diff --git a/mod/parse_url.php b/mod/parse_url.php index ede557ff22..1904d9219d 100644 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -85,7 +85,7 @@ function parse_url_content(App $a) // Check if the URL is an image, video or audio file. If so format // the URL with the corresponding BBCode media tag // Fetch the header of the URL - $curlResponse = DI::httpRequest()->get($url, ['novalidate' => true, 'nobody' => true]); + $curlResponse = DI::httpRequest()->head($url); if ($curlResponse->isSuccess()) { // Convert the header fields into an array diff --git a/src/Model/GServer.php b/src/Model/GServer.php index 009816d818..3a2a0bd798 100644 --- a/src/Model/GServer.php +++ b/src/Model/GServer.php @@ -1639,7 +1639,7 @@ class GServer if (!empty($accesstoken)) { $api = 'https://instances.social/api/1.0/instances/list?count=0'; $header = ['Authorization: Bearer '.$accesstoken]; - $curlResult = DI::httpRequest()->get($api, ['headers' => $header]); + $curlResult = DI::httpRequest()->get($api, ['header' => $header]); if ($curlResult->isSuccess()) { $servers = json_decode($curlResult->getBody(), true); diff --git a/src/Module/Magic.php b/src/Module/Magic.php index fc37d91b45..af8ff36056 100644 --- a/src/Module/Magic.php +++ b/src/Module/Magic.php @@ -88,19 +88,19 @@ class Magic extends BaseModule $exp = explode('/profile/', $contact['url']); $basepath = $exp[0]; - $headers = []; - $headers['Accept'] = 'application/x-dfrn+json, application/x-zot+json'; - $headers['X-Open-Web-Auth'] = Strings::getRandomHex(); + $header = []; + $header['Accept'] = 'application/x-dfrn+json, application/x-zot+json'; + $header['X-Open-Web-Auth'] = Strings::getRandomHex(); // Create a header that is signed with the local users private key. - $headers = HTTPSignature::createSig( - $headers, + $header = HTTPSignature::createSig( + $header, $user['prvkey'], 'acct:' . $user['nickname'] . '@' . DI::baseUrl()->getHostname() . (DI::baseUrl()->getUrlPath() ? '/' . DI::baseUrl()->getUrlPath() : '') ); // Try to get an authentication token from the other instance. - $curlResult = DI::httpRequest()->get($basepath . '/owa', ['headers' => $headers]); + $curlResult = DI::httpRequest()->get($basepath . '/owa', ['header' => $header]); if ($curlResult->isSuccess()) { $j = json_decode($curlResult->getBody(), true); diff --git a/src/Network/HTTPRequest.php b/src/Network/HTTPRequest.php index 6442295273..a0d940414e 100644 --- a/src/Network/HTTPRequest.php +++ b/src/Network/HTTPRequest.php @@ -52,6 +52,17 @@ class HTTPRequest implements IHTTPRequest $this->baseUrl = $baseUrl->get(); } + /** {@inheritDoc} + * + * @throws HTTPException\InternalServerErrorException + */ + public function head(string $url, array $opts = []) + { + $opts['nobody'] = true; + + return $this->get($url, $opts); + } + /** * {@inheritDoc} * @@ -130,6 +141,7 @@ class HTTPRequest implements IHTTPRequest curl_setopt($ch, CURLOPT_ENCODING, ''); if (!empty($opts['headers'])) { + $this->logger->notice('Wrong option \'headers\' used.'); @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); } @@ -172,8 +184,6 @@ class HTTPRequest implements IHTTPRequest curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); } - $logger = $this->logger; - $s = @curl_exec($ch); $curl_info = @curl_getinfo($ch); diff --git a/src/Network/IHTTPRequest.php b/src/Network/IHTTPRequest.php index d6bf981052..8927941e81 100644 --- a/src/Network/IHTTPRequest.php +++ b/src/Network/IHTTPRequest.php @@ -29,12 +29,10 @@ interface IHTTPRequest /** * Fetches the content of an URL * - * If binary flag is true, return binary results. * Set the cookiejar argument to a string (e.g. "/tmp/friendica-cookies.txt") * to preserve cookies from one request to the next. * * @param string $url URL to fetch - * TRUE if asked to return binary results (file download) * @param int $timeout Timeout in seconds, default system config value or 60 seconds * @param string $accept_content supply Accept: header with 'accept_content' as the value * @param string $cookiejar Path to cookie jar file @@ -50,7 +48,6 @@ interface IHTTPRequest * all the information collected during the fetch. * * @param string $url URL to fetch - * TRUE if asked to return binary results (file download) * @param int $timeout Timeout in seconds, default system config value or 60 seconds * @param string $accept_content supply Accept: header with 'accept_content' as the value * @param string $cookiejar Path to cookie jar file @@ -60,16 +57,26 @@ interface IHTTPRequest public function fetchFull(string $url, int $timeout = 0, string $accept_content = '', string $cookiejar = ''); /** - * Send a GET to an URL. + * Send a HEAD to an URL. + * + * @param string $url URL to fetch + * @param array $opts (optional parameters) assoziative array with: + * 'accept_content' => supply Accept: header with 'accept_content' as the value + * 'timeout' => int Timeout in seconds, default system config value or 60 seconds + * 'cookiejar' => path to cookie jar file + * 'header' => header array + * + * @return CurlResult + */ + public function head(string $url, array $opts = []); + + /** + * Send a GET to an URL. * * @param string $url URL to fetch - * TRUE if asked to return binary results (file download) * @param array $opts (optional parameters) assoziative array with: * 'accept_content' => supply Accept: header with 'accept_content' as the value * 'timeout' => int Timeout in seconds, default system config value or 60 seconds - * 'http_auth' => username:password - * 'novalidate' => do not validate SSL certs, default is to validate using our CA list - * 'nobody' => only return the header * 'cookiejar' => path to cookie jar file * 'header' => header array * diff --git a/src/Util/HTTPSignature.php b/src/Util/HTTPSignature.php index e3ed5d0799..e3244fade3 100644 --- a/src/Util/HTTPSignature.php +++ b/src/Util/HTTPSignature.php @@ -403,8 +403,6 @@ class HTTPSignature * @param array $opts (optional parameters) assoziative array with: * 'accept_content' => supply Accept: header with 'accept_content' as the value * 'timeout' => int Timeout in seconds, default system config value or 60 seconds - * 'http_auth' => username:password - * 'novalidate' => do not validate SSL certs, default is to validate using our CA list * 'nobody' => only return the header * 'cookiejar' => path to cookie jar file * @@ -413,7 +411,7 @@ class HTTPSignature */ public static function fetchRaw($request, $uid = 0, $binary = false, $opts = []) { - $headers = []; + $header = []; if (!empty($uid)) { $owner = User::getOwnerDataById($uid); @@ -433,23 +431,27 @@ class HTTPSignature $path = parse_url($request, PHP_URL_PATH); $date = DateTimeFormat::utcNow(DateTimeFormat::HTTP); - $headers = ['Date: ' . $date, 'Host: ' . $host]; + $header = ['Date: ' . $date, 'Host: ' . $host]; $signed_data = "(request-target): get " . $path . "\ndate: ". $date . "\nhost: " . $host; $signature = base64_encode(Crypto::rsaSign($signed_data, $owner['uprvkey'], 'sha256')); - $headers[] = 'Signature: keyId="' . $owner['url'] . '#main-key' . '",algorithm="rsa-sha256",headers="(request-target) date host",signature="' . $signature . '"'; + $header[] = 'Signature: keyId="' . $owner['url'] . '#main-key' . '",algorithm="rsa-sha256",headers="(request-target) date host",signature="' . $signature . '"'; } if (!empty($opts['accept_content'])) { - $headers[] = 'Accept: ' . $opts['accept_content']; + $header[] = 'Accept: ' . $opts['accept_content']; } $curl_opts = $opts; - $curl_opts['header'] = $headers; + $curl_opts['header'] = $header; - $curlResult = DI::httpRequest()->get($request, $curl_opts); + if ($opts['nobody']) { + $curlResult = DI::httpRequest()->head($request, $curl_opts); + } else { + $curlResult = DI::httpRequest()->get($request, $curl_opts); + } $return_code = $curlResult->getReturnCode(); Logger::log('Fetched for user ' . $uid . ' from ' . $request . ' returned ' . $return_code, Logger::DEBUG);