From a6bdb2c34a631332ec0874635c37516ce2d5e42f Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <ben.lort@gmail.com>
Date: Thu, 17 Nov 2016 23:08:00 -0500
Subject: [PATCH 1/2] overhauling proxy_url

- Decode possible HTML entities in the input URL
- Add the safe extension for the shortpath as well
- Formatting
- Documentation
---
 mod/proxy.php | 97 +++++++++++++++++++++++++++++++--------------------
 1 file changed, 59 insertions(+), 38 deletions(-)

diff --git a/mod/proxy.php b/mod/proxy.php
index a4fbdd2440..4d53c9801c 100644
--- a/mod/proxy.php
+++ b/mod/proxy.php
@@ -233,66 +233,87 @@ function proxy_init() {
 	killme();
 }
 
-function proxy_url($url, $writemode = false, $size = "") {
-	global $_SERVER;
-
+/**
+ * @brief Transform a remote URL into a local one
+ *
+ * This function only performs the URL replacement on http URL and if the
+ * provided URL isn't local, "the isn't deactivated" (sic) and if the config
+ * system.proxy_disabled is set to false.
+ *
+ * @param string $url       The URL to proxyfy
+ * @param bool   $writemode Returns a local path the remote URL should be saved to
+ * @param string $size      One of the PROXY_SIZE_* constants
+ *
+ * @return string The proxyfied URL or relative path
+ */
+function proxy_url($url, $writemode = false, $size = '') {
 	$a = get_app();
 
 	if (substr($url, 0, strlen('http')) !== 'http') {
-		return($url);
+		return $url;
 	}
 
 	// Only continue if it isn't a local image and the isn't deactivated
 	if (proxy_is_local_image($url)) {
-		$url = str_replace(normalise_link($a->get_baseurl())."/", $a->get_baseurl()."/", $url);
-		return($url);
+		$url = str_replace(normalise_link($a->get_baseurl()) . '/', $a->get_baseurl() . '/', $url);
+		return $url;
 	}
 
-	if (get_config("system", "proxy_disabled"))
-		return($url);
+	if (get_config('system', 'proxy_disabled')) {
+		return $url;
+	}
+
+	// Image URL may have encoded ampersands for display which aren't desirable for proxy
+	$url = html_entity_decode($url, ENT_NOQUOTES, 'UTF8');
 
 	// Creating a sub directory to reduce the amount of files in the cache directory
-	$basepath = $a->get_basepath()."/proxy";
+	$basepath = $a->get_basepath() . '/proxy';
 
-	$path = substr(hash("md5", $url), 0, 2);
+	$shortpath = hash('md5', $url);
+	$longpath = substr($shortpath, 0, 2);
 
-	if (is_dir($basepath) and $writemode)
-		if (!is_dir($basepath."/".$path)) {
-			mkdir($basepath."/".$path);
-			chmod($basepath."/".$path, 0777);
+	if (is_dir($basepath) and $writemode) {
+		if (!is_dir($basepath . '/' . $longpath)) {
+			mkdir($basepath . '/' . $longpath);
+			chmod($basepath . '/' . $longpath, 0777);
 		}
-
-	$path .= "/".strtr(base64_encode($url), '+/', '-_');
-
-	// Checking for valid extensions. Only add them if they are safe
-	$pos = strrpos($url, ".");
-	if ($pos) {
-		$extension = strtolower(substr($url, $pos+1));
-		$pos = strpos($extension, "?");
-		if ($pos)
-			$extension = substr($extension, 0, $pos);
 	}
 
-	$extensions = array("jpg", "jpeg", "gif", "png");
+	$longpath .= '/' . strtr(base64_encode($url), '+/', '-_');
 
-	if (in_array($extension, $extensions))
-		$path .= ".".$extension;
+	// Checking for valid extensions. Only add them if they are safe
+	$pos = strrpos($url, '.');
+	if ($pos) {
+		$extension = strtolower(substr($url, $pos + 1));
+		$pos = strpos($extension, '?');
+		if ($pos) {
+			$extension = substr($extension, 0, $pos);
+		}
+	}
 
-	$proxypath = $a->get_baseurl()."/proxy/".$path;
+	$extensions = array('jpg', 'jpeg', 'gif', 'png');
+	if (in_array($extension, $extensions)) {
+		$shortpath .= '.' . $extension;
+		$longpath .= '.' . $extension;
+	}
 
-	if ($size != "")
-		$size = ":".$size;
+	$proxypath = $a->get_baseurl() . '/proxy/' . $longpath;
+
+	if ($size != '') {
+		$size = ':' . $size;
+	}
 
 	// Too long files aren't supported by Apache
 	// Writemode in combination with long files shouldn't be possible
-	if ((strlen($proxypath) > 250) AND $writemode)
-		return (hash("md5", $url));
-	elseif (strlen($proxypath) > 250)
-		return ($a->get_baseurl()."/proxy/".hash("md5", $url)."?url=".urlencode($url));
-	elseif ($writemode)
-		return ($path);
-	else
-		return ($proxypath.$size);
+	if ((strlen($proxypath) > 250) AND $writemode) {
+		return hash('md5', $url);
+	} elseif (strlen($proxypath) > 250) {
+		return $a->get_baseurl() . '/proxy/' . $shortpath . '?url=' . urlencode($url);
+	} elseif ($writemode) {
+		return $longpath;
+	} else {
+		return $proxypath . $size;
+	}
 }
 
 /**

From 1cf95066461c58b9f7d6ca716e13e8fe24e6f1ef Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <ben.lort@gmail.com>
Date: Sat, 19 Nov 2016 14:03:31 -0500
Subject: [PATCH 2/2] Overhauling proxy_url: use $shortpath for long URL in
 writemode

---
 mod/proxy.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mod/proxy.php b/mod/proxy.php
index 4d53c9801c..f2a7c30eac 100644
--- a/mod/proxy.php
+++ b/mod/proxy.php
@@ -306,7 +306,7 @@ function proxy_url($url, $writemode = false, $size = '') {
 	// Too long files aren't supported by Apache
 	// Writemode in combination with long files shouldn't be possible
 	if ((strlen($proxypath) > 250) AND $writemode) {
-		return hash('md5', $url);
+		return $shortpath;
 	} elseif (strlen($proxypath) > 250) {
 		return $a->get_baseurl() . '/proxy/' . $shortpath . '?url=' . urlencode($url);
 	} elseif ($writemode) {