Initial commit: CloudOps infrastructure platform
This commit is contained in:
root
@@ -0,0 +1,127 @@
|
||||
<?php
|
||||
|
||||
namespace MauticPlugin\MauticFocusBundle\Helper;
|
||||
|
||||
use Symfony\Component\HttpClient\HttpClient;
|
||||
use Symfony\Component\HttpFoundation\JsonResponse;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Contracts\HttpClient\ResponseInterface;
|
||||
use Symfony\Contracts\Translation\TranslatorInterface;
|
||||
|
||||
/**
|
||||
* Check if URL can be displayed via IFRAME.
|
||||
*/
|
||||
class IframeAvailabilityChecker
|
||||
{
|
||||
public function __construct(
|
||||
private TranslatorInterface $translator,
|
||||
) {
|
||||
}
|
||||
|
||||
public function check(string $url, string $currentScheme): JsonResponse
|
||||
{
|
||||
$response = new JsonResponse();
|
||||
$responseContent = [
|
||||
'status' => 0,
|
||||
'errorMessage' => '',
|
||||
];
|
||||
|
||||
if ($this->checkProtocolMismatch($url, $currentScheme)) {
|
||||
$responseContent['errorMessage'] = $this->translator->trans(
|
||||
'mautic.focus.protocol.mismatch',
|
||||
[
|
||||
'%url%' => str_replace('http://', 'https://', $url),
|
||||
]);
|
||||
} else {
|
||||
$client = HttpClient::create([
|
||||
'headers' => [
|
||||
'User-Agent' => 'Mautic',
|
||||
],
|
||||
]);
|
||||
|
||||
try {
|
||||
/** @var ResponseInterface $httpResponse */
|
||||
$httpResponse = $client->request(Request::METHOD_GET, $url);
|
||||
|
||||
$blockingHeader = $this->checkHeaders($httpResponse->getHeaders(false));
|
||||
|
||||
if ('' !== $blockingHeader) {
|
||||
$responseContent['errorMessage'] = $this->translator->trans(
|
||||
'mautic.focus.blocking.iframe.header',
|
||||
[
|
||||
'%url%' => $url,
|
||||
'%header%' => $blockingHeader,
|
||||
]
|
||||
);
|
||||
}
|
||||
} catch (\Exception $e) {
|
||||
// Transport exception with SSL cert for example
|
||||
$responseContent['errorMessage'] = $e->getMessage();
|
||||
}
|
||||
}
|
||||
|
||||
if ('' === $responseContent['errorMessage'] && Response::HTTP_OK === $httpResponse->getStatusCode()) {
|
||||
$responseContent['status'] = 1;
|
||||
}
|
||||
|
||||
$response->setData($responseContent);
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
||||
/**
|
||||
* Iframe doesn't allow cross protocol requests.
|
||||
*/
|
||||
private function checkProtocolMismatch(string $url, string $currentScheme): bool
|
||||
{
|
||||
// Mixed Content: The page at 'https://example.com' was loaded over HTTPS,
|
||||
// but requested an insecure frame 'http://target-example.com/'. This request has been blocked; the content
|
||||
// must be served over HTTPS.
|
||||
return 'https' === $currentScheme && str_starts_with($url, 'http://');
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $headers Content of Symfony\Contracts\HttpClient\ResponseInterface::getHeaders()
|
||||
*
|
||||
* @return string Blocking header if problem found
|
||||
*/
|
||||
private function checkHeaders(array $headers): string
|
||||
{
|
||||
$return = '';
|
||||
|
||||
if ($this->headerContains($headers, 'x-frame-options')) {
|
||||
// @see https://stackoverflow.com/questions/31944552/iframe-refuses-to-display
|
||||
$return = 'x-frame-options: SAMEORIGIN';
|
||||
}
|
||||
|
||||
if ($this->headerContains($headers, 'content-security-policy', "frame-ancestors 'self'")) {
|
||||
// https://seznam.cz
|
||||
// Refused to display 'https://www.seznam.cz/' in a frame because an ancestor violates the following
|
||||
// Content Security Policy directive: "frame-ancestors 'self'".
|
||||
// @see https://stackoverflow.com/questions/31944552/iframe-refuses-to-display
|
||||
$return = 'content-security-policy';
|
||||
}
|
||||
|
||||
return $return;
|
||||
}
|
||||
|
||||
private function headerContains(array $headers, string $name, ?string $content = null): bool
|
||||
{
|
||||
$headers = array_change_key_case($headers, CASE_LOWER);
|
||||
|
||||
if (array_key_exists($name, $headers)) {
|
||||
if (null !== $content) {
|
||||
if (str_starts_with($headers[$name][0], $content)) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,57 @@
|
||||
<?php
|
||||
|
||||
namespace MauticPlugin\MauticFocusBundle\Helper;
|
||||
|
||||
use Mautic\CoreBundle\Security\Permissions\CorePermissions;
|
||||
use MauticPlugin\MauticFocusBundle\Model\FocusModel;
|
||||
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
||||
use Symfony\Component\Routing\RouterInterface;
|
||||
|
||||
class TokenHelper
|
||||
{
|
||||
public const REGEX = '/{focus=(.*?)}/i';
|
||||
|
||||
public function __construct(
|
||||
protected FocusModel $model,
|
||||
protected RouterInterface $router,
|
||||
protected CorePermissions $security,
|
||||
) {
|
||||
}
|
||||
|
||||
public function findFocusTokens($content): array
|
||||
{
|
||||
preg_match_all(self::REGEX, $content, $matches);
|
||||
|
||||
$tokens = [];
|
||||
|
||||
if (count($matches[0])) {
|
||||
foreach ($matches[1] as $id) {
|
||||
$token = '{focus='.$id.'}';
|
||||
$focus = $this->model->getEntity((int) $id);
|
||||
if (null !== $focus
|
||||
&& (
|
||||
$focus->isPublished()
|
||||
|| $this->security->hasEntityAccess(
|
||||
'focus:items:viewown',
|
||||
'focus:items:viewother',
|
||||
$focus->getCreatedBy()
|
||||
)
|
||||
)
|
||||
) {
|
||||
$script = '<script src="'.
|
||||
$this->router->generate(
|
||||
'mautic_focus_generate',
|
||||
['id' => $id],
|
||||
UrlGeneratorInterface::ABSOLUTE_URL
|
||||
).
|
||||
'" type="text/javascript" charset="utf-8" async="async"></script>';
|
||||
$tokens[$token] = $script;
|
||||
} else {
|
||||
$tokens[$token] = '';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $tokens;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user