1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
<?php
$ALLOWED_URL_PREFIXES = array(
"http://feeds.feedburner.com",
"http://blog.dojotoolkit.org/feed",
"http://www.jackslocum.com/blog/feed/",
"http://portlets.blogspot.com",
"http://www.go-mono.com/monologue/index.rss",
"http://feeds.yuiblog.com/YahooUserInterfaceBlog",
);
$ALLOWED_URL_SUFFIXES = array(
".rdf",
".rss",
"atom.xml",
"rss2",
"rss.xml",
"feed/atom/",
);
$proxy_url = isset($_GET['proxy']) ? $_GET['proxy'] : false;
if (!$proxy_url) {
header("HTTP/1.0 400 Bad Request");
echo "proxy.php failed because proxy parameter is missing";
exit();
}
$is_url_valid = false;
foreach ($ALLOWED_URL_PREFIXES as $prefix) {
if (strpos($proxy_url, $prefix) === 0) {
$is_url_valid = true;
break;
}
}
foreach ($ALLOWED_URL_SUFFIXES as $suffix) {
if (strpos($proxy_url, $suffix) === strlen($proxy_url)-strlen($suffix)) {
$is_url_valid = true;
break;
}
}
if (!$is_url_valid) {
header("HTTP/1.0 400 Bad Request");
echo "Address is not allowed!";
exit();
}
$session = curl_init($proxy_url);
curl_setopt($session, CURLOPT_HEADER, false);
curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
header("Content-Type: application/xml");
echo(curl_exec($session));
curl_close($session);
?>
|
