php-cross-domain-proxy
php-cross-domain-proxy copied to clipboard
softius
Fixing redirects
The redirects were broken as there were multiple csurl parameters pasted together with '?' in the given location. This was causing "too many redirects" errors. (The $_SERVER['REQUEST_URI'] variable contains the exact uri that was called, including the query_parameters) In this solution the csurl parameter gets replaced.
Assuming the called address is proxy.php?csurl=some.url and the request to some.url returns a redirect to other.url
$_SERVER['REQUEST_URI'] therefore contains proxy.php?csurl=some.url
Current version:
code: 'Location: ' . $_SERVER['REQUEST_URI'] . '?csurl=' . $value;
result: 'Location: proxy.php?csurl=some.url?csurl=other.url
if the browser now calls this url it is just evaluated as another call to some.url and thus causing another redirect. This continues until the "too many redirects" limit is hit.
fixed version:
code: 'Location: ' . preg_replace('/\?csurl=.*/', '?csurl='.urlencode($value), $_SERVER['REQUEST_URI']);
result: 'Location: proxy.php?csurl=other.url'
I don't know exactly if the urlencode is really necessary, but it does not hurt, as the parameters get decoded automatically in the $_GET etc. vars
I think you just introduce a new bug.
When $_SERVER['REQUEST_URI'] doesn't contain csurl=some.url preg_replace will not working.
The following code should work:
$server_path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$response_header = 'Location: ' . $server_path . '?csurl=' . $value;
Assuming the called address is
proxy.php?csurl=some.urland the request tosome.urlreturns a redirect toother.url
$_SERVER['REQUEST_URI']therefore containsproxy.php?csurl=some.urlCurrent version: code:
'Location: ' . $_SERVER['REQUEST_URI'] . '?csurl=' . $value;result:'Location: proxy.php?csurl=some.url?csurl=other.urlif the browser now calls this url it is just evaluated as another call tosome.urland thus causing another redirect. This continues until the "too many redirects" limit is hit.fixed version: code:
'Location: ' . preg_replace('/\?csurl=.*/', '?csurl='.urlencode($value), $_SERVER['REQUEST_URI']);result:'Location: proxy.php?csurl=other.url'I don't know exactly if the urlencode is really necessary, but it does not hurt, as the parameters get decoded automatically in the $_GET etc. vars
This is quite a long time ago, but i think the point is that nothing needs to be replaced if there is no csurl in the address.
Can't say what your version does from the top of my head because I don't know what parse_url does in this context.
I can say that at some point we decided to fork this repo here: https://github.com/KlausBenndorf/guide4you-proxy The fork contains some rework and improvements, but I can't be used 'as is' because it contains templating values in the beginning that need to be filled in.