-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathproxy.php
88 lines (74 loc) · 2.64 KB
/
proxy.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
<?php
// Enable CORS
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: POST, GET, OPTIONS");
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Headers: Origin, Content-Type, Authorization, X-Requested-With");
// Parse input data
$requestBody = file_get_contents("php://input");
$isJsonRequest = false;
$requestData = json_decode($requestBody, true);
if (json_last_error() === JSON_ERROR_NONE) {
$isJsonRequest = true;
}
// Determine request parameters
$method = $_REQUEST['method'] ?? 'GET'; // Default to GET if method is not provided
$url = $isJsonRequest ? $requestData['cors'] ?? null : ($_REQUEST['cors'] ?? null);
// Handle direct query string URL (e.g., ?https://rss.strukturart.com/...)
if (!$url && isset($_SERVER['QUERY_STRING']) && filter_var($_SERVER['QUERY_STRING'], FILTER_VALIDATE_URL)) {
$url = $_SERVER['QUERY_STRING'];
}
if (!$url) {
echo json_encode(["message" => "PROXY ACCESS DENIED! URL not specified"]);
exit();
}
// Prepare headers
$headers = [];
foreach (getallheaders() as $key => $value) {
if (in_array(strtolower($key), ['content-type', 'authorization', 'x-requested-with'])) {
$headers[] = "$key: $value";
}
}
// Prepare CURL options
$curl = curl_init();
switch (strtoupper($method)) {
case 'POST':
$postData = $isJsonRequest ? $requestData : $_POST;
unset($postData['method'], $postData['cors']);
curl_setopt_array($curl, [
CURLOPT_URL => $url,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $isJsonRequest ? json_encode($postData) : http_build_query($postData),
]);
break;
case 'GET':
$getData = $isJsonRequest ? $requestData : $_GET;
unset($getData['method'], $getData['cors']);
$queryString = http_build_query($getData);
curl_setopt($curl, CURLOPT_URL, $url . ($queryString ? "?$queryString" : ""));
break;
default:
echo json_encode(["message" => "Proxy only supports POST and GET requests"]);
exit();
}
curl_setopt_array($curl, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false, // Disable for development, enable in production
CURLOPT_HTTPHEADER => $headers,
]);
// Execute CURL request
$response = curl_exec($curl);
$error = curl_error($curl);
curl_close($curl);
if ($error) {
echo json_encode(["error" => $error]);
exit();
}
// Set response content type if possible
if (json_decode($response) !== null) {
header('Content-Type: application/json');
} elseif (strpos($response, '<?xml') === 0) {
header('Content-Type: application/xml');
}
// Output the response
echo $response;