Make the proxy functionality optional

This commit is contained in:
Michael 2021-09-09 12:40:19 +00:00
parent 225d368139
commit bdb5aa6bd9
8 changed files with 225 additions and 200 deletions

View file

@ -162,6 +162,7 @@ class Site extends BaseAdmin
$disable_embedded = !empty($_POST['disable_embedded']);
$allow_users_remote_self = !empty($_POST['allow_users_remote_self']);
$explicit_content = !empty($_POST['explicit_content']);
$proxify_content = !empty($_POST['proxify_content']);
$enable_multi_reg = !empty($_POST['enable_multi_reg']);
$enable_openid = !empty($_POST['enable_openid']);
@ -328,6 +329,7 @@ class Site extends BaseAdmin
DI::config()->set('system', 'disable_embedded' , $disable_embedded);
DI::config()->set('system', 'allow_users_remote_self', $allow_users_remote_self);
DI::config()->set('system', 'explicit_content' , $explicit_content);
DI::config()->set('system', 'proxify_content' , $proxify_content);
DI::config()->set('system', 'check_new_version_url' , $check_new_version_url);
DI::config()->set('system', 'block_extended_register', !$enable_multi_reg);
@ -551,6 +553,7 @@ class Site extends BaseAdmin
'$private_addons' => ['private_addons', DI::l10n()->t('Disallow public access to addons listed in the apps menu.'), DI::config()->get('config', 'private_addons'), DI::l10n()->t('Checking this box will restrict addons listed in the apps menu to members only.')],
'$disable_embedded' => ['disable_embedded', DI::l10n()->t('Don\'t embed private images in posts'), DI::config()->get('system', 'disable_embedded'), DI::l10n()->t('Don\'t replace locally-hosted private photos in posts with an embedded copy of the image. This means that contacts who receive posts containing private photos will have to authenticate and load each image, which may take a while.')],
'$explicit_content' => ['explicit_content', DI::l10n()->t('Explicit Content'), DI::config()->get('system', 'explicit_content'), DI::l10n()->t('Set this to announce that your node is used mostly for explicit content that might not be suited for minors. This information will be published in the node information and might be used, e.g. by the global directory, to filter your node from listings of nodes to join. Additionally a note about this will be shown at the user registration page.')],
'$proxify_content' => ['proxify_content', DI::l10n()->t('Proxify external content'), DI::config()->get('system', 'proxify_content'), DI::l10n()->t('Redirect external content via the proxy functionality. This is used for example for some OEmbed accesses and in some other rare cases.')],
'$allow_users_remote_self'=> ['allow_users_remote_self', DI::l10n()->t('Allow Users to set remote_self'), DI::config()->get('system', 'allow_users_remote_self'), DI::l10n()->t('With checking this, every user is allowed to mark every contact as a remote_self in the repair contact dialog. Setting this flag on a contact causes mirroring every posting of that contact in the users stream.')],
'$enable_multi_reg' => ['enable_multi_reg', DI::l10n()->t('Enable multiple registrations'), !DI::config()->get('system', 'block_extended_register'), DI::l10n()->t('Enable users to register additional accounts for use as pages.')],
'$enable_openid' => ['enable_openid', DI::l10n()->t('Enable OpenID'), !DI::config()->get('system', 'no_openid'), DI::l10n()->t('Enable OpenID support for registration and logins.')],

View file

@ -24,6 +24,7 @@ namespace Friendica\Module;
use Friendica\BaseModule;
use Friendica\Core\Logger;
use Friendica\Core\System;
use Friendica\DI;
use Friendica\Object\Image;
use Friendica\Util\HTTPSignature;
use Friendica\Util\Images;
@ -44,6 +45,13 @@ class Proxy extends BaseModule
*/
public static function rawContent(array $parameters = [])
{
$request = self::getRequestInfo($parameters);
if (!DI::config()->get('system', 'proxify_content')) {
Logger::notice('Proxy access is forbidden', ['request' => $request, 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '', 'accept' => $_SERVER['HTTP_ACCEPT'] ?? '']);
throw new \Friendica\Network\HTTPException\NotFoundException();
}
if (isset($_SERVER["HTTP_IF_MODIFIED_SINCE"])) {
header("HTTP/1.1 304 Not Modified");
header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
@ -60,8 +68,6 @@ class Proxy extends BaseModule
exit;
}
$request = self::getRequestInfo($parameters);
if (empty($request['url'])) {
throw new \Friendica\Network\HTTPException\BadRequestException();
}

View file

@ -82,6 +82,10 @@ class Proxy
*/
public static function proxifyUrl($url, $size = '')
{
if (!DI::config()->get('system', 'proxify_content')) {
return $url;
}
// Trim URL first
$url = trim($url);

View file

@ -429,10 +429,6 @@ return [
// Enable internal timings to help optimize code. Needed for "rendertime" addon.
'profiler' => false,
// proxy_cache_time (Integer)
// Period in seconds after which the cache is cleared.
'proxy_cache_time' => 86400,
// pushpoll_frequency (Integer)
// Frequency of contact poll for subhub contact using the DFRM or OStatus network.
// Available values:

View file

@ -164,6 +164,10 @@ return [
// Comma separated list of tags that are rejected.
'relay_deny_tags' => '',
// proxify_content (Boolean)
// Use the proxy functionality for fetching external content
'proxify_content' => true,
// relay_directly (Boolean)
// Directly transmit content to relay subscribers without using a relay server
'relay_directly' => false,

File diff suppressed because it is too large Load diff

View file

@ -83,6 +83,7 @@
{{include file="field_checkbox.tpl" field=$disable_embedded}}
{{include file="field_checkbox.tpl" field=$allow_users_remote_self}}
{{include file="field_checkbox.tpl" field=$explicit_content}}
{{include file="field_checkbox.tpl" field=$proxify_content}}
<div class="submit"><input type="submit" name="page_site" value="{{$submit}}"/></div>
<h2>{{$advanced}}</h2>

View file

@ -164,6 +164,7 @@
{{include file="field_checkbox.tpl" field=$disable_embedded}}
{{include file="field_checkbox.tpl" field=$allow_users_remote_self}}
{{include file="field_checkbox.tpl" field=$explicit_content}}
{{include file="field_checkbox.tpl" field=$proxify_content}}
</div>
<div class="panel-footer">
<input type="submit" name="page_site" class="btn btn-primary" value="{{$submit}}"/>