From 17a603b333f305a5a9c8fdd36468575bc1cd8f74 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 17 May 2014 12:08:47 +0200 Subject: SimplePie patch accepted Merged into master branch of SimplePie https://github.com/simplepie/simplepie/pull/352 --- lib/SimplePie/SimplePie.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index d7aaeb0c5..685fe1cc0 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1331,7 +1331,7 @@ class SimplePie // First check to see if input has been overridden. if ($this->input_encoding !== false) { - $encodings[] = strtoupper($this->input_encoding); //FreshRSS + $encodings[] = strtoupper($this->input_encoding); } $application_types = array('application/xml', 'application/xml-dtd', 'application/xml-external-parsed-entity'); @@ -1355,7 +1355,7 @@ class SimplePie { if (isset($headers['content-type']) && preg_match('/;\x20?charset=([^;]*)/i', $headers['content-type'], $charset)) { - $encodings[] = strtoupper($charset[1]); //FreshRSS + $encodings[] = strtoupper($charset[1]); } else { -- cgit v1.2.3 From 63c9c47a761b9925e6811ae630c3b77ef05b9fc8 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 1 Jul 2014 23:28:51 +0200 Subject: SimplePie HTTP 301 Moved Permanently Add support for HTTP 301 Moved Permanently in SimplePie FreshRSS will automatically update the address of a feed, only in this case. --- app/Controllers/feedController.php | 64 ++++++++++++++++++++------------------ app/Models/Feed.php | 41 ++++++++++++++---------- lib/SimplePie/SimplePie.php | 38 +++++++++++++++++----- lib/SimplePie/SimplePie/File.php | 12 +++++-- 4 files changed, 97 insertions(+), 58 deletions(-) (limited to 'lib/SimplePie') diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index fce008399..5f5a40bc7 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -162,38 +162,39 @@ class FreshRSS_feed_Controller extends Minz_ActionController { } Minz_Request::forward (array ('c' => 'configure', 'a' => 'feed', 'params' => $params), true); - } - - // GET request so we must ask confirmation to user - Minz_View::prependTitle(Minz_Translate::t('add_rss_feed') . ' · '); - $this->view->categories = $this->catDAO->listCategories(); - $this->view->feed = new FreshRSS_Feed($url); - try { - // We try to get some more information about the feed - $this->view->feed->load(true); - $this->view->load_ok = true; - } catch (Exception $e) { - $this->view->load_ok = false; - } + } else { - $feed = $feedDAO->searchByUrl($this->view->feed->url()); - if ($feed) { - // Already subscribe so we redirect to the feed configuration page - $notif = array( - 'type' => 'bad', - 'content' => Minz_Translate::t( - 'already_subscribed', $feed->name() - ) - ); - Minz_Session::_param('notification', $notif); + // GET request so we must ask confirmation to user + Minz_View::prependTitle(Minz_Translate::t('add_rss_feed') . ' · '); + $this->view->categories = $this->catDAO->listCategories(); + $this->view->feed = new FreshRSS_Feed($url); + try { + // We try to get some more information about the feed + $this->view->feed->load(true); + $this->view->load_ok = true; + } catch (Exception $e) { + $this->view->load_ok = false; + } - Minz_Request::forward(array( - 'c' => 'configure', - 'a' => 'feed', - 'params' => array( - 'id' => $feed->id() - ) - ), true); + $feed = $feedDAO->searchByUrl($this->view->feed->url()); + if ($feed) { + // Already subscribe so we redirect to the feed configuration page + $notif = array( + 'type' => 'bad', + 'content' => Minz_Translate::t( + 'already_subscribed', $feed->name() + ) + ); + Minz_Session::_param('notification', $notif); + + Minz_Request::forward(array( + 'c' => 'configure', + 'a' => 'feed', + 'params' => array( + 'id' => $feed->id() + ) + ), true); + } } } @@ -300,7 +301,8 @@ class FreshRSS_feed_Controller extends Minz_ActionController { $feedDAO->commit(); } $flux_update++; - if ($feed->url() !== $url) { //URL has changed (auto-discovery) + if (($feed->url() !== $url)) { //HTTP 301 Moved Permanently + Minz_Log::record('Feed ' . $url . ' moved permanently to ' . $feed->url(), Minz_Log::NOTICE); $feedDAO->updateFeed($feed->id(), array('url' => $feed->url())); } } catch (FreshRSS_Feed_Exception $e) { diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 757eacd59..14b52b143 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -17,6 +17,7 @@ class FreshRSS_Feed extends Minz_Model { private $error = false; private $keep_history = -2; private $hash = null; + private $lockPath = ''; public function __construct ($url, $validate=true) { if ($validate) { @@ -193,28 +194,35 @@ class FreshRSS_Feed extends Minz_Model { } $feed = customSimplePie(); $feed->set_feed_url ($url); + if (!$loadDetails) { //Only activates auto-discovery when adding a new feed + $feed->set_autodiscovery_level(SIMPLEPIE_LOCATOR_NONE); + } $mtime = $feed->init(); if ((!$mtime) || $feed->error()) { throw new FreshRSS_Feed_Exception ($feed->error() . ' [' . $url . ']'); } - // si on a utilisé l'auto-discover, notre url va avoir changé - $subscribe_url = $feed->subscribe_url (); - if ($subscribe_url !== null && $subscribe_url !== $this->url) { - if ($this->httpAuth != '') { - // on enlève les id si authentification HTTP - $subscribe_url = preg_replace ('#((.+)://)((.+)@)(.+)#', '${1}${5}', $subscribe_url); - } - $this->_url ($subscribe_url); - } - if ($loadDetails) { + // si on a utilisé l'auto-discover, notre url va avoir changé + $subscribe_url = $feed->subscribe_url(false); + $title = strtr(html_only_entity_decode($feed->get_title()), array('<' => '<', '>' => '>', '"' => '"')); //HTML to HTML-PRE //ENT_COMPAT except & $this->_name ($title == '' ? $this->url : $title); $this->_website(html_only_entity_decode($feed->get_link())); $this->_description(html_only_entity_decode($feed->get_description())); + } else { + //The case of HTTP 301 Moved Permanently + $subscribe_url = $feed->subscribe_url(true); + } + + if ($subscribe_url !== null && $subscribe_url !== $this->url) { + if ($this->httpAuth != '') { + // on enlève les id si authentification HTTP + $subscribe_url = preg_replace ('#((.+)://)((.+)@)(.+)#', '${1}${5}', $subscribe_url); + } + $this->_url ($subscribe_url); } if (($mtime === true) || ($mtime > $this->lastUpdate)) { @@ -288,20 +296,19 @@ class FreshRSS_Feed extends Minz_Model { } function lock() { - $lock = TMP_PATH . '/' . md5(Minz_Configuration::salt() . $this->url) . '.freshrss.lock'; - if (file_exists($lock) && ((time() - @filemtime($lock)) > 3600)) { - @unlink($lock); + $this->lockPath = TMP_PATH . '/' . md5(Minz_Configuration::salt() . $this->url) . '.freshrss.lock'; + if (file_exists($this->lockPath) && ((time() - @filemtime($this->lockPath)) > 3600)) { + @unlink($this->lockPath); } - if (($handle = @fopen($lock, 'x')) === false) { + if (($handle = @fopen($this->lockPath, 'x')) === false) { return false; } - //register_shutdown_function('unlink', $lock); + //register_shutdown_function('unlink', $this->lockPath); @fclose($handle); return true; } function unlock() { - $lock = TMP_PATH . '/' . md5(Minz_Configuration::salt() . $this->url) . '.freshrss.lock'; - @unlink($lock); + @unlink($this->lockPath); } } diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index 685fe1cc0..06c100f59 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -445,6 +445,13 @@ class SimplePie */ public $feed_url; + /** + * @var string Original feed URL, or new feed URL iff HTTP 301 Moved Permanently + * @see SimplePie::subscribe_url() + * @access private + */ + public $permanent_url = null; //FreshRSS + /** * @var object Instance of SimplePie_File to use as a feed * @see SimplePie::set_file() @@ -735,6 +742,7 @@ class SimplePie else { $this->feed_url = $this->registry->call('Misc', 'fix_protocol', array($url, 1)); + $this->permanent_url = $this->feed_url; //FreshRSS } } @@ -749,6 +757,7 @@ class SimplePie if ($file instanceof SimplePie_File) { $this->feed_url = $file->url; + $this->permanent_url = $this->feed_url; //FreshRSS $this->file =& $file; return true; } @@ -1602,7 +1611,7 @@ class SimplePie } $this->raw_data = $file->body; - + $this->permanent_url = $file->permanent_url; //FreshRSS $headers = $file->headers; $sniffer = $this->registry->create('Content_Type_Sniffer', array(&$file)); $sniffed = $sniffer->get_type(); @@ -1788,26 +1797,39 @@ class SimplePie /** * Get the URL for the feed + * + * When the 'permanent' mode is enabled, returns the original feed URL, + * except in the case of an `HTTP 301 Moved Permanently` status response, + * in which case the location of the first redirection is returned. * - * May or may not be different from the URL passed to {@see set_feed_url()}, + * When the 'permanent' mode is disabled (default), + * may or may not be different from the URL passed to {@see set_feed_url()}, * depending on whether auto-discovery was used. * * @since Preview Release (previously called `get_feed_url()` since SimplePie 0.8.) - * @todo If we have a perm redirect we should return the new URL - * @todo When we make the above change, let's support as well + * @todo Support * @todo Also, |atom:link|@rel=self + * @param bool $permanent Permanent mode to return only the original URL or the first redirection + * iff it is a 301 redirection * @return string|null */ - public function subscribe_url() + public function subscribe_url($permanent = false) { - if ($this->feed_url !== null) + if ($permanent) //FreshRSS { - return $this->sanitize($this->feed_url, SIMPLEPIE_CONSTRUCT_IRI); + if ($this->permanent_url !== null) + { + return $this->sanitize($this->permanent_url, SIMPLEPIE_CONSTRUCT_IRI); + } } else { - return null; + if ($this->feed_url !== null) + { + return $this->sanitize($this->feed_url, SIMPLEPIE_CONSTRUCT_IRI); + } } + return null; } /** diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php index faf5dd1f1..b1bbe4420 100644 --- a/lib/SimplePie/SimplePie/File.php +++ b/lib/SimplePie/SimplePie/File.php @@ -64,6 +64,7 @@ class SimplePie_File var $redirects = 0; var $error; var $method = SIMPLEPIE_FILE_SOURCE_NONE; + var $permanent_url; //FreshRSS public function __construct($url, $timeout = 10, $redirects = 5, $headers = null, $useragent = null, $force_fsockopen = false) { @@ -74,6 +75,7 @@ class SimplePie_File $url = SimplePie_Misc::compress_parse_url($parsed['scheme'], $idn->encode($parsed['authority']), $parsed['path'], $parsed['query'], $parsed['fragment']); } $this->url = $url; + $this->permanent_url = $url; //FreshRSS $this->useragent = $useragent; if (preg_match('/^http(s)?:\/\//i', $url)) { @@ -142,7 +144,10 @@ class SimplePie_File { $this->redirects++; $location = SimplePie_Misc::absolutize_url($this->headers['location'], $url); - return $this->__construct($location, $timeout, $redirects, $headers, $useragent, $force_fsockopen); + $previousStatusCode = $this->status_code; + $this->__construct($location, $timeout, $redirects, $headers, $useragent, $force_fsockopen); + $this->permanent_url = ($previousStatusCode == 301) ? $location : $url; //FreshRSS + return; } } } @@ -224,7 +229,10 @@ class SimplePie_File { $this->redirects++; $location = SimplePie_Misc::absolutize_url($this->headers['location'], $url); - return $this->__construct($location, $timeout, $redirects, $headers, $useragent, $force_fsockopen); + $previousStatusCode = $this->status_code; + $this->__construct($location, $timeout, $redirects, $headers, $useragent, $force_fsockopen); + $this->permanent_url = ($previousStatusCode == 301) ? $location : $url; //FreshRSS + return; } if (isset($this->headers['content-encoding'])) { -- cgit v1.2.3 From c3fd8877c021b86180b3bea4d4260e6478f0558e Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 6 Sep 2014 16:04:49 +0200 Subject: Bug warning in case of invalid CDATA --- lib/SimplePie/SimplePie/Parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Parser.php b/lib/SimplePie/SimplePie/Parser.php index 9300b4ba9..7fb7bd9be 100644 --- a/lib/SimplePie/SimplePie/Parser.php +++ b/lib/SimplePie/SimplePie/Parser.php @@ -142,7 +142,7 @@ class SimplePie_Parser $dom = new DOMDocument(); $dom->recover = true; $dom->strictErrorChecking = false; - $dom->loadXML($data); + @$dom->loadXML($data); $this->encoding = $encoding = $dom->encoding = 'UTF-8'; $data2 = $dom->saveXML(); if (function_exists('mb_convert_encoding')) -- cgit v1.2.3 From 1283e73d08a0441dbf84d7e45ff8c1c42bf188b1 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 14 Oct 2014 20:00:06 +0200 Subject: SimplePie: bug date CEST https://github.com/marienfressinaud/FreshRSS/issues/659 https://github.com/simplepie/simplepie/pull/380 --- lib/SimplePie/SimplePie/Parse/Date.php | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Parse/Date.php b/lib/SimplePie/SimplePie/Parse/Date.php index ef800f125..ba7c0703e 100644 --- a/lib/SimplePie/SimplePie/Parse/Date.php +++ b/lib/SimplePie/SimplePie/Parse/Date.php @@ -331,6 +331,7 @@ class SimplePie_Parse_Date 'CCT' => 23400, 'CDT' => -18000, 'CEDT' => 7200, + 'CEST' => 7200, //FreshRSS 'CET' => 3600, 'CGST' => -7200, 'CGT' => -10800, -- cgit v1.2.3 From 00127f07c5fc784130d658e3f26519b0279fc6b8 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 28 Oct 2014 23:52:46 +0100 Subject: SimplePie: cache feeds with errors Before the cache system was not used for feeds with errors, which was problematic especially if several users have this feed. Furthermore, there was no protection against repetitive refresh. Bonus: slightly better performance by avoiding some superfluous file_exists(). Warning: needs a bit of testing https://github.com/marienfressinaud/FreshRSS/issues/681 --- app/Models/Feed.php | 3 ++- lib/SimplePie/SimplePie.php | 24 +++++++++++++++--------- lib/SimplePie/SimplePie/Cache/File.php | 12 ++++++------ 3 files changed, 23 insertions(+), 16 deletions(-) (limited to 'lib/SimplePie') diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 03baf3ad2..bd1babeea 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -217,7 +217,8 @@ class FreshRSS_Feed extends Minz_Model { $mtime = $feed->init(); if ((!$mtime) || $feed->error()) { - throw new FreshRSS_Feed_Exception($feed->error() . ' [' . $url . ']'); + $errorMessage = $feed->error(); + throw new FreshRSS_Feed_Exception(($errorMessage == '' ? 'Feed error' : $errorMessage) . ' [' . $url . ']'); } if ($loadDetails) { diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index 06c100f59..84001dd9a 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1455,7 +1455,11 @@ class SimplePie { // Load the Cache $this->data = $cache->load(); - if (!empty($this->data)) + if ($cache->mtime() + $this->cache_duration > time()) { //FreshRSS + $this->raw_data = false; + return true; // If the cache is still valid, just return true + } + elseif (!empty($this->data)) { // If the cache is for an outdated build of SimplePie if (!isset($this->data['build']) || $this->data['build'] !== SIMPLEPIE_BUILD) @@ -1487,7 +1491,7 @@ class SimplePie } } // Check if the cache has been updated - elseif ($cache->mtime() + $this->cache_duration < time()) + else //if ($cache->mtime() + $this->cache_duration < time()) //FreshRSS removed { // If we have last-modified and/or etag set //if (isset($this->data['headers']['last-modified']) || isset($this->data['headers']['etag'])) //FreshRSS removed @@ -1516,6 +1520,7 @@ class SimplePie } else { + $cache->touch(); //FreshRSS $this->error = $file->error; //FreshRSS return !empty($this->data); //FreshRSS //unset($file); //FreshRSS removed @@ -1533,17 +1538,18 @@ class SimplePie } } } - // If the cache is still valid, just return true - else - { - $this->raw_data = false; - return true; - } + //// If the cache is still valid, just return true + //else //FreshRSS removed + //{ + // $this->raw_data = false; + // return true; + //} } // If the cache is empty, delete it else { - $cache->unlink(); + //$cache->unlink(); //FreshRSS removed + $cache->touch(); //FreshRSS $this->data = array(); } } diff --git a/lib/SimplePie/SimplePie/Cache/File.php b/lib/SimplePie/SimplePie/Cache/File.php index 3b163545b..cb4b528c4 100644 --- a/lib/SimplePie/SimplePie/Cache/File.php +++ b/lib/SimplePie/SimplePie/Cache/File.php @@ -136,11 +136,11 @@ class SimplePie_Cache_File implements SimplePie_Cache_Base */ public function mtime() { - if (file_exists($this->name)) + //if (file_exists($this->name)) //FreshRSS removed { - return filemtime($this->name); + return @filemtime($this->name); //FreshRSS } - return false; + //return false; //FreshRSS removed } /** @@ -150,11 +150,11 @@ class SimplePie_Cache_File implements SimplePie_Cache_Base */ public function touch() { - if (file_exists($this->name)) + //if (file_exists($this->name)) //FreshRSS removed { - return touch($this->name); + return @touch($this->name); //FreshRSS } - return false; + //return false; //FreshRSS removed } /** -- cgit v1.2.3 From 56ac35095a6923661453916c472e117643cdea84 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Wed, 12 Nov 2014 22:23:59 +0100 Subject: Better error message for inaccessible feeds https://github.com/FreshRSS/FreshRSS/issues/456 --- lib/SimplePie/SimplePie.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index 84001dd9a..dc4bbb6cb 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1582,13 +1582,15 @@ class SimplePie if (!$locate->is_feed($file)) { + $copyStatusCode = $file->status_code; //FreshRSS + $copyContentType = $file->headers['content-type']; //FreshRSS // We need to unset this so that if SimplePie::set_file() has been called that object is untouched unset($file); try { if (!($file = $locate->find($this->autodiscovery, $this->all_discovered_feeds))) { - $this->error = "A feed could not be found at $this->feed_url. A feed with an invalid mime type may fall victim to this error, or " . SIMPLEPIE_NAME . " was unable to auto-discover it.. Use force_feed() if you are certain this URL is a real feed."; + $this->error = "A feed could not be found at `$this->feed_url`; the status code is `$copyStatusCode` and content-type is `$copyContentType`"; //FreshRSS $this->registry->call('Misc', 'error', array($this->error, E_USER_NOTICE, __FILE__, __LINE__)); return false; } -- cgit v1.2.3 From e4ea629f590192faf19a9cbdf33d400fdd6d5569 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Wed, 12 Nov 2014 22:42:47 +0100 Subject: SimplePie: Added unconventional mime type for RSS Since `application/rss+xml` is not official http://www.iana.org/assignments/media-types/media-types.xhtml, then it is fair enough to use the `x-` prefix. https://github.com/FreshRSS/FreshRSS/issues/706 --- lib/SimplePie/SimplePie/Locator.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Locator.php b/lib/SimplePie/SimplePie/Locator.php index 90ee7a302..4e5f7c1ca 100644 --- a/lib/SimplePie/SimplePie/Locator.php +++ b/lib/SimplePie/SimplePie/Locator.php @@ -148,7 +148,7 @@ class SimplePie_Locator { $sniffer = $this->registry->create('Content_Type_Sniffer', array($file)); $sniffed = $sniffer->get_type(); - if (in_array($sniffed, array('application/rss+xml', 'application/rdf+xml', 'text/rdf', 'application/atom+xml', 'text/xml', 'application/xml'))) + if (in_array($sniffed, array('application/rss+xml', 'application/rdf+xml', 'text/rdf', 'application/atom+xml', 'text/xml', 'application/xml', 'application/x-rss+xml'))) //FreshRSS { return true; } -- cgit v1.2.3 From 59ea9f2a3b131432236745483e20cb50338110df Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 29 Jan 2015 10:14:45 +0100 Subject: Remove calls to syslog() Temporary fix: - Change syslog by Minz_Log::notice in most of the files - Logs are stored in USERS_PATH/_/log.txt for actualize_script.php - Simply comment syslog in SimplePie See https://github.com/FreshRSS/FreshRSS/issues/711 --- app/Models/Feed.php | 4 ++-- app/actualize_script.php | 12 ++++++++---- lib/SimplePie/SimplePie.php | 4 ++-- lib/SimplePie/SimplePie/File.php | 2 +- lib/lib_rss.php | 2 +- 5 files changed, 14 insertions(+), 10 deletions(-) (limited to 'lib/SimplePie') diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 86cbb783e..74869bf11 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -249,10 +249,10 @@ class FreshRSS_Feed extends Minz_Model { } if (($mtime === true) ||($mtime > $this->lastUpdate)) { - syslog(LOG_DEBUG, 'FreshRSS no cache ' . $mtime . ' > ' . $this->lastUpdate . ' for ' . $subscribe_url); + Minz_Log::notice('FreshRSS no cache ' . $mtime . ' > ' . $this->lastUpdate . ' for ' . $subscribe_url); $this->loadEntries($feed); // et on charge les articles du flux } else { - syslog(LOG_DEBUG, 'FreshRSS use cache for ' . $subscribe_url); + Minz_Log::notice('FreshRSS use cache for ' . $subscribe_url); $this->entries = array(); } diff --git a/app/actualize_script.php b/app/actualize_script.php index bae40aa56..fc4f9bfbb 100755 --- a/app/actualize_script.php +++ b/app/actualize_script.php @@ -21,6 +21,9 @@ $_GET['force'] = true; $_SERVER['HTTP_HOST'] = ''; +$log_file = join_path(USERS_PATH, '_', 'log.txt'); + + $app = new FreshRSS(); $system_conf = Minz_Configuration::get('system'); @@ -41,13 +44,13 @@ $min_last_activity = time() - $limits['max_inactivity']; foreach ($users as $user) { if (($user !== $system_conf->default_user) && (FreshRSS_UserDAO::mtime($user) < $min_last_activity)) { - syslog(LOG_INFO, 'FreshRSS skip inactive user ' . $user); + Minz_Log::notice('FreshRSS skip inactive user ' . $user, $log_file); if (defined('STDOUT')) { fwrite(STDOUT, 'FreshRSS skip inactive user ' . $user . "\n"); //Unbuffered } continue; } - syslog(LOG_INFO, 'FreshRSS actualize ' . $user); + Minz_Log::notice('FreshRSS actualize ' . $user, $log_file); if (defined('STDOUT')) { fwrite(STDOUT, 'Actualize ' . $user . "...\n"); //Unbuffered } @@ -62,7 +65,8 @@ foreach ($users as $user) { if (!invalidateHttpCache()) { - syslog(LOG_NOTICE, 'FreshRSS write access problem in ' . join_path(USERS_PATH, $user, 'log.txt')); + Minz_Log::notice('FreshRSS write access problem in ' . join_path(USERS_PATH, $user, 'log.txt'), + $log_file); if (defined('STDERR')) { fwrite(STDERR, 'Write access problem in ' . join_path(USERS_PATH, $user, 'log.txt') . "\n"); } @@ -70,7 +74,7 @@ foreach ($users as $user) { } -syslog(LOG_INFO, 'FreshRSS actualize done.'); +Minz_Log::notice('FreshRSS actualize done.', $log_file); if (defined('STDOUT')) { fwrite(STDOUT, 'Done.' . "\n"); $end_date = date_create('now'); diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index dc4bbb6cb..c4872b5be 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1529,11 +1529,11 @@ class SimplePie { //FreshRSS $md5 = $this->cleanMd5($file->body); if ($this->data['md5'] === $md5) { - syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url); + // syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url); $cache->touch(); return true; //Content unchanged even though server did not send a 304 } else { - syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url); + // syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url); $this->data['md5'] = $md5; } } diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php index b1bbe4420..9625af2a9 100644 --- a/lib/SimplePie/SimplePie/File.php +++ b/lib/SimplePie/SimplePie/File.php @@ -79,7 +79,7 @@ class SimplePie_File $this->useragent = $useragent; if (preg_match('/^http(s)?:\/\//i', $url)) { - syslog(LOG_INFO, 'SimplePie GET ' . $url); //FreshRSS + // syslog(LOG_INFO, 'SimplePie GET ' . $url); //FreshRSS if ($useragent === null) { $useragent = ini_get('user_agent'); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 083e87745..3b3f6d279 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -180,7 +180,7 @@ function sanitizeHTML($data, $base = '') { function get_content_by_parsing ($url, $path) { require_once (LIB_PATH . '/lib_phpQuery.php'); - syslog(LOG_INFO, 'FreshRSS GET ' . $url); + Minz_Log::notice('FreshRSS GET ' . $url); $html = file_get_contents ($url); if ($html) { -- cgit v1.2.3 From ec611d7d543e27fe8c794cd98177d00cf636c58f Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 16 Mar 2015 21:37:28 +0100 Subject: SimplePie: decode special chars for MAYBE_HTML https://github.com/FreshRSS/FreshRSS/issues/754 Needs to check with many feeds to see if this does not introduce incompatibilities with some valid feeds. --- lib/SimplePie/SimplePie/Sanitize.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index 168a5e2e8..3da7239be 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -249,6 +249,11 @@ class SimplePie_Sanitize { if ($type & SIMPLEPIE_CONSTRUCT_MAYBE_HTML) { + if (preg_match('/&#(x[0-9a-fA-F]+|[0-9]+);/', $data)) //FreshRSS + { + $data = htmlspecialchars_decode($data, ENT_QUOTES); //FreshRSS + //syslog(LOG_DEBUG, 'SimplePie sanitize MAYBE_HTML htmlspecialchars_decode: ' . $data); //FreshRSS + } if (preg_match('/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data)) { $type |= SIMPLEPIE_CONSTRUCT_HTML; -- cgit v1.2.3 From 0e08b5ba56b2117e0f3d9bea6ae725295e8700d5 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 21 Mar 2015 15:13:08 +0100 Subject: htmlspecialchars_decode for all SIMPLEPIE_CONSTRUCT_MAYBE_HTML https://github.com/FreshRSS/FreshRSS/issues/754 --- lib/SimplePie/SimplePie/Sanitize.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index 3da7239be..e7c9f925f 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -249,11 +249,7 @@ class SimplePie_Sanitize { if ($type & SIMPLEPIE_CONSTRUCT_MAYBE_HTML) { - if (preg_match('/&#(x[0-9a-fA-F]+|[0-9]+);/', $data)) //FreshRSS - { - $data = htmlspecialchars_decode($data, ENT_QUOTES); //FreshRSS - //syslog(LOG_DEBUG, 'SimplePie sanitize MAYBE_HTML htmlspecialchars_decode: ' . $data); //FreshRSS - } + $data = htmlspecialchars_decode($data, ENT_QUOTES); //FreshRSS if (preg_match('/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data)) { $type |= SIMPLEPIE_CONSTRUCT_HTML; -- cgit v1.2.3 From 1a35e2271d3b9383e882371d37d5fef16abd745d Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 21 Mar 2015 18:20:36 +0100 Subject: SimplePie option to restaure syslog of HTTP requests https://github.com/FreshRSS/FreshRSS/issues/711 --- app/Models/Feed.php | 4 ++-- data/config.default.php | 1 + lib/SimplePie/SimplePie.php | 41 ++++++++++++++++++++++++++++++++++------ lib/SimplePie/SimplePie/File.php | 7 +++++-- lib/lib_rss.php | 1 + 5 files changed, 44 insertions(+), 10 deletions(-) (limited to 'lib/SimplePie') diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 5ce03be5d..5f67ea6ce 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -246,10 +246,10 @@ class FreshRSS_Feed extends Minz_Model { } if (($mtime === true) ||($mtime > $this->lastUpdate)) { - Minz_Log::notice('FreshRSS no cache ' . $mtime . ' > ' . $this->lastUpdate . ' for ' . $clean_url); + //Minz_Log::debug('FreshRSS no cache ' . $mtime . ' > ' . $this->lastUpdate . ' for ' . $clean_url); $this->loadEntries($feed); // et on charge les articles du flux } else { - Minz_Log::notice('FreshRSS use cache for ' . $clean_url); + //Minz_Log::debug('FreshRSS use cache for ' . $clean_url); $this->entries = array(); } diff --git a/data/config.default.php b/data/config.default.php index 97df3a299..839bd1687 100644 --- a/data/config.default.php +++ b/data/config.default.php @@ -12,6 +12,7 @@ return array( 'auth_type' => 'none', 'api_enabled' => false, 'unsafe_autologin_enabled' => false, + 'simplepie_syslog_enabled' => true, 'limits' => array( 'cache_duration' => 800, 'timeout' => 10, diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index c4872b5be..bb8ce4191 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -74,6 +74,12 @@ define('SIMPLEPIE_USERAGENT', SIMPLEPIE_NAME . '/' . SIMPLEPIE_VERSION . ' (Feed */ define('SIMPLEPIE_LINKBACK', '' . SIMPLEPIE_NAME . ''); +/** + * Use syslog to report HTTP requests done by SimplePie. + * @see SimplePie::set_syslog() + */ +define('SIMPLEPIE_SYSLOG', true); //FreshRSS + /** * No Autodiscovery * @see SimplePie::set_autodiscovery_level() @@ -622,6 +628,12 @@ class SimplePie */ public $strip_htmltags = array('base', 'blink', 'body', 'doctype', 'embed', 'font', 'form', 'frame', 'frameset', 'html', 'iframe', 'input', 'marquee', 'meta', 'noscript', 'object', 'param', 'script', 'style'); + /** + * Use syslog to report HTTP requests done by SimplePie. + * @see SimplePie::set_syslog() + */ + public $syslog_enabled = SIMPLEPIE_SYSLOG; + /** * The SimplePie class contains feed level data and options * @@ -1136,7 +1148,7 @@ class SimplePie $this->sanitize->strip_attributes($attribs); } - public function add_attributes($attribs = '') + public function add_attributes($attribs = '') //FreshRSS { if ($attribs === '') { @@ -1145,6 +1157,14 @@ class SimplePie $this->sanitize->add_attributes($attribs); } + /** + * Use syslog to report HTTP requests done by SimplePie. + */ + public function set_syslog($value = SIMPLEPIE_SYSLOG) //FreshRSS + { + $this->syslog_enabled = $value == true; + } + /** * Set the output encoding * @@ -1231,7 +1251,8 @@ class SimplePie $this->enable_exceptions = $enable; } - function cleanMd5($rss) { //FreshRSS + function cleanMd5($rss) //FreshRSS + { return md5(preg_replace(array('#<(lastBuildDate|pubDate|updated|feedDate|dc:date|slash:comments)>[^<]+#', '##s'), '', $rss)); } @@ -1329,7 +1350,8 @@ class SimplePie list($headers, $sniffed) = $fetched; - if (isset($this->data['md5'])) { //FreshRSS + if (isset($this->data['md5'])) //FreshRSS + { $md5 = $this->data['md5']; } } @@ -1455,7 +1477,8 @@ class SimplePie { // Load the Cache $this->data = $cache->load(); - if ($cache->mtime() + $this->cache_duration > time()) { //FreshRSS + if ($cache->mtime() + $this->cache_duration > time()) //FreshRSS + { $this->raw_data = false; return true; // If the cache is still valid, just return true } @@ -1529,11 +1552,17 @@ class SimplePie { //FreshRSS $md5 = $this->cleanMd5($file->body); if ($this->data['md5'] === $md5) { - // syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url); + if ($this->syslog_enabled) + { + syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url); + } $cache->touch(); return true; //Content unchanged even though server did not send a 304 } else { - // syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url); + if ($this->syslog_enabled) + { + syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url); + } $this->data['md5'] = $md5; } } diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php index 9625af2a9..56fe72196 100644 --- a/lib/SimplePie/SimplePie/File.php +++ b/lib/SimplePie/SimplePie/File.php @@ -66,7 +66,7 @@ class SimplePie_File var $method = SIMPLEPIE_FILE_SOURCE_NONE; var $permanent_url; //FreshRSS - public function __construct($url, $timeout = 10, $redirects = 5, $headers = null, $useragent = null, $force_fsockopen = false) + public function __construct($url, $timeout = 10, $redirects = 5, $headers = null, $useragent = null, $force_fsockopen = false, $syslog_enabled = SIMPLEPIE_SYSLOG) { if (class_exists('idna_convert')) { @@ -79,7 +79,10 @@ class SimplePie_File $this->useragent = $useragent; if (preg_match('/^http(s)?:\/\//i', $url)) { - // syslog(LOG_INFO, 'SimplePie GET ' . $url); //FreshRSS + if ($syslog_enabled) + { + syslog(LOG_INFO, 'SimplePie GET ' . $url); //FreshRSS + } if ($useragent === null) { $useragent = ini_get('user_agent'); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index e5fe73041..16ae3097f 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -123,6 +123,7 @@ function customSimplePie() { $limits = $system_conf->limits; $simplePie = new SimplePie(); $simplePie->set_useragent(_t('gen.freshrss') . '/' . FRESHRSS_VERSION . ' (' . PHP_OS . '; ' . FRESHRSS_WEBSITE . ') ' . SIMPLEPIE_NAME . '/' . SIMPLEPIE_VERSION); + $simplePie->set_syslog($system_conf->simplepie_syslog_enabled); $simplePie->set_cache_location(CACHE_PATH); $simplePie->set_cache_duration($limits['cache_duration']); $simplePie->set_timeout($limits['timeout']); -- cgit v1.2.3 From ad9fe52f5a76faf58d13fcf7bde8f58e85abe82b Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 22 Mar 2015 22:54:29 +0100 Subject: SimplePie sanitize URLs for syslog https://github.com/FreshRSS/FreshRSS/issues/711 https://github.com/FreshRSS/FreshRSS/pull/715 --- app/Models/Feed.php | 2 +- lib/SimplePie/SimplePie.php | 4 ++-- lib/SimplePie/SimplePie/File.php | 2 +- lib/SimplePie/SimplePie/Misc.php | 10 ++++++++++ lib/lib_rss.php | 12 +----------- 5 files changed, 15 insertions(+), 15 deletions(-) (limited to 'lib/SimplePie') diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 5f67ea6ce..15cbb7d0a 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -240,7 +240,7 @@ class FreshRSS_Feed extends Minz_Model { $subscribe_url = $feed->subscribe_url(true); } - $clean_url = url_remove_credentials($subscribe_url); + $clean_url = SimplePie_Misc::url_remove_credentials($subscribe_url); if ($subscribe_url !== null && $subscribe_url !== $url) { $this->_url($clean_url); } diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index bb8ce4191..54f4c5770 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1554,14 +1554,14 @@ class SimplePie if ($this->data['md5'] === $md5) { if ($this->syslog_enabled) { - syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . $this->feed_url); + syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url)); } $cache->touch(); return true; //Content unchanged even though server did not send a 304 } else { if ($this->syslog_enabled) { - syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . $this->feed_url); + syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url)); } $this->data['md5'] = $md5; } diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php index 56fe72196..1f9e3d502 100644 --- a/lib/SimplePie/SimplePie/File.php +++ b/lib/SimplePie/SimplePie/File.php @@ -81,7 +81,7 @@ class SimplePie_File { if ($syslog_enabled) { - syslog(LOG_INFO, 'SimplePie GET ' . $url); //FreshRSS + syslog(LOG_INFO, 'SimplePie GET ' . SimplePie_Misc::url_remove_credentials($url)); //FreshRSS } if ($useragent === null) { diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 5a263a2e5..de50d37b8 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -2240,5 +2240,15 @@ function embed_wmedia(width, height, link) { { // No-op } + + /** + * Sanitize a URL by removing HTTP credentials. + * @param $url the URL to sanitize. + * @return the same URL without HTTP credentials. + */ + function url_remove_credentials($url) //FreshRSS + { + return preg_replace('#(?<=//)[^/:@]+:[^/:@]+@#', '', $url); + } } diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 16ae3097f..65a1a8e04 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -181,7 +181,7 @@ function sanitizeHTML($data, $base = '') { function get_content_by_parsing ($url, $path) { require_once (LIB_PATH . '/lib_phpQuery.php'); - Minz_Log::notice('FreshRSS GET ' . url_remove_credentials($url)); + Minz_Log::notice('FreshRSS GET ' . SimplePie_Misc::url_remove_credentials($url)); $html = file_get_contents ($url); if ($html) { @@ -430,13 +430,3 @@ function array_push_unique(&$array, $value) { function array_remove(&$array, $value) { $array = array_diff($array, array($value)); } - - -/** - * Sanitize a URL by removing HTTP credentials. - * @param $url the URL to sanitize. - * @return the same URL without HTTP credentials. - */ -function url_remove_credentials($url) { - return preg_replace('/[^\/]*:[^:]*@/', '', $url); -} -- cgit v1.2.3 From 1c38e646c3223571988b33e6a0d481426e3b6931 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 22 Mar 2015 23:53:59 +0100 Subject: SimplePie seems to only supports HTTP schemes Can simplify the regex (faster because anchored) for cleaning URLs based on the fact that we only have to deal with HTTP or HTTPS --- lib/SimplePie/SimplePie/Misc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index de50d37b8..90f01f737 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -2248,7 +2248,7 @@ function embed_wmedia(width, height, link) { */ function url_remove_credentials($url) //FreshRSS { - return preg_replace('#(?<=//)[^/:@]+:[^/:@]+@#', '', $url); + return preg_replace('#(?<=^https?://)[^/:@]+:[^/:@]+@#', '', $url); } } -- cgit v1.2.3 From 0ed213d97f566d7f46747d28a318cf58cdb5d699 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 22 Mar 2015 23:56:47 +0100 Subject: Revert "SimplePie seems to only supports HTTP schemes" This reverts commit 1c38e646c3223571988b33e6a0d481426e3b6931. --- lib/SimplePie/SimplePie/Misc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 90f01f737..de50d37b8 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -2248,7 +2248,7 @@ function embed_wmedia(width, height, link) { */ function url_remove_credentials($url) //FreshRSS { - return preg_replace('#(?<=^https?://)[^/:@]+:[^/:@]+@#', '', $url); + return preg_replace('#(?<=//)[^/:@]+:[^/:@]+@#', '', $url); } } -- cgit v1.2.3 From 7735471140e1c6087a177192a09c7fb849decd77 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 23 Mar 2015 21:58:37 +0100 Subject: SimplePie faster regex for sanitizing URLs Can simplify the regex (faster because anchored) for cleaning URLs based on the fact that we only have to deal with HTTP or HTTPS https://github.com/FreshRSS/FreshRSS/pull/715 --- lib/SimplePie/SimplePie/Misc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index de50d37b8..91549f93a 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -2248,7 +2248,7 @@ function embed_wmedia(width, height, link) { */ function url_remove_credentials($url) //FreshRSS { - return preg_replace('#(?<=//)[^/:@]+:[^/:@]+@#', '', $url); + return preg_replace('#^(https?://)[^/:@]+:[^/:@]+@#i', '$1', $url); } } -- cgit v1.2.3 From 2bfc4dbf8b19cd2b892526ef65a966ff3bfef718 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 24 Mar 2015 21:58:00 +0100 Subject: SimplePie forgot static keyword https://github.com/FreshRSS/FreshRSS/issues/711 --- lib/SimplePie/SimplePie/Misc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 91549f93a..956a284cb 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -2246,7 +2246,7 @@ function embed_wmedia(width, height, link) { * @param $url the URL to sanitize. * @return the same URL without HTTP credentials. */ - function url_remove_credentials($url) //FreshRSS + public static function url_remove_credentials($url) //FreshRSS { return preg_replace('#^(https?://)[^/:@]+:[^/:@]+@#i', '$1', $url); } -- cgit v1.2.3 From cb114a341b904799b73e8e7ff1ebeab39d3c21ab Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 12 Jul 2015 00:35:31 +0200 Subject: Merge some pull requests from upstream silent Warning cast with PHP 5.3.3 (RHEL-6) https://github.com/simplepie/simplepie/pull/258 Use rss:pubDate over atom:updated when determining the posting date https://github.com/simplepie/simplepie/pull/288 Update Item.php: add support for media thumbnails https://github.com/simplepie/simplepie/pull/340 Remove PHP Notices https://github.com/simplepie/simplepie/pull/353 And removed "FreshRSS" annotations for pull requests submitted upstream Fixed a typo in Date.php (wrong number for September) https://github.com/simplepie/simplepie/pull/374 Remove duplicate case https://github.com/simplepie/simplepie/pull/406 Added set_curl_options method to allow custom options https://github.com/simplepie/simplepie/pull/407 Improved error message https://github.com/simplepie/simplepie/pull/412 --- lib/SimplePie/SimplePie.php | 149 ++++++++++++----------- lib/SimplePie/SimplePie/Cache/File.php | 12 +- lib/SimplePie/SimplePie/Decode/HTML/Entities.php | 1 - lib/SimplePie/SimplePie/File.php | 10 +- lib/SimplePie/SimplePie/Item.php | 42 +++++-- lib/SimplePie/SimplePie/Locator.php | 2 +- lib/SimplePie/SimplePie/Misc.php | 8 +- lib/SimplePie/SimplePie/Parse/Date.php | 6 +- lib/SimplePie/SimplePie/Registry.php | 4 +- lib/SimplePie/SimplePie/Sanitize.php | 4 +- 10 files changed, 133 insertions(+), 105 deletions(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index 54f4c5770..6c0962a9f 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -456,7 +456,7 @@ class SimplePie * @see SimplePie::subscribe_url() * @access private */ - public $permanent_url = null; //FreshRSS + public $permanent_url = null; /** * @var object Instance of SimplePie_File to use as a feed @@ -479,6 +479,13 @@ class SimplePie */ public $timeout = 10; + /** + * @var array Custom curl options + * @see SimplePie::set_curl_options() + * @access private + */ + public $curl_options = array(); + /** * @var bool Forces fsockopen() to be used for remote files instead * of cURL, even if a new enough version is installed @@ -754,7 +761,7 @@ class SimplePie else { $this->feed_url = $this->registry->call('Misc', 'fix_protocol', array($url, 1)); - $this->permanent_url = $this->feed_url; //FreshRSS + $this->permanent_url = $this->feed_url; } } @@ -769,7 +776,7 @@ class SimplePie if ($file instanceof SimplePie_File) { $this->feed_url = $file->url; - $this->permanent_url = $this->feed_url; //FreshRSS + $this->permanent_url = $this->feed_url; $this->file =& $file; return true; } @@ -807,6 +814,19 @@ class SimplePie { $this->timeout = (int) $timeout; } + + /** + * Set custom curl options + * + * This allows you to change default curl options + * + * @since 1.0 Beta 3 + * @param array $curl_options Curl options to add to default settings + */ + public function set_curl_options(array $curl_options = array()) + { + $this->curl_options = $curl_options; + } /** * Force SimplePie to use fsockopen() instead of cURL @@ -1251,7 +1271,7 @@ class SimplePie $this->enable_exceptions = $enable; } - function cleanMd5($rss) //FreshRSS + function cleanMd5($rss) { return md5(preg_replace(array('#<(lastBuildDate|pubDate|updated|feedDate|dc:date|slash:comments)>[^<]+#', '##s'), '', $rss)); } @@ -1297,7 +1317,7 @@ class SimplePie // Pass whatever was set with config options over to the sanitizer. // Pass the classes in for legacy support; new classes should use the registry instead $this->sanitize->pass_cache_data($this->cache, $this->cache_location, $this->cache_name_function, $this->registry->get_class('Cache')); - $this->sanitize->pass_file_data($this->registry->get_class('File'), $this->timeout, $this->useragent, $this->force_fsockopen); + $this->sanitize->pass_file_data($this->registry->get_class('File'), $this->timeout, $this->useragent, $this->force_fsockopen, $this->curl_options); if (!empty($this->multifeed_url)) { @@ -1342,7 +1362,7 @@ class SimplePie // Fetch the data via SimplePie_File into $this->raw_data if (($fetched = $this->fetch_data($cache)) === true) { - return $this->data['mtime']; //FreshRSS + return $this->data['mtime']; } elseif ($fetched === false) { return false; @@ -1350,7 +1370,7 @@ class SimplePie list($headers, $sniffed) = $fetched; - if (isset($this->data['md5'])) //FreshRSS + if (isset($this->data['md5'])) { $md5 = $this->data['md5']; } @@ -1435,8 +1455,8 @@ class SimplePie $this->data['headers'] = $headers; } $this->data['build'] = SIMPLEPIE_BUILD; - $this->data['mtime'] = time(); //FreshRSS - $this->data['md5'] = empty($md5) ? $this->cleanMd5($this->raw_data) : $md5; //FreshRSS + $this->data['mtime'] = time(); + $this->data['md5'] = empty($md5) ? $this->cleanMd5($this->raw_data) : $md5; // Cache the file if caching is enabled if ($cache && !$cache->save($this)) @@ -1451,7 +1471,7 @@ class SimplePie if (isset($parser)) { // We have an error, just set SimplePie_Misc::error to it and quit - $this->error = sprintf('This XML document is invalid, likely due to invalid characters. XML error: %s at line %d, column %d', $parser->get_error_string(), $parser->get_current_line(), $parser->get_current_column()); + $this->error = sprintf('This XML document is invalid, likely due to invalid characters. XML error: %s at line %d, column %d, encoding %s, URL: %s', $parser->get_error_string(), $parser->get_current_line(), $parser->get_current_column(), $encoding, $this->feed_url); } else { @@ -1477,7 +1497,7 @@ class SimplePie { // Load the Cache $this->data = $cache->load(); - if ($cache->mtime() + $this->cache_duration > time()) //FreshRSS + if ($cache->mtime() + $this->cache_duration > time()) { $this->raw_data = false; return true; // If the cache is still valid, just return true @@ -1514,71 +1534,58 @@ class SimplePie } } // Check if the cache has been updated - else //if ($cache->mtime() + $this->cache_duration < time()) //FreshRSS removed + else { - // If we have last-modified and/or etag set - //if (isset($this->data['headers']['last-modified']) || isset($this->data['headers']['etag'])) //FreshRSS removed + $headers = array( + 'Accept' => 'application/atom+xml, application/rss+xml, application/rdf+xml;q=0.9, application/xml;q=0.8, text/xml;q=0.8, text/html;q=0.7, unknown/unknown;q=0.1, application/unknown;q=0.1, */*;q=0.1', + ); + if (isset($this->data['headers']['last-modified'])) { - $headers = array( - 'Accept' => 'application/atom+xml, application/rss+xml, application/rdf+xml;q=0.9, application/xml;q=0.8, text/xml;q=0.8, text/html;q=0.7, unknown/unknown;q=0.1, application/unknown;q=0.1, */*;q=0.1', - ); - if (isset($this->data['headers']['last-modified'])) - { - $headers['if-modified-since'] = $this->data['headers']['last-modified']; - } - if (isset($this->data['headers']['etag'])) - { - $headers['if-none-match'] = $this->data['headers']['etag']; - } + $headers['if-modified-since'] = $this->data['headers']['last-modified']; + } + if (isset($this->data['headers']['etag'])) + { + $headers['if-none-match'] = $this->data['headers']['etag']; + } - $file = $this->registry->create('File', array($this->feed_url, $this->timeout, 5, $headers, $this->useragent, $this->force_fsockopen)); //FreshRSS + $file = $this->registry->create('File', array($this->feed_url, $this->timeout, 5, $headers, $this->useragent, $this->force_fsockopen, $this->curl_options)); - if ($file->success) + if ($file->success) + { + if ($file->status_code === 304) { - if ($file->status_code === 304) - { - $cache->touch(); - return true; - } + $cache->touch(); + return true; } - else + } + else + { + $cache->touch(); + $this->error = $file->error; + return !empty($this->data); + } + + $md5 = $this->cleanMd5($file->body); + if ($this->data['md5'] === $md5) { + if ($this->syslog_enabled) { - $cache->touch(); //FreshRSS - $this->error = $file->error; //FreshRSS - return !empty($this->data); //FreshRSS - //unset($file); //FreshRSS removed + syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url)); } - } - { //FreshRSS - $md5 = $this->cleanMd5($file->body); - if ($this->data['md5'] === $md5) { - if ($this->syslog_enabled) - { - syslog(LOG_DEBUG, 'SimplePie MD5 cache match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url)); - } - $cache->touch(); - return true; //Content unchanged even though server did not send a 304 - } else { - if ($this->syslog_enabled) - { - syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url)); - } - $this->data['md5'] = $md5; + $cache->touch(); + return true; //Content unchanged even though server did not send a 304 + } else { + if ($this->syslog_enabled) + { + syslog(LOG_DEBUG, 'SimplePie MD5 cache no match for ' . SimplePie_Misc::url_remove_credentials($this->feed_url)); } + $this->data['md5'] = $md5; } } - //// If the cache is still valid, just return true - //else //FreshRSS removed - //{ - // $this->raw_data = false; - // return true; - //} - } - // If the cache is empty, delete it + } + // If the cache is empty else { - //$cache->unlink(); //FreshRSS removed - $cache->touch(); //FreshRSS + $cache->touch(); //To keep the date/time of the last tentative update $this->data = array(); } } @@ -1594,7 +1601,7 @@ class SimplePie $headers = array( 'Accept' => 'application/atom+xml, application/rss+xml, application/rdf+xml;q=0.9, application/xml;q=0.8, text/xml;q=0.8, text/html;q=0.7, unknown/unknown;q=0.1, application/unknown;q=0.1, */*;q=0.1', ); - $file = $this->registry->create('File', array($this->feed_url, $this->timeout, 5, $headers, $this->useragent, $this->force_fsockopen)); + $file = $this->registry->create('File', array($this->feed_url, $this->timeout, 5, $headers, $this->useragent, $this->force_fsockopen, $this->curl_options)); } } // If the file connection has an error, set SimplePie::error to that and quit @@ -1611,15 +1618,15 @@ class SimplePie if (!$locate->is_feed($file)) { - $copyStatusCode = $file->status_code; //FreshRSS - $copyContentType = $file->headers['content-type']; //FreshRSS + $copyStatusCode = $file->status_code; + $copyContentType = $file->headers['content-type']; // We need to unset this so that if SimplePie::set_file() has been called that object is untouched unset($file); try { if (!($file = $locate->find($this->autodiscovery, $this->all_discovered_feeds))) { - $this->error = "A feed could not be found at `$this->feed_url`; the status code is `$copyStatusCode` and content-type is `$copyContentType`"; //FreshRSS + $this->error = "A feed could not be found at `$this->feed_url`; the status code is `$copyStatusCode` and content-type is `$copyContentType`"; $this->registry->call('Misc', 'error', array($this->error, E_USER_NOTICE, __FILE__, __LINE__)); return false; } @@ -1634,8 +1641,8 @@ class SimplePie if ($cache) { $this->data = array('url' => $this->feed_url, 'feed_url' => $file->url, 'build' => SIMPLEPIE_BUILD); - $this->data['mtime'] = time(); //FreshRSS - $this->data['md5'] = empty($md5) ? $this->cleanMd5($file->body) : $md5; //FreshRSS + $this->data['mtime'] = time(); + $this->data['md5'] = empty($md5) ? $this->cleanMd5($file->body) : $md5; if (!$cache->save($this)) { trigger_error("$this->cache_location is not writeable. Make sure you've set the correct relative or absolute path, and that the location is server-writable.", E_USER_WARNING); @@ -1648,7 +1655,7 @@ class SimplePie } $this->raw_data = $file->body; - $this->permanent_url = $file->permanent_url; //FreshRSS + $this->permanent_url = $file->permanent_url; $headers = $file->headers; $sniffer = $this->registry->create('Content_Type_Sniffer', array(&$file)); $sniffed = $sniffer->get_type(); @@ -1852,7 +1859,7 @@ class SimplePie */ public function subscribe_url($permanent = false) { - if ($permanent) //FreshRSS + if ($permanent) { if ($this->permanent_url !== null) { diff --git a/lib/SimplePie/SimplePie/Cache/File.php b/lib/SimplePie/SimplePie/Cache/File.php index cb4b528c4..72e75a4b6 100644 --- a/lib/SimplePie/SimplePie/Cache/File.php +++ b/lib/SimplePie/SimplePie/Cache/File.php @@ -136,11 +136,7 @@ class SimplePie_Cache_File implements SimplePie_Cache_Base */ public function mtime() { - //if (file_exists($this->name)) //FreshRSS removed - { - return @filemtime($this->name); //FreshRSS - } - //return false; //FreshRSS removed + return @filemtime($this->name); } /** @@ -150,11 +146,7 @@ class SimplePie_Cache_File implements SimplePie_Cache_Base */ public function touch() { - //if (file_exists($this->name)) //FreshRSS removed - { - return @touch($this->name); //FreshRSS - } - //return false; //FreshRSS removed + return @touch($this->name); } /** diff --git a/lib/SimplePie/SimplePie/Decode/HTML/Entities.php b/lib/SimplePie/SimplePie/Decode/HTML/Entities.php index cde06c884..46b3a1dff 100644 --- a/lib/SimplePie/SimplePie/Decode/HTML/Entities.php +++ b/lib/SimplePie/SimplePie/Decode/HTML/Entities.php @@ -169,7 +169,6 @@ class SimplePie_Decode_HTML_Entities case "\x09": case "\x0A": case "\x0B": - case "\x0B": case "\x0C": case "\x20": case "\x3C": diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php index 1f9e3d502..643648ddb 100644 --- a/lib/SimplePie/SimplePie/File.php +++ b/lib/SimplePie/SimplePie/File.php @@ -66,7 +66,7 @@ class SimplePie_File var $method = SIMPLEPIE_FILE_SOURCE_NONE; var $permanent_url; //FreshRSS - public function __construct($url, $timeout = 10, $redirects = 5, $headers = null, $useragent = null, $force_fsockopen = false, $syslog_enabled = SIMPLEPIE_SYSLOG) + public function __construct($url, $timeout = 10, $redirects = 5, $headers = null, $useragent = null, $force_fsockopen = false, $curl_options = array(), $syslog_enabled = SIMPLEPIE_SYSLOG) { if (class_exists('idna_convert')) { @@ -75,7 +75,7 @@ class SimplePie_File $url = SimplePie_Misc::compress_parse_url($parsed['scheme'], $idn->encode($parsed['authority']), $parsed['path'], $parsed['query'], $parsed['fragment']); } $this->url = $url; - $this->permanent_url = $url; //FreshRSS + $this->permanent_url = $url; $this->useragent = $useragent; if (preg_match('/^http(s)?:\/\//i', $url)) { @@ -119,6 +119,10 @@ class SimplePie_File curl_setopt($fp, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($fp, CURLOPT_MAXREDIRS, $redirects); } + foreach ($curl_options as $curl_param => $curl_value) + { + curl_setopt($fp, $curl_param, $curl_value); + } $this->headers = curl_exec($fp); if (curl_errno($fp) === 23 || curl_errno($fp) === 61) @@ -149,7 +153,7 @@ class SimplePie_File $location = SimplePie_Misc::absolutize_url($this->headers['location'], $url); $previousStatusCode = $this->status_code; $this->__construct($location, $timeout, $redirects, $headers, $useragent, $force_fsockopen); - $this->permanent_url = ($previousStatusCode == 301) ? $location : $url; //FreshRSS + $this->permanent_url = ($previousStatusCode == 301) ? $location : $url; return; } } diff --git a/lib/SimplePie/SimplePie/Item.php b/lib/SimplePie/SimplePie/Item.php index 7bd96c15f..27e93456e 100644 --- a/lib/SimplePie/SimplePie/Item.php +++ b/lib/SimplePie/SimplePie/Item.php @@ -406,6 +406,30 @@ class SimplePie_Item return null; } } + + /** + * Get the media:thumbnail of the item + * + * Uses `` + * + * + * @return array|null + */ + public function get_thumbnail() + { + if (!isset($this->data['thumbnail'])) + { + if ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_MEDIARSS, 'thumbnail')) + { + $this->data['thumbnail'] = $return[0]['attribs']['']; + } + else + { + $this->data['thumbnail'] = null; + } + } + return $this->data['thumbnail']; + } /** * Get a category for the item @@ -738,31 +762,31 @@ class SimplePie_Item { $this->data['date']['raw'] = $return[0]['data']; } - elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated')) + elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_RSS_20, 'pubDate')) { $this->data['date']['raw'] = $return[0]['data']; } - elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_03, 'issued')) + elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_DC_11, 'date')) { $this->data['date']['raw'] = $return[0]['data']; } - elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_03, 'created')) + elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_DC_10, 'date')) { $this->data['date']['raw'] = $return[0]['data']; } - elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_03, 'modified')) + elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated')) { $this->data['date']['raw'] = $return[0]['data']; } - elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_RSS_20, 'pubDate')) + elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_03, 'issued')) { $this->data['date']['raw'] = $return[0]['data']; } - elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_DC_11, 'date')) + elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_03, 'created')) { $this->data['date']['raw'] = $return[0]['data']; } - elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_DC_10, 'date')) + elseif ($return = $this->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_03, 'modified')) { $this->data['date']['raw'] = $return[0]['data']; } @@ -2733,7 +2757,9 @@ class SimplePie_Item { foreach ($content['child'][SIMPLEPIE_NAMESPACE_MEDIARSS]['thumbnail'] as $thumbnail) { - $thumbnails[] = $this->sanitize($thumbnail['attribs']['']['url'], SIMPLEPIE_CONSTRUCT_IRI); + if (isset($thumbnail['attribs']['']['url'])) { + $thumbnails[] = $this->sanitize($thumbnail['attribs']['']['url'], SIMPLEPIE_CONSTRUCT_IRI); + } } if (is_array($thumbnails)) { diff --git a/lib/SimplePie/SimplePie/Locator.php b/lib/SimplePie/SimplePie/Locator.php index 4e5f7c1ca..ba4a843b0 100644 --- a/lib/SimplePie/SimplePie/Locator.php +++ b/lib/SimplePie/SimplePie/Locator.php @@ -148,7 +148,7 @@ class SimplePie_Locator { $sniffer = $this->registry->create('Content_Type_Sniffer', array($file)); $sniffed = $sniffer->get_type(); - if (in_array($sniffed, array('application/rss+xml', 'application/rdf+xml', 'text/rdf', 'application/atom+xml', 'text/xml', 'application/xml', 'application/x-rss+xml'))) //FreshRSS + if (in_array($sniffed, array('application/rss+xml', 'application/rdf+xml', 'text/rdf', 'application/atom+xml', 'text/xml', 'application/xml', 'application/x-rss+xml'))) { return true; } diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 956a284cb..9e7ac4fa8 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -79,8 +79,8 @@ class SimplePie_Misc public static function absolutize_url($relative, $base) { - if (substr($relative, 0, 2) === '//') //FreshRSS: disable absolutize_url for "//www.example.net" which will pick HTTP or HTTPS automatically - { + if (substr($relative, 0, 2) === '//') + {//Allow protocol-relative URLs "//www.example.net" which will pick HTTP or HTTPS automatically return $relative; } $iri = SimplePie_IRI::absolutize(new SimplePie_IRI($base), $relative); @@ -128,7 +128,7 @@ class SimplePie_Misc { $attribs[$j][2] = $attribs[$j][1]; } - $return[$i]['attribs'][strtolower($attribs[$j][1])]['data'] = SimplePie_Misc::entities_decode(end($attribs[$j]), 'UTF-8'); //FreshRSS + $return[$i]['attribs'][strtolower($attribs[$j][1])]['data'] = SimplePie_Misc::entities_decode(end($attribs[$j]), 'UTF-8'); } } } @@ -142,7 +142,7 @@ class SimplePie_Misc foreach ($element['attribs'] as $key => $value) { $key = strtolower($key); - $full .= " $key=\"" . htmlspecialchars($value['data'], ENT_COMPAT, 'UTF-8') . '"'; //FreshRSS + $full .= " $key=\"" . htmlspecialchars($value['data'], ENT_COMPAT, 'UTF-8') . '"'; } if ($element['self_closing']) { diff --git a/lib/SimplePie/SimplePie/Parse/Date.php b/lib/SimplePie/SimplePie/Parse/Date.php index ba7c0703e..50bb5cffa 100644 --- a/lib/SimplePie/SimplePie/Parse/Date.php +++ b/lib/SimplePie/SimplePie/Parse/Date.php @@ -173,7 +173,7 @@ class SimplePie_Parse_Date 'aug' => 8, 'august' => 8, 'sep' => 9, - 'september' => 8, + 'september' => 9, 'oct' => 10, 'october' => 10, 'nov' => 11, @@ -331,8 +331,8 @@ class SimplePie_Parse_Date 'CCT' => 23400, 'CDT' => -18000, 'CEDT' => 7200, - 'CEST' => 7200, //FreshRSS 'CET' => 3600, + 'CEST' => 7200, 'CGST' => -7200, 'CGT' => -10800, 'CHADT' => 49500, @@ -721,7 +721,7 @@ class SimplePie_Parse_Date { $output .= substr($string, $position, $pos - $position); $position = $pos + 1; - if ($string[$pos - 1] !== '\\') + if ($pos === 0 || $string[$pos - 1] !== '\\') { $depth++; while ($depth && $position < $length) diff --git a/lib/SimplePie/SimplePie/Registry.php b/lib/SimplePie/SimplePie/Registry.php index bd9c1f535..dac55e34e 100755 --- a/lib/SimplePie/SimplePie/Registry.php +++ b/lib/SimplePie/SimplePie/Registry.php @@ -113,7 +113,7 @@ class SimplePie_Registry */ public function register($type, $class, $legacy = false) { - if (!is_subclass_of($class, $this->default[$type])) + if (!@is_subclass_of($class, $this->default[$type])) { return false; } @@ -222,4 +222,4 @@ class SimplePie_Registry $result = call_user_func_array(array($class, $method), $parameters); return $result; } -} \ No newline at end of file +} diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index e7c9f925f..a6863ec03 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -249,7 +249,7 @@ class SimplePie_Sanitize { if ($type & SIMPLEPIE_CONSTRUCT_MAYBE_HTML) { - $data = htmlspecialchars_decode($data, ENT_QUOTES); //FreshRSS + $data = htmlspecialchars_decode($data, ENT_QUOTES); if (preg_match('/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data)) { $type |= SIMPLEPIE_CONSTRUCT_HTML; @@ -280,7 +280,7 @@ class SimplePie_Sanitize $document->loadHTML($data); restore_error_handler(); - $xpath = new DOMXPath($document); //FreshRSS + $xpath = new DOMXPath($document); // Strip comments if ($this->strip_comments) -- cgit v1.2.3 From fa432755cc9d0cc71be54d463bdfb7558d62c5f1 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 12 Jul 2015 12:16:56 +0200 Subject: Implement cURL options https://github.com/FreshRSS/FreshRSS/issues/897 Requires that https://github.com/FreshRSS/FreshRSS/pull/898 is merged first. --- CHANGELOG.md | 2 ++ data/config.default.php | 19 +++++++++++++++++-- lib/SimplePie/SimplePie/File.php | 1 - lib/lib_rss.php | 1 + 4 files changed, 20 insertions(+), 3 deletions(-) (limited to 'lib/SimplePie') diff --git a/CHANGELOG.md b/CHANGELOG.md index 0ebfd50ac..23feda577 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,9 @@ * Features * Support for PubSubHubbub for instant notifications from compatible Web sites. [#312](https://github.com/FreshRSS/FreshRSS/issues/312) + * cURL options to use a proxy for retrieving feeds. [#897](https://github.com/FreshRSS/FreshRSS/issues/897) [#675](https://github.com/FreshRSS/FreshRSS/issues/675) * Security + * cURL options to verify or not SSL/TLS certificates (now enabled by default). [#897](https://github.com/FreshRSS/FreshRSS/issues/897) [#502](https://github.com/FreshRSS/FreshRSS/issues/502) * Support for SSL connection to MySQL. [#868](https://github.com/FreshRSS/FreshRSS/issues/868) * Workaround for browsers that have disabled support for `
`. [#880](https://github.com/FreshRSS/FreshRSS/issues/880) * UI diff --git a/data/config.default.php b/data/config.default.php index 97085df29..6a8300872 100644 --- a/data/config.default.php +++ b/data/config.default.php @@ -1,7 +1,7 @@ array( + # Options to disable SSL/TLS certificate check (e.g. for self-signed HTTPS) + //CURLOPT_SSL_VERIFYHOST => 0, + //CURLOPT_SSL_VERIFYPEER => false, + + # Options to use a proxy for retrieving feeds. + //CURLOPT_PROXYTYPE = CURLPROXY_HTTP, + //CURLOPT_PROXYAUTH = CURLAUTH_BASIC, + //CURLOPT_PROXY => '127.0.0.1', + //CURLOPT_PROXYPORT => 8080, + //CURLOPT_PROXYUSERPWD => 'user:password', + ), + 'db' => array( # Type of database: `sqlite` or `mysql`. diff --git a/lib/SimplePie/SimplePie/File.php b/lib/SimplePie/SimplePie/File.php index 1f9e3d502..90dac790a 100644 --- a/lib/SimplePie/SimplePie/File.php +++ b/lib/SimplePie/SimplePie/File.php @@ -113,7 +113,6 @@ class SimplePie_File curl_setopt($fp, CURLOPT_REFERER, $url); curl_setopt($fp, CURLOPT_USERAGENT, $useragent); curl_setopt($fp, CURLOPT_HTTPHEADER, $headers2); - curl_setopt($fp, CURLOPT_SSL_VERIFYPEER, false); //FreshRSS if (!ini_get('open_basedir') && !ini_get('safe_mode') && version_compare(SimplePie_Misc::get_curl_version(), '7.15.2', '>=')) { curl_setopt($fp, CURLOPT_FOLLOWLOCATION, 1); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index c51b4e6de..0118e0f46 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -143,6 +143,7 @@ function customSimplePie() { $simplePie->set_cache_location(CACHE_PATH); $simplePie->set_cache_duration($limits['cache_duration']); $simplePie->set_timeout($limits['timeout']); + $simplePie->set_curl_options($system_conf->curl_options); $simplePie->strip_htmltags(array( 'base', 'blink', 'body', 'doctype', 'embed', 'font', 'form', 'frame', 'frameset', 'html', -- cgit v1.2.3 From 83e58d375962f7bc1f30e34e2895836ddc8e80d1 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 21 Feb 2016 22:19:07 +0100 Subject: Experiment with forcing HTTPS for selected embed providers YouTube, DailyMotion, Tumblr https://github.com/FreshRSS/FreshRSS/issues/1083 --- lib/SimplePie/SimplePie/Misc.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 9e7ac4fa8..1abfb3368 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -77,6 +77,15 @@ class SimplePie_Misc return $time; } + /** + * Force HTTPS for selected Web sites + * FreshRSS + */ + public static https_url($url) + { + return preg_replace('%^http://((?:[^/]*?\.)?(?:youtube|dailymotion|tumblr)\.com/)%i', '//$1', $url); + } + public static function absolutize_url($relative, $base) { if (substr($relative, 0, 2) === '//') @@ -88,7 +97,7 @@ class SimplePie_Misc { return false; } - return $iri->get_uri(); + return https_url($iri->get_uri()); } /** -- cgit v1.2.3 From bd0facbb739b7a6f90a6ff2bf7cc434bbda1cc95 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 21 Feb 2016 22:42:30 +0100 Subject: HTTPS SimplePie experiment Syntax bug https://github.com/FreshRSS/FreshRSS/issues/1083 --- lib/SimplePie/SimplePie/Misc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 1abfb3368..4df529f59 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -97,7 +97,7 @@ class SimplePie_Misc { return false; } - return https_url($iri->get_uri()); + return SimplePie_Misc::https_url($iri->get_uri()); } /** -- cgit v1.2.3 From 4a9a7404bcbcc15765ae5876dfb845a34917cba4 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 21 Feb 2016 22:45:54 +0100 Subject: Syntax error --- lib/SimplePie/SimplePie/Misc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 4df529f59..98565608f 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -81,7 +81,7 @@ class SimplePie_Misc * Force HTTPS for selected Web sites * FreshRSS */ - public static https_url($url) + public static function https_url($url) { return preg_replace('%^http://((?:[^/]*?\.)?(?:youtube|dailymotion|tumblr)\.com/)%i', '//$1', $url); } -- cgit v1.2.3 From 74ef8d9b1514600b4e18c0bd2f8fdbb6d9f3826c Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 22 Feb 2016 08:51:02 +0100 Subject: SimplePie force HTTPS, another approach https://github.com/FreshRSS/FreshRSS/issues/1083 --- lib/SimplePie/SimplePie/Misc.php | 2 +- lib/SimplePie/SimplePie/Sanitize.php | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 98565608f..b13c70f4c 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -97,7 +97,7 @@ class SimplePie_Misc { return false; } - return SimplePie_Misc::https_url($iri->get_uri()); + return $iri->get_uri(); } /** diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index a6863ec03..fc916a259 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -451,7 +451,8 @@ class SimplePie_Sanitize if ($element->hasAttribute($attribute)) { $value = $this->registry->call('Misc', 'absolutize_url', array($element->getAttribute($attribute), $this->base)); - if ($value !== false) + $value = SimplePie_Misc::https_url($value); //FreshRSS + if ($value) { $element->setAttribute($attribute, $value); } -- cgit v1.2.3 From 0f870e800bc8a9315d572c01f2423b6c124f495f Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 22 Feb 2016 20:18:11 +0100 Subject: Avoid prototol-relative URLs Protocol-relative URLs do not seem to work well with API / mobile apps --- lib/SimplePie/SimplePie/Misc.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 98565608f..1505f775f 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -83,14 +83,14 @@ class SimplePie_Misc */ public static function https_url($url) { - return preg_replace('%^http://((?:[^/]*?\.)?(?:youtube|dailymotion|tumblr)\.com/)%i', '//$1', $url); + return preg_replace('%^http://((?:[^/]*?\.)?(?:youtube|dailymotion|tumblr)\.com/)%i', 'https://$1', $url); } public static function absolutize_url($relative, $base) { if (substr($relative, 0, 2) === '//') - {//Allow protocol-relative URLs "//www.example.net" which will pick HTTP or HTTPS automatically - return $relative; + {//Protocol-relative URLs "//www.example.net" + return 'https:' . $relative; } $iri = SimplePie_IRI::absolutize(new SimplePie_IRI($base), $relative); if ($iri === false) -- cgit v1.2.3 From 9d4a4457587d04030118447847a5c99d9095b937 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Wed, 24 Feb 2016 21:08:24 +0100 Subject: Work in progress HTTPS --- data/force-https.txt | 3 +++ lib/SimplePie/SimplePie/Misc.php | 8 +++++++- 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 data/force-https.txt (limited to 'lib/SimplePie') diff --git a/data/force-https.txt b/data/force-https.txt new file mode 100644 index 000000000..3da802d01 --- /dev/null +++ b/data/force-https.txt @@ -0,0 +1,3 @@ +dailymotion.com +tumblr.com +youtube.com diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index 4c9f8cff6..b9d74f894 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -83,7 +83,13 @@ class SimplePie_Misc */ public static function https_url($url) { - return preg_replace('%^http://((?:[^/]*?\.)?(?:youtube|dailymotion|tumblr)\.com/)%i', 'https://$1', $url); + if (strtolower(substr($url, 0, 7)) === 'http://') + { + $domain = parse_url($url, PHP_URL_HOST); + return preg_replace('%^http://((?:[^/]*?\.)?(?:youtube|dailymotion|tumblr)\.com/)%i', 'https://$1', $url); + return substr_replace($url, 's', 4, 0); //Add the 's' to HTTPS + } + return $url; } public static function absolutize_url($relative, $base) -- cgit v1.2.3 From 9711f02db75006d622d75142d46c3c8d714c957f Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 28 Feb 2016 21:34:54 +0100 Subject: SimplePie Force HTTPS custom list domains Load from data/force-https.default.txt and data/force-https.txt Efficient tree structure to search the domains https://github.com/FreshRSS/FreshRSS/pull/1087 --- data/.gitignore | 1 + data/force-https.default.txt | 4 ++ data/force-https.txt | 3 -- lib/SimplePie/SimplePie.php | 14 ++++++ lib/SimplePie/SimplePie/Misc.php | 15 ------- lib/SimplePie/SimplePie/Sanitize.php | 85 +++++++++++++++++++++++++++++++++++- lib/lib_rss.php | 10 +++++ 7 files changed, 113 insertions(+), 19 deletions(-) create mode 100644 data/force-https.default.txt delete mode 100644 data/force-https.txt (limited to 'lib/SimplePie') diff --git a/data/.gitignore b/data/.gitignore index 20364e266..c2ed350a6 100644 --- a/data/.gitignore +++ b/data/.gitignore @@ -7,3 +7,4 @@ no-cache.txt *.lock.txt last_update.txt update.php +force-https.txt diff --git a/data/force-https.default.txt b/data/force-https.default.txt new file mode 100644 index 000000000..a1bddd549 --- /dev/null +++ b/data/force-https.default.txt @@ -0,0 +1,4 @@ +dailymotion.com +feedburner.com +tumblr.com +youtube.com diff --git a/data/force-https.txt b/data/force-https.txt deleted file mode 100644 index 3da802d01..000000000 --- a/data/force-https.txt +++ /dev/null @@ -1,3 +0,0 @@ -dailymotion.com -tumblr.com -youtube.com diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index 6c0962a9f..61bad4e9d 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1123,6 +1123,7 @@ class SimplePie $this->strip_attributes(false); $this->add_attributes(false); $this->set_image_handler(false); + $this->set_https_domains(array()); } } @@ -1233,6 +1234,19 @@ class SimplePie $this->sanitize->set_url_replacements($element_attribute); } + /** + * Set the list of domains for which force HTTPS. + * @see SimplePie_Misc::https_url() + * FreshRSS + */ + public function set_https_domains($domains = array()) + { + if (is_array($domains)) + { + $this->sanitize->set_https_domains($domains); + } + } + /** * Set the handler to enable the display of cached images. * diff --git a/lib/SimplePie/SimplePie/Misc.php b/lib/SimplePie/SimplePie/Misc.php index b9d74f894..2d154cbcb 100644 --- a/lib/SimplePie/SimplePie/Misc.php +++ b/lib/SimplePie/SimplePie/Misc.php @@ -77,21 +77,6 @@ class SimplePie_Misc return $time; } - /** - * Force HTTPS for selected Web sites - * FreshRSS - */ - public static function https_url($url) - { - if (strtolower(substr($url, 0, 7)) === 'http://') - { - $domain = parse_url($url, PHP_URL_HOST); - return preg_replace('%^http://((?:[^/]*?\.)?(?:youtube|dailymotion|tumblr)\.com/)%i', 'https://$1', $url); - return substr_replace($url, 's', 4, 0); //Add the 's' to HTTPS - } - return $url; - } - public static function absolutize_url($relative, $base) { if (substr($relative, 0, 2) === '//') diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index fc916a259..b37aeec3d 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -73,6 +73,14 @@ class SimplePie_Sanitize var $force_fsockopen = false; var $replace_url_attributes = null; + /** + * List of domains for which force HTTPS. + * @see SimplePie_Misc::https_url() + * Array is tree split at DNS levels. Example array('biz' => true, 'com' => array('example' => true), 'example' => array('test') => array('www' => true)); + * FreshRSS + */ + var $https_domains = array('com' => array('youtube' => true)); + public function __construct() { // Set defaults @@ -242,6 +250,81 @@ class SimplePie_Sanitize $this->replace_url_attributes = (array) $element_attribute; } + /** + * Set the list of domains for which force HTTPS. + * @see SimplePie_Misc::https_url() + * Example array('biz', 'example.com', 'example.org', 'www.example.net'); + * FreshRSS + */ + public function set_https_domains($domains) + { + $this->https_domains = array(); + foreach ($domains as $domain) + { + $domain = trim($domain, ". \t\n\r\0\x0B"); + $segments = array_reverse(explode('.', $domain)); + if (count($segments) > 0) + { + $node =& $this->https_domains; + foreach ($segments as $segment) + {//Build a tree + if ($node === true) + { + break; + } + if (!isset($node[$segment])) + { + $node[$segment] = array(); + } + $node =& $node[$segment]; + } + $node = true; + } + } + } + + /** + * Check if the domain is in the list of forced HTTPS + * FreshRSS + */ + protected function is_https_domain($domain) + { + $domain = trim($domain, '. '); + $segments = array_reverse(explode('.', $domain)); + if (count($segments) > 0) + { + $node =& $this->https_domains; + foreach ($segments as $segment) + {//Explore the tree + if ($node === true) + { + return true; + } + if (isset($node[$segment])) + { + $node =& $node[$segment]; + } + else + { + break; + } + } + } + return false; + } + + /** + * Force HTTPS for selected Web sites + * FreshRSS + */ + protected function https_url($url) + { + return (strtolower(substr($url, 0, 7)) === 'http://') && + $this->is_https_domain(parse_url($url, PHP_URL_HOST)) ? + substr_replace($url, 's', 4, 0) : //Add the 's' to HTTPS + $url; + } + public function sanitize($data, $type, $base = '') { $data = trim($data); @@ -451,7 +534,7 @@ class SimplePie_Sanitize if ($element->hasAttribute($attribute)) { $value = $this->registry->call('Misc', 'absolutize_url', array($element->getAttribute($attribute), $this->base)); - $value = SimplePie_Misc::https_url($value); //FreshRSS + $value = $this->https_url($value); //FreshRSS if ($value) { $element->setAttribute($attribute, $value); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index b0189c162..5092982aa 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -238,6 +238,16 @@ function customSimplePie() { 'src', ), )); + $https_domains = array(); + $force = @file(DATA_PATH . '/force-https.default.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + if (is_array($force)) { + $https_domains = array_merge($https_domains, $force); + } + $force = @file(DATA_PATH . '/force-https.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); + if (is_array($force)) { + $https_domains = array_merge($https_domains, $force); + } + $simplePie->set_https_domains($https_domains); return $simplePie; } -- cgit v1.2.3 From d344da59fdd2f818f53c6b4aab4ded4a9336851c Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 29 Feb 2016 17:09:44 +0100 Subject: HTTPS search tree: simplify code https://github.com/FreshRSS/FreshRSS/issues/1083 --- data/force-https.default.txt | 2 ++ lib/SimplePie/SimplePie/Sanitize.php | 58 ++++++++++++++++-------------------- 2 files changed, 28 insertions(+), 32 deletions(-) (limited to 'lib/SimplePie') diff --git a/data/force-https.default.txt b/data/force-https.default.txt index a1bddd549..668a7c0e8 100644 --- a/data/force-https.default.txt +++ b/data/force-https.default.txt @@ -1,4 +1,6 @@ dailymotion.com feedburner.com +gstatic.com tumblr.com +wordpress.com youtube.com diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index b37aeec3d..f656909a0 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -263,23 +263,20 @@ class SimplePie_Sanitize { $domain = trim($domain, ". \t\n\r\0\x0B"); $segments = array_reverse(explode('.', $domain)); - if (count($segments) > 0) - { - $node =& $this->https_domains; - foreach ($segments as $segment) - {//Build a tree - if ($node === true) - { - break; - } - if (!isset($node[$segment])) - { - $node[$segment] = array(); - } - $node =& $node[$segment]; + $node =& $this->https_domains; + foreach ($segments as $segment) + {//Build a tree + if ($node === true) + { + break; + } + if (!isset($node[$segment])) + { + $node[$segment] = array(); } - $node = true; + $node =& $node[$segment]; } + $node = true; } } @@ -291,23 +288,20 @@ class SimplePie_Sanitize { $domain = trim($domain, '. '); $segments = array_reverse(explode('.', $domain)); - if (count($segments) > 0) - { - $node =& $this->https_domains; - foreach ($segments as $segment) - {//Explore the tree - if ($node === true) - { - return true; - } - if (isset($node[$segment])) - { - $node =& $node[$segment]; - } - else - { - break; - } + $node =& $this->https_domains; + foreach ($segments as $segment) + {//Explore the tree + if ($node === true) + { + return true; + } + if (isset($node[$segment])) + { + $node =& $node[$segment]; + } + else + { + break; } } return false; -- cgit v1.2.3 From 685c0ad2f8a4f6e854240d3a11415bcd62157ca4 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 29 Feb 2016 17:20:23 +0100 Subject: SimplePie HTTPS updated comments https://github.com/FreshRSS/FreshRSS/issues/1083 --- lib/SimplePie/SimplePie.php | 2 +- lib/SimplePie/SimplePie/Sanitize.php | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index 61bad4e9d..a84f6dab3 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1236,7 +1236,7 @@ class SimplePie /** * Set the list of domains for which force HTTPS. - * @see SimplePie_Misc::https_url() + * @see SimplePie_Sanitize::set_https_domains() * FreshRSS */ public function set_https_domains($domains = array()) diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index f656909a0..09294344e 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -75,11 +75,12 @@ class SimplePie_Sanitize /** * List of domains for which force HTTPS. - * @see SimplePie_Misc::https_url() - * Array is tree split at DNS levels. Example array('biz' => true, 'com' => array('example' => true), 'example' => array('test') => array('www' => true)); + * @see SimplePie_Sanitize::set_https_domains() + * Array is tree split at DNS levels. Example: + * array('biz' => true, 'com' => array('example' => true), 'net' => array('example') => array('www' => true)) * FreshRSS */ - var $https_domains = array('com' => array('youtube' => true)); + var $https_domains = array('com' => array('dailymotion' => true, 'youtube' => true)); public function __construct() { -- cgit v1.2.3 From 0eef625b6d3e18d6545485d33f55865a4d6d1e3b Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Mon, 29 Feb 2016 20:38:21 +0100 Subject: SimplePie force HTTPS for enclosures https://github.com/FreshRSS/FreshRSS/issues/1083 https://github.com/FreshRSS/FreshRSS/pull/1087 --- lib/SimplePie/SimplePie/Item.php | 1 + lib/SimplePie/SimplePie/Sanitize.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Item.php b/lib/SimplePie/SimplePie/Item.php index 27e93456e..19ba7c8f4 100644 --- a/lib/SimplePie/SimplePie/Item.php +++ b/lib/SimplePie/SimplePie/Item.php @@ -2877,6 +2877,7 @@ class SimplePie_Item $width = null; $url = $this->sanitize($enclosure[0]['attribs']['']['url'], SIMPLEPIE_CONSTRUCT_IRI, $this->get_base($enclosure[0])); + $url = $this->feed->sanitize->https_url($url); //FreshRSS if (isset($enclosure[0]['attribs']['']['type'])) { $type = $this->sanitize($enclosure[0]['attribs']['']['type'], SIMPLEPIE_CONSTRUCT_TEXT); diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index 09294344e..021d38539 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -312,7 +312,7 @@ class SimplePie_Sanitize * Force HTTPS for selected Web sites * FreshRSS */ - protected function https_url($url) + public function https_url($url) { return (strtolower(substr($url, 0, 7)) === 'http://') && $this->is_https_domain(parse_url($url, PHP_URL_HOST)) ? -- cgit v1.2.3 From c1de11f17d9103d33ddfb5cbb1d2ef35762cc57c Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 1 Mar 2016 19:14:26 +0100 Subject: SimplePie force HTTPS bug with sub-domains https://github.com/FreshRSS/FreshRSS/issues/1083 --- lib/SimplePie/SimplePie/Sanitize.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index 021d38539..6f61fedb4 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -305,7 +305,7 @@ class SimplePie_Sanitize break; } } - return false; + return $node === true; } /** -- cgit v1.2.3 From 9e2e5fd594bb7c03aa3d7290b93930593accb03c Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Tue, 1 Mar 2016 19:48:52 +0100 Subject: SimplePie force HTTPS simplifie code https://github.com/FreshRSS/FreshRSS/issues/1083 https://github.com/FreshRSS/FreshRSS/pull/1087 --- lib/SimplePie/SimplePie/Sanitize.php | 4 ---- 1 file changed, 4 deletions(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Sanitize.php b/lib/SimplePie/SimplePie/Sanitize.php index 6f61fedb4..bdc601100 100644 --- a/lib/SimplePie/SimplePie/Sanitize.php +++ b/lib/SimplePie/SimplePie/Sanitize.php @@ -292,10 +292,6 @@ class SimplePie_Sanitize $node =& $this->https_domains; foreach ($segments as $segment) {//Explore the tree - if ($node === true) - { - return true; - } if (isset($node[$segment])) { $node =& $node[$segment]; -- cgit v1.2.3 From 8ae96d000a56021cadb0265fe127563a414687ca Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sat, 30 Apr 2016 23:53:23 +0200 Subject: SimplePie trim https://github.com/FreshRSS/FreshRSS/issues/1142 --- lib/SimplePie/SimplePie.php | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index a84f6dab3..8af55c9fd 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1668,6 +1668,7 @@ class SimplePie $locate = null; } + $file->body = trim($file->body); $this->raw_data = $file->body; $this->permanent_url = $file->permanent_url; $headers = $file->headers; -- cgit v1.2.3 From ccecebc2b467ae381a2364a70ae2a916bdcf22be Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 28 Aug 2016 16:35:54 +0200 Subject: SimplePie error message XML PCRE https://github.com/FreshRSS/FreshRSS/issues/1227 --- app/Models/Feed.php | 2 +- lib/SimplePie/SimplePie.php | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 9855ca742..6104b1e31 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -241,7 +241,7 @@ class FreshRSS_Feed extends Minz_Model { if ((!$mtime) || $feed->error()) { $errorMessage = $feed->error(); - throw new FreshRSS_Feed_Exception(($errorMessage == '' ? 'Feed error' : $errorMessage) . ' [' . $url . ']'); + throw new FreshRSS_Feed_Exception(($errorMessage == '' ? 'Unknown error for feed' : $errorMessage) . ' [' . $url . ']'); } $links = $feed->get_links('self'); diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index 8af55c9fd..8026fb149 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1304,6 +1304,7 @@ class SimplePie // Check absolute bare minimum requirements. if (!extension_loaded('xml') || !extension_loaded('pcre')) { + $this->error = 'XML and PCRE extensions not loaded!'; return false; } // Then check the xml extension is sane (i.e., libxml 2.7.x issue on PHP < 5.2.9 and libxml 2.7.0 to 2.7.2 on any version) if we don't have xmlreader. -- cgit v1.2.3 From 531f6ada99958553983c258fae444382efa18804 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 28 Aug 2016 16:37:35 +0200 Subject: SimplePie better message --- lib/SimplePie/SimplePie.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie.php b/lib/SimplePie/SimplePie.php index 8026fb149..0f2fdbb87 100644 --- a/lib/SimplePie/SimplePie.php +++ b/lib/SimplePie/SimplePie.php @@ -1304,7 +1304,7 @@ class SimplePie // Check absolute bare minimum requirements. if (!extension_loaded('xml') || !extension_loaded('pcre')) { - $this->error = 'XML and PCRE extensions not loaded!'; + $this->error = 'XML or PCRE extensions not loaded!'; return false; } // Then check the xml extension is sane (i.e., libxml 2.7.x issue on PHP < 5.2.9 and libxml 2.7.0 to 2.7.2 on any version) if we don't have xmlreader. -- cgit v1.2.3 From a37484fd2fee58d48d8e58535b34d8c63352c51e Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Sun, 25 Sep 2016 15:55:28 +0200 Subject: Fix SimplePie autodiscovery for text/xml HTML pages https://github.com/FreshRSS/FreshRSS/issues/1264 --- CHANGELOG.md | 2 ++ lib/SimplePie/SimplePie/Content/Type/Sniffer.php | 8 ++++---- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'lib/SimplePie') diff --git a/CHANGELOG.md b/CHANGELOG.md index a1fe033bc..f13922837 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,8 @@ * Support custom ports `localhost:3306` for database servers [#1241](https://github.com/FreshRSS/FreshRSS/issues/1241) * Bug fixing * Correction of bugs related CSRF tokens introduced in version 1.5.0 [#1253](https://github.com/FreshRSS/FreshRSS/issues/1253), [44f22ab](https://github.com/FreshRSS/FreshRSS/pull/1261/commits/d9bf9b2c6f0b2cc9dec3b638841b7e3040dcf46f) +* SimplePie + * Fix auto-discovery of RSS feeds in Web pages served as `text/xml` [#1264](https://github.com/FreshRSS/FreshRSS/issues/1264) * Security * Prevent `` attacks with `window.opener` [#1245](https://github.com/FreshRSS/FreshRSS/issues/1245) * UI diff --git a/lib/SimplePie/SimplePie/Content/Type/Sniffer.php b/lib/SimplePie/SimplePie/Content/Type/Sniffer.php index a32f47f59..daec3607d 100644 --- a/lib/SimplePie/SimplePie/Content/Type/Sniffer.php +++ b/lib/SimplePie/SimplePie/Content/Type/Sniffer.php @@ -109,9 +109,7 @@ class SimplePie_Content_Type_Sniffer { return $this->unknown(); } - elseif (substr($official, -4) === '+xml' - || $official === 'text/xml' - || $official === 'application/xml') + elseif (substr($official, -4) === '+xml') { return $official; } @@ -126,7 +124,9 @@ class SimplePie_Content_Type_Sniffer return $official; } } - elseif ($official === 'text/html') + elseif ($official === 'text/html' + || $official === 'text/xml' + || $official === 'application/xml') { return $this->feed_or_html(); } -- cgit v1.2.3 From 0a3ab899a01cc20919881f913619ade9e6cdfba5 Mon Sep 17 00:00:00 2001 From: Alexandre Alapetite Date: Thu, 20 Oct 2016 23:10:15 +0200 Subject: Add support for UTF-8 BOM in SimplePie feed_or_html() https://github.com/FreshRSS/FreshRSS/issues/1336 --- lib/SimplePie/SimplePie/Content/Type/Sniffer.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lib/SimplePie') diff --git a/lib/SimplePie/SimplePie/Content/Type/Sniffer.php b/lib/SimplePie/SimplePie/Content/Type/Sniffer.php index daec3607d..ec0bf0952 100644 --- a/lib/SimplePie/SimplePie/Content/Type/Sniffer.php +++ b/lib/SimplePie/SimplePie/Content/Type/Sniffer.php @@ -256,7 +256,12 @@ class SimplePie_Content_Type_Sniffer public function feed_or_html() { $len = strlen($this->file->body); - $pos = strspn($this->file->body, "\x09\x0A\x0D\x20"); + $pos = 0; + if (isset($this->file->body[2]) && $this->file->body[0] === "\xEF" && + $this->file->body[1] === "\xBB" && $this->file->body[2] === "\xBF") { + $pos += 3; //UTF-8 BOM + } + $pos += strspn($this->file->body, "\x09\x0A\x0D\x20", $pos); while ($pos < $len) { -- cgit v1.2.3