php-cross-domain-proxy
php-cross-domain-proxy copied to clipboard
Fixing redirects
The redirects were broken as there were multiple csurl parameters pasted together with '?' in the given location. This was causing "too many redirects" errors. (The $_SERVER['REQUEST_URI'] variable contains the exact uri that was called, including the query_parameters) In this solution the csurl parameter gets replaced.
Assuming the called address is proxy.php?csurl=some.url
and the request to some.url
returns a redirect to other.url
$_SERVER['REQUEST_URI']
therefore contains proxy.php?csurl=some.url
Current version:
code: 'Location: ' . $_SERVER['REQUEST_URI'] . '?csurl=' . $value;
result: 'Location: proxy.php?csurl=some.url?csurl=other.url
if the browser now calls this url it is just evaluated as another call to some.url
and thus causing another redirect. This continues until the "too many redirects" limit is hit.
fixed version:
code: 'Location: ' . preg_replace('/\?csurl=.*/', '?csurl='.urlencode($value), $_SERVER['REQUEST_URI']);
result: 'Location: proxy.php?csurl=other.url'
I don't know exactly if the urlencode is really necessary, but it does not hurt, as the parameters get decoded automatically in the $_GET etc. vars
I think you just introduce a new bug.
When $_SERVER['REQUEST_URI']
doesn't contain csurl=some.url
preg_replace will not working.
The following code should work:
$server_path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$response_header = 'Location: ' . $server_path . '?csurl=' . $value;
Assuming the called address is
proxy.php?csurl=some.url
and the request tosome.url
returns a redirect toother.url
$_SERVER['REQUEST_URI']
therefore containsproxy.php?csurl=some.url
Current version: code:
'Location: ' . $_SERVER['REQUEST_URI'] . '?csurl=' . $value;
result:'Location: proxy.php?csurl=some.url?csurl=other.url
if the browser now calls this url it is just evaluated as another call tosome.url
and thus causing another redirect. This continues until the "too many redirects" limit is hit.fixed version: code:
'Location: ' . preg_replace('/\?csurl=.*/', '?csurl='.urlencode($value), $_SERVER['REQUEST_URI']);
result:'Location: proxy.php?csurl=other.url'
I don't know exactly if the urlencode is really necessary, but it does not hurt, as the parameters get decoded automatically in the $_GET etc. vars
This is quite a long time ago, but i think the point is that nothing needs to be replaced if there is no csurl
in the address.
Can't say what your version does from the top of my head because I don't know what parse_url does in this context.
I can say that at some point we decided to fork this repo here: https://github.com/KlausBenndorf/guide4you-proxy The fork contains some rework and improvements, but I can't be used 'as is' because it contains templating values in the beginning that need to be filled in.
does your version retain other query parameters?