Friendica\App\BaseURL; use Friendica\BaseObject; use Friendica\Content\Pager; use Friendica\Core\Config; @@ -22,7 +23,6 @@ use Friendica\Protocol\Diaspora; use Friendica\Protocol\OStatus; use Friendica\Protocol\PortableContact; use Friendica\Protocol\Salmon; -use Friendica\Util\BaseURL; use Friendica\Util\DateTimeFormat; use Friendica\Util\Network; use Friendica\Util\Strings; diff --git a/src/Module/Admin/Site.php b/src/Module/Admin/Site.php index c899729f8e..dff869df20 100644 --- a/src/Module/Admin/Site.php +++ b/src/Module/Admin/Site.php @@ -14,7 +14,6 @@ use Friendica\Module\BaseAdminModule; use Friendica\Module\Register; use Friendica\Protocol\PortableContact; use Friendica\Util\BasePath; -use Friendica\Util\BaseURL; use Friendica\Util\Strings; use Friendica\Worker\Delivery; @@ -246,7 +245,7 @@ class Site extends BaseAdminModule $diaspora_enabled = false; } if ($ssl_policy != intval(Config::get('system', 'ssl_policy'))) { - if ($ssl_policy == BaseURL::SSL_POLICY_FULL) { + if ($ssl_policy == App\BaseURL::SSL_POLICY_FULL) { DBA::e("UPDATE `contact` SET `url` = REPLACE(`url` , 'http:' , 'https:'), `photo` = REPLACE(`photo` , 'http:' , 'https:'), @@ -264,7 +263,7 @@ class Site extends BaseAdminModule `thumb` = REPLACE(`thumb` , 'http:' , 'https:') WHERE 1 " ); - } elseif ($ssl_policy == BaseURL::SSL_POLICY_SELFSIGN) { + } elseif ($ssl_policy == App\BaseURL::SSL_POLICY_SELFSIGN) { DBA::e("UPDATE `contact` SET `url` = REPLACE(`url` , 'https:' , 'http:'), `photo` = REPLACE(`photo` , 'https:' , 'http:'), @@ -512,9 +511,9 @@ class Site extends BaseAdminModule ]; $ssl_choices = [ - BaseURL::SSL_POLICY_NONE => L10n::t('No SSL policy, links will track page SSL state'), - BaseURL::SSL_POLICY_FULL => L10n::t('Force all links to use SSL'), - BaseURL::SSL_POLICY_SELFSIGN => L10n::t('Self-signed certificate, use SSL for local links only (discouraged)') + App\BaseURL::SSL_POLICY_NONE => L10n::t('No SSL policy, links will track page SSL state'), + App\BaseURL::SSL_POLICY_FULL => L10n::t('Force all links to use SSL'), + App\BaseURL::SSL_POLICY_SELFSIGN => L10n::t('Self-signed certificate, use SSL for local links only (discouraged)') ]; $check_git_version_choices = [ diff --git a/src/Module/Install.php b/src/Module/Install.php index 3b8ebb471c..7ba4039665 100644 --- a/src/Module/Install.php +++ b/src/Module/Install.php @@ -10,7 +10,6 @@ use Friendica\Core\L10n; use Friendica\Core\Renderer; use Friendica\Network\HTTPException; use Friendica\Util\BasePath; -use Friendica\Util\BaseURL; use Friendica\Util\Strings; use Friendica\Util\Temporal; @@ -180,9 +179,9 @@ class Install extends BaseModule case self::BASE_CONFIG: $ssl_choices = [ - BaseURL::SSL_POLICY_NONE => L10n::t("No SSL policy, links will track page SSL state"), - BaseURL::SSL_POLICY_FULL => L10n::t("Force all links to use SSL"), - BaseURL::SSL_POLICY_SELFSIGN => L10n::t("Self-signed certificate, use SSL for local links only \x28discouraged\x29") + App\BaseURL::SSL_POLICY_NONE => L10n::t("No SSL policy, links will track page SSL state"), + App\BaseURL::SSL_POLICY_FULL => L10n::t("Force all links to use SSL"), + App\BaseURL::SSL_POLICY_SELFSIGN => L10n::t("Self-signed certificate, use SSL for local links only \x28discouraged\x29") ]; $tpl = Renderer::getMarkupTemplate('install_base.tpl'); diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index 2abdfe1486..273a7c248c 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -11,6 +11,7 @@ namespace Friendica\Protocol; use DOMDocument; use DOMXPath; use Friendica\App; +use Friendica\App\BaseURL; use Friendica\Content\OEmbed; use Friendica\Content\Text\BBCode; use Friendica\Content\Text\HTML; @@ -31,7 +32,6 @@ use Friendica\Model\Profile; use Friendica\Model\User; use Friendica\Network\Probe; use Friendica\Object\Image; -use Friendica\Util\BaseURL; use Friendica\Util\Crypto; use Friendica\Util\DateTimeFormat; use Friendica\Util\Network; diff --git a/static/dependencies.config.php b/static/dependencies.config.php index 7a4adb5ea1..e32f99a60c 100644 --- a/static/dependencies.config.php +++ b/static/dependencies.config.php @@ -85,12 +85,12 @@ return [ ], ], /** - * Creates the Util\BaseURL + * Creates the App\BaseURL * * Same as: - * $baseURL = new Util\BaseURL($configuration, $_SERVER); + * $baseURL = new App\BaseURL($configuration, $_SERVER); */ - Util\BaseURL::class => [ + App\BaseURL::class => [ 'constructParams' => [ $_SERVER, ], diff --git a/tests/src/Console/AutomaticInstallationConsoleTest.php b/tests/src/Console/AutomaticInstallationConsoleTest.php index a8c4894b9d..774db31746 100644 --- a/tests/src/Console/AutomaticInstallationConsoleTest.php +++ b/tests/src/Console/AutomaticInstallationConsoleTest.php @@ -15,7 +15,6 @@ use Friendica\Test\Util\DBAMockTrait; use Friendica\Test\Util\DBStructureMockTrait; use Friendica\Test\Util\RendererMockTrait; use Friendica\Test\Util\VFSTrait; -use Friendica\Util\BaseURL; use Friendica\Util\Logger\VoidLogger; use Mockery\MockInterface; use org\bovigo\vfs\vfsStream; @@ -353,7 +352,7 @@ FIN; $this->assertConfigEntry('system', 'language', $assertion, ($default) ? Installer::DEFAULT_LANG : null); $this->assertConfigEntry('system', 'url', $assertion); $this->assertConfigEntry('system', 'urlpath', $assertion); - $this->assertConfigEntry('system', 'ssl_policy', $assertion, ($default) ? BaseURL::DEFAULT_SSL_SCHEME : null); + $this->assertConfigEntry('system', 'ssl_policy', $assertion, ($default) ? App\BaseURL::DEFAULT_SSL_SCHEME : null); $this->assertConfigEntry('system', 'basepath', ($realBasepath) ? $this->root->url() : $assertion); } diff --git a/tests/src/Content/Text/BBCodeTest.php b/tests/src/Content/Text/BBCodeTest.php index 6938f8ed5a..899f32764d 100644 --- a/tests/src/Content/Text/BBCodeTest.php +++ b/tests/src/Content/Text/BBCodeTest.php @@ -2,12 +2,12 @@ namespace Friendica\Test\src\Content\Text; +use Friendica\App\BaseURL; use Friendica\Content\Text\BBCode; use Friendica\Core\L10n\L10n; use Friendica\Test\MockedTest; use Friendica\Test\Util\AppMockTrait; use Friendica\Test\Util\VFSTrait; -use Friendica\Util\BaseURL; class BBCodeTest extends MockedTest { diff --git a/tests/src/Util/BaseURLTest.php b/tests/src/Util/BaseURLTest.php index 1e74af39fe..7f63027fcb 100644 --- a/tests/src/Util/BaseURLTest.php +++ b/tests/src/Util/BaseURLTest.php @@ -1,9 +1,9 @@