Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Fix for multiple chained hosts in HTTP_X_FORWARDED_HOST, cURL proxy supoort #36

Closed
wants to merge 2 commits into from

5 participants

@moisadoru

This pull request contains:

  • a small fix for the cases when there is more than one proxy, and HTTP_X_FORWARDED_HOST contains a comma separated list of all the proxy hosts the request was passed through; example: when the application is behind domainA.com and domainB.com, HTTP_X_FORWARDED_HOST contains 'domainB.com, domainA.com'.

  • added proxy support for accessing the remote Facebook API; some corporate servers are not directly exposed to the wild, but instead they must use internal proxies to access the web.

@moisadoru moisadoru added proxy support; fixed multiple chained proxies present in HTTP_X…
…_FORWARDED_HOST which cause getHttpHost() to break api calls
716657e
src/base_facebook.php
@@ -320,6 +331,47 @@ public function getFileUploadSupport() {
}
/**
+ * Sets the proxy to be used when doing http requests to the rmote servers
@nikcorg
nikcorg added a note

If you're interested, there's a typo on this line. At the very end it says "rmote servers" which should be "remote servers".

Thanks Niklas!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
src/base_facebook.php
@@ -320,6 +331,47 @@ public function getFileUploadSupport() {
}
/**
+ * Sets the proxy to be used when doing http requests to the rmote servers
+ *
+ * @param string $proxyUrl The procy URL string, including scheme, username,
@nikcorg
nikcorg added a note

Typo: "The procy" should be "The proxy"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@eirikhm

+1 for this. This is a must when working from more secure platforms.

@manuelhe

Why use a custom procedure to support curl proxy connections if you can inject multiple curl options with a simple change? Take a look at my proposal: #52

@moisadoru

@manuelhe There are two problems with your proposed changes:

  • since BaseFacebook::$CURL_OPTS is public and static, modifying it from inside an instance will affect all future instances; sometimes this is not desirable.
  • it does not solve the problem with multiple proxies in $_SERVER['HTTP_X_FORWARDED_HOST'] (when the request is proxied through more than one proxy server)
@gfosco
Collaborator

Sorry it took so long to respond to this, and thank you for your contribution. This topic will now be tracked by Issue #103 for future enhancement.

@gfosco gfosco closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Aug 16, 2012
  1. @moisadoru

    added proxy support; fixed multiple chained proxies present in HTTP_X…

    moisadoru authored
    …_FORWARDED_HOST which cause getHttpHost() to break api calls
Commits on Sep 19, 2012
  1. @moisadoru

    fixed typos

    moisadoru authored
This page is out of date. Refresh to see the latest.
Showing with 75 additions and 6 deletions.
  1. +75 −6 src/base_facebook.php
View
81 src/base_facebook.php
@@ -213,12 +213,20 @@ public function __toString() {
protected $trustForwarded = false;
/**
+ * The proxy used for making requests.
+ *
+ * @var string
+ */
+ protected $proxy = null;
+
+ /**
* Initialize a Facebook Application.
*
* The configuration:
* - appId: the application ID
* - secret: the application secret
* - fileUpload: (optional) boolean indicating if file uploads are enabled
+ * - proxy: (optional) http proxy (ex: http://my.proxy.host:8080)
*
* @param array $config The application configuration
*/
@@ -231,6 +239,9 @@ public function __construct($config) {
if (isset($config['trustForwarded']) && $config['trustForwarded']) {
$this->trustForwarded = true;
}
+ if (isset($config['proxy']) && $config['proxy']) {
+ $this->setProxy($config['proxy']);
+ }
$state = $this->getPersistentData('state');
if (!empty($state)) {
$this->state = $state;
@@ -320,6 +331,47 @@ public function getFileUploadSupport() {
}
/**
+ * Sets the proxy to be used when doing http requests to the remote servers
+ *
+ * @param string $proxyUrl The proxy URL string, including scheme, username,
+ * password or port
+ * @return BaseFacebook
+ */
+ public function setProxy($proxyUrl) {
+ if(!preg_match('#^(http|socks)://#', $proxyUrl)) {
+ $proxyUrl = 'http://'.$proxyUrl;
+ }
+ $parts = parse_url($proxyUrl);
+ $this->proxy = array(
+ 'host' => $parts['host'],
+ 'port' => isset($parts['port']) ? $parts['port'] : 80,
+ 'user' => isset($parts['user']) ? $parts['user'] : NULL,
+ 'pass' => isset($parts['pass']) ? $parts['pass'] : NULL,
+ 'type' => (isset($parts['scheme']) && $parts['scheme'] == 'socks') ?
+ CURLPROXY_SOCKS5 : CURLPROXY_HTTP,
+ );
+ return $this;
+ }
+
+ public function getProxy() {
+ if(!$this->proxy) {
+ return null;
+ }
+ $scheme = $this->proxy['type'] == CURLPROXY_SOCKS5 ? 'socks://' : 'http://';
+ $userpw = '';
+ if($this->proxy['user']) {
+ $userpw = $this->proxy['user'];
+ if($this->proxy['pass']) {
+ $userpw .= ':'.$this->proxy['pass'];
+ }
+ $userpw .= '@';
+ }
+ $host = $this->proxy['host'];
+ $port = $this->proxy['port'] != 80 ? '' : (':'.$this->proxy['port']);
+ return $scheme.$userpw.$host.$port;
+ }
+
+ /**
* DEPRECATED! Please use getFileUploadSupport instead.
*
* Get the file upload support status.
@@ -367,20 +419,20 @@ public function setExtendedAccessToken() {
// In any event, we don't have an access token, so say so.
return false;
}
-
+
if (empty($access_token_response)) {
return false;
}
-
+
$response_params = array();
parse_str($access_token_response, $response_params);
-
+
if (!isset($response_params['access_token'])) {
return false;
}
-
+
$this->destroySession();
-
+
$this->setPersistentData(
'access_token', $response_params['access_token']
);
@@ -933,6 +985,22 @@ protected function makeRequest($url, $params, $ch=null) {
$opts[CURLOPT_HTTPHEADER] = array('Expect:');
}
+ // set proxy, if needed
+ if($this->proxy) {
+ $opts[CURLOPT_HTTPPROXYTUNNEL] = true;
+ $opts[CURLOPT_PROXY] = $this->proxy['host'];
+ if($this->proxy['user']) {
+ $userpwd = $this->proxy['user'];
+ if($this->proxy['pass']) {
+ $userpwd .= ':'.$this->proxy['pass'];
+ }
+ $opts[CURLOPT_PROXYUSERPWD] = $userpwd;
+ $opts[CURLOPT_PROXYAUTH] = CURLAUTH_BASIC | CURLAUTH_NTLM;
+ }
+ $opts[CURLOPT_PROXYPORT] = $this->proxy['port'];
+ $opts[CURLOPT_PROXYTYPE] = $this->proxy['type'];
+ }
+
curl_setopt_array($ch, $opts);
$result = curl_exec($ch);
@@ -1131,7 +1199,8 @@ protected function getUrl($name, $path='', $params=array()) {
protected function getHttpHost() {
if ($this->trustForwarded && isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
- return $_SERVER['HTTP_X_FORWARDED_HOST'];
+ $hostsStack = explode(', ', $_SERVER['HTTP_X_FORWARDED_HOST']);
+ return trim(array_pop($hostsStack));
}
return $_SERVER['HTTP_HOST'];
}
Something went wrong with that request. Please try again.