diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2021-03-09 08:41:47 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2021-03-09 08:41:47 +0100 |
| commit | b7fdfbb89421322e0ec15beb10f4260f33afd31e (patch) | |
| tree | 4dbf3e25a9940c50cac66194343525674f8c04c5 | |
| parent | ef4a826e345e2eb7c0013617b3f07cc53ef22ed8 (diff) | |
SimplePie prevent cache pollution (#3502)
* SimplePie prevent cache polution
#fix https://github.com/FreshRSS/FreshRSS/pull/3367#issuecomment-766250249
#fix https://github.com/FreshRSS/FreshRSS/pull/3494#issuecomment-790113663
* Fix bug
* Minor improvement
* Update cache filename in FreshRSS (1/2)
* cacheFilename temp
* New SimplePie get_cache_filename()
* Fix typos
* Update lib/SimplePie/SimplePie.php
Typo
* Include user-agent and timeout
* fix array_merge
* Declaration
* force_feed was lost in a commit
| -rw-r--r-- | app/Models/Feed.php | 4 | ||||
| -rw-r--r-- | lib/SimplePie/SimplePie.php | 35 | ||||
| -rw-r--r-- | lib/lib_rss.php | 1 |
3 files changed, 37 insertions, 3 deletions
diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 7f52ba52f..af9c54719 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -497,7 +497,9 @@ class FreshRSS_Feed extends Minz_Model { } protected function cacheFilename() { - return CACHE_PATH . '/' . md5($this->url) . '.spc'; + $simplePie = customSimplePie($this->attributes()); + $filename = $simplePie->get_cache_filename($this->url); + return CACHE_PATH . '/' . $filename . '.spc'; } public function clearCache() { diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index c5bcbb469..6a542e2c5 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -921,6 +921,37 @@ class SimplePie } /** + * Return the filename (i.e. hash, without path and without extension) of the file to cache a given URL. + */ + public function get_cache_filename($url) + { + // Append custom parameters to the URL to avoid cache pollution in case of multiple calls with different parameters. + $url .= $this->force_feed ? '#force_feed' : ''; + $options = array(); + if ($this->timeout != 10) + { + $options[CURLOPT_TIMEOUT] = $this->timeout; + } + if ($this->useragent !== SIMPLEPIE_USERAGENT) + { + $options[CURLOPT_USERAGENT] = $this->useragent; + } + if (!empty($this->curl_options)) + { + foreach ($this->curl_options as $k => $v) + { + $options[$k] = $v; + } + } + if (!empty($options)) + { + ksort($options); + $url .= '#' . urlencode(var_export($options, true)); + } + return call_user_func($this->cache_name_function, $url); + } + + /** * Set whether feed items should be sorted into reverse chronological order * * @param bool $enable Sort as reverse chronological order. @@ -1429,8 +1460,8 @@ class SimplePie // Decide whether to enable caching if ($this->cache && $parsed_feed_url['scheme'] !== '') { - $url = $this->feed_url . ($this->force_feed ? '#force_feed' : ''); - $cache = $this->registry->call('Cache', 'get_handler', array($this->cache_location, call_user_func($this->cache_name_function, $url), 'spc')); + $filename = $this->get_cache_filename($this->feed_url); + $cache = $this->registry->call('Cache', 'get_handler', array($this->cache_location, $filename, 'spc')); } // Fetch the data via SimplePie_File into $this->raw_data diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 13fce3d8c..0181d30de 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -173,6 +173,7 @@ function customSimplePie($attributes = array()) { $simplePie = new SimplePie(); $simplePie->set_useragent(FRESHRSS_USERAGENT); $simplePie->set_syslog(FreshRSS_Context::$system_conf->simplepie_syslog_enabled); + $simplePie->set_cache_name_function('sha1'); $simplePie->set_cache_location(CACHE_PATH); $simplePie->set_cache_duration($limits['cache_duration']); |