aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/HttpUtils.php
Commit message (Collapse)AuthorAgeFilesLines
* Increase buffer size for cURL downloadArthurHoaro2017-11-111-1/+1
| | | | 1kB chunk size has caused me a lot of trouble with Travis which wasn't completing the download
* Make work behind a reverse proxyArthurHoaro2017-09-021-0/+28
| | | | Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
* Respect HTTP_X_FORWARDED_HOSTStephen Muth2017-07-081-1/+13
| | | | | alongside _PORT and _PROTO Fixes #879
* Cleanup: use safe boolean comparisonsVirtualTam2017-01-071-1/+1
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Hide default port in local URL behind a reverse proxyArthurHoaro2017-01-031-2/+10
|
* Merge pull request #623 from ArthurHoaro/security/reverse-proxy-banArthur2016-10-121-0/+26
|\ | | | | Add trusted IPs in config and try to ban forwarded IP on failed login
| * Add trusted IPs in config and try to ban forwarded IP on failed loginArthurHoaro2016-08-031-0/+26
| | | | | | | | | | | | | | | | * Add a new settings (which needs to be manually set): `security.trusted_proxies` * On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers. * If found, the client address is added in ipbans, else we do nothing. Fixes #409
* | Set cURL as default in HTTP fetching, a fallback method and consistency ↵julienCXX2016-08-081-10/+150
|/ | | | fixup between both methods
* Fix startsWith and endsWith caseArthurHoaro2016-05-101-1/+1
|
* typoArthurHoaro2016-05-051-2/+2
|
* Fixes #531 - Title retrieving is failing with multiple use caseArthurHoaro2016-05-031-10/+50
| | | | see https://github.com/shaarli/Shaarli/issues/531 for details
* Fixes #477: support multi reverse proxy with comma syntaxArthurHoaro2016-02-281-2/+12
| | | | Going through multiple reverse proxy will store multiple scheme and port in HTTP header separated by a comma. Shaarli will use the first one to generate server_url.
* tests: add a make target to check file permissionsVirtualTam2016-01-171-0/+0
| | | | | | | | Additions: - [makefile] check versioned files are not executable - [travis] call the new make target Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Fixes #410 - Retrieve title fails in multiple casesArthurHoaro2016-01-111-7/+42
| | | | | | | | | * `get_http_url()` renamed to `get_http_response()`. * Use the same HTTP context to retrieve response headers and content. * Follow HTTP 301 and 302 redirections to retrieve the title (default max 3 redirections). * Add `LinkUtils` to extract titles and charset. * Try to retrieve charset from HTTP headers first (new), then HTML content. * Use mb_string to re-encode title if necessary.
* HTTP: move server URL functions to `HttpUtils.php`VirtualTam2015-09-141-0/+80
| | | | | | | | | | | | | Relates to #333 Modifications: - refactor server URL utility functions - do not access global `$_SERVER` variables - add test coverage - improve readability - apply coding conventions Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* HTTP: move utils to a proper file, add testsVirtualTam2015-09-061-0/+52
Relates to #333 Modifications: - move HTTP utils to 'application/HttpUtils.php' - simplify logic - replace 'http_parse_headers_shaarli' by built-in 'get_headers()' - remove superfluous '$status' parameter (provided by the HTTP headers) - apply coding conventions - add test coverage (unitary only) Signed-off-by: VirtualTam <virtualtam@flibidi.net>