diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 3973e2e..427c236 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -31,6 +31,7 @@ Drupal 7.15, xxxx-xx-xx (development version) the former was confusing and inaccurate (UI change). - Fixed bug which made it impossible to search for strings that have not been translated into a particular language. +- Support added for making HTTP requests through a proxy server. Drupal 7.14 2012-05-02 ---------------------- @@ -257,7 +258,7 @@ Drupal 7.1, 2011-05-25 ---------------------- - Fixed security issues (Cross site scripting, File access bypass), see SA-CORE-2011-001. -Drupal 7.0, 2011-01-05 +Drupal 7.0, 2011-01-05 ---------------------- - Database: * Fully rewritten database layer utilizing PHP 5's PDO abstraction layer. @@ -756,7 +757,7 @@ Drupal 5.20, 2009-09-16 Drupal 5.19, 2009-07-01 ----------------------- - Fixed security issues (Cross site scripting and Password leakage in URL), see - SA-CORE-2009-007. + SA-CORE-2009-007. - Fixed a variety of small bugs. Drupal 5.18, 2009-05-13 diff --git a/includes/common.inc b/includes/common.inc index 50f20e6..e763848 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -798,10 +798,51 @@ function drupal_http_request($url, array $options = array()) { 'timeout' => 30.0, 'context' => NULL, ); + + // Merge the default headers. + $options['headers'] += array( + 'User-Agent' => 'Drupal (+http://drupal.org/)', + ); + // stream_socket_client() requires timeout to be a float. $options['timeout'] = (float) $options['timeout']; + // Use a proxy if one is defined and the host is not on the excluded list. + $proxy_server = variable_get('proxy_server', ''); + if ($proxy_server && _drupal_http_use_proxy($uri['host'])) { + // Set the scheme so we open a socket to the proxy server. + $uri['scheme'] = 'proxy'; + // Set the path to be the full URL. + $uri['path'] = $url; + // Since the URL is passed as the path, we won't use the parsed query. + unset($uri['query']); + + // Add in username and password to Proxy-Authorization header if needed. + if ($proxy_username = variable_get('proxy_username', '')) { + $proxy_password = variable_get('proxy_password', ''); + $options['headers']['Proxy-Authorization'] = 'Basic ' . base64_encode($proxy_username . (!empty($proxy_password) ? ":" . $proxy_password : '')); + } + // Some proxies reject requests with any User-Agent headers, while others + // require a specific one. + $proxy_user_agent = variable_get('proxy_user_agent', ''); + // The default value matches neither condition. + if ($proxy_user_agent === NULL) { + unset($options['headers']['User-Agent']); + } + elseif ($proxy_user_agent) { + $options['headers']['User-Agent'] = $proxy_user_agent; + } + } + switch ($uri['scheme']) { + case 'proxy': + // Make the socket connection to a proxy server. + $socket = 'tcp://' . $proxy_server . ':' . variable_get('proxy_port', 8080); + // The Host header still needs to match the real request. + $options['headers']['Host'] = $uri['host']; + $options['headers']['Host'] .= isset($uri['port']) && $uri['port'] != 80 ? ':' . $uri['port'] : ''; + break; + case 'http': case 'feed': $port = isset($uri['port']) ? $uri['port'] : 80; @@ -811,12 +852,14 @@ function drupal_http_request($url, array $options = array()) { // checking the host that do not take into account the port number. $options['headers']['Host'] = $uri['host'] . ($port != 80 ? ':' . $port : ''); break; + case 'https': // Note: Only works when PHP is compiled with OpenSSL support. $port = isset($uri['port']) ? $uri['port'] : 443; $socket = 'ssl://' . $uri['host'] . ':' . $port; $options['headers']['Host'] = $uri['host'] . ($port != 443 ? ':' . $port : ''); break; + default: $result->error = 'invalid schema ' . $uri['scheme']; $result->code = -1003; @@ -853,11 +896,6 @@ function drupal_http_request($url, array $options = array()) { $path .= '?' . $uri['query']; } - // Merge the default headers. - $options['headers'] += array( - 'User-Agent' => 'Drupal (+http://drupal.org/)', - ); - // Only add Content-Length if we actually have any content or if it is a POST // or PUT request. Some non-standard servers get confused by Content-Length in // at least HEAD/GET requests, and Squid always requires Content-Length in @@ -1028,6 +1066,18 @@ function drupal_http_request($url, array $options = array()) { return $result; } + +/** + * Helper function for determining hosts excluded from needing a proxy. + * + * @return + * TRUE if a proxy should be used for this host. + */ +function _drupal_http_use_proxy($host) { + $proxy_exceptions = variable_get('proxy_exceptions', array('localhost', '127.0.0.1')); + return !in_array(strtolower($host), $proxy_exceptions, TRUE); +} + /** * @} End of "HTTP handling". */ diff --git a/sites/default/default.settings.php b/sites/default/default.settings.php index 30699a0..830b3c9 100644 --- a/sites/default/default.settings.php +++ b/sites/default/default.settings.php @@ -496,6 +496,24 @@ $conf['404_fast_html'] = '