diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2016-10-31 18:16:04 +0300 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2016-10-31 18:16:04 +0300 |
commit | 8c0f0771f34e0fdde91350ce7c869ed584716007 (patch) | |
tree | 405fce45729d00dcb2c7ec6ce07ba091ecefc1e6 |
Initial import
-rw-r--r-- | .htaccess | 8 | ||||
-rw-r--r-- | README.md | 5 | ||||
-rw-r--r-- | cache/.gitkeep | 0 | ||||
-rw-r--r-- | index.php | 39 | ||||
-rw-r--r-- | sync.php | 60 |
5 files changed, 112 insertions, 0 deletions
diff --git a/.htaccess b/.htaccess new file mode 100644 index 0000000..7ad5459 --- /dev/null +++ b/.htaccess @@ -0,0 +1,8 @@ +DirectoryIndex index.php +RewriteEngine On + +RewriteCond %{SCRIPT_FILENAME} !-d +RewriteCond %{SCRIPT_FILENAME} !-f +RewriteRule ^ index.php [L] + +RewriteRule !^index\.php [NC,F]
\ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..d4aee09 --- /dev/null +++ b/README.md @@ -0,0 +1,5 @@ +#Â Proxy for the Nextcloud appstore + +The Nextcloud appstore is serving some content from external domains. This can be considered a privacy violation in some cases. + +This software downloads legit resources from the appstore and acts as proxy for the images. diff --git a/cache/.gitkeep b/cache/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/cache/.gitkeep diff --git a/index.php b/index.php new file mode 100644 index 0000000..4e3bda3 --- /dev/null +++ b/index.php @@ -0,0 +1,39 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +header('Content-Security-Policy: default-src \'none\''); +header('X-Frame-Options: deny'); +header('X-XSS-Protection: 1; mode=block'); +header('X-Content-Type-Options: nosniff'); +header('Strict-Transport-Security: max-age=15768000; includeSubDomains; preload'); +header('Content-Type: application/octet-stream'); +header('Content-Disposition: attachment'); + +$cacheItem = $_SERVER['PATH_INFO']; +if (strpos($cacheItem, '/../') !== false || strrchr($cacheItem, '/') === '/..') { + die('Traversal detected'); +} +if (file_exists(__DIR__ . '/cache/' . $cacheItem)) { + header('Expires: Sun, 17 Jan 2038 19:14:07 GMT'); + echo file_get_contents(__DIR__ . '/cache/' . $cacheItem); +} else { + die('File not found'); +} diff --git a/sync.php b/sync.php new file mode 100644 index 0000000..cae3178 --- /dev/null +++ b/sync.php @@ -0,0 +1,60 @@ +#!/usr/bin/env php + +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +if(php_sapi_name() !== 'cli') { + die('Can only be invoked from CLI'); +} + +$supportedVersions = [ + '9.2.0', + '10.0.0', + '11.0.0', + '12.0.0', +]; + +foreach($supportedVersions as $version) { + $json = file_get_contents( + sprintf( + 'https://apps.nextcloud.com/api/v1/platform/%s/apps.json', $version + ) + ); + + $apps = json_decode($json, true); + foreach($apps as $app) { + foreach($app['screenshots'] as $screenshot) { + $url = $screenshot['url']; + if(!file_exists(__DIR__ . '/cache/' . base64_encode($url))) { + if (substr($url, 0, 8) === 'https://') { + $data = file_get_contents($url); + file_put_contents(__DIR__ . '/cache/' . base64_encode($url), $data); + echo( + sprintf( + "Synced url %s\n", + $url + ) + ); + } + } + } + } +} |