mneuhaus · November 22, 2016 16:35
diff --git a/proxy.php b/proxy.php
 <?php

 if( ! isset($curl_maxredirs))
    $curl_maxredirs = 10;

 if( ! isset($curl_timeout))
    $curl_timeout = 30;

 function sentry_log($message, $logLevel = 'info', $context = array()) {
    $sentryUrl = 'http://docker.mia3.com:9000/api/10/store/?sentry_version=7&sentry_client=raven-js%2F3.0.4&sentry_key=80e40c062a184525b2ab66b88f64b4f5&sentry_secret=0394c79e57784c5f841788699c74bf54';
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $sentryUrl);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
    curl_setopt($ch, CURLOPT_POST,           1 );
    curl_setopt($ch, CURLOPT_POSTFIELDS,     '{
 		  "project": "10",
 		  "logger": "ey-proxy",
 		  "platform": "php",
 		  "request": {
 		    "headers": {},
 		    "url": "http://' . $_SERVER['HTTP_HOST'] . '/"
 		  },
 		  "level": "' . $logLevel . '",
 		  "message": "' . $message . '",
 		  "extra": ' . json_encode($context) . '
 		}');
    curl_setopt($ch, CURLOPT_HTTPHEADER,     array('Content-Type: application/json'));

    $result=curl_exec ($ch);
 }

 // Get stuff
 $headers = getallheaders();
 $method = $_SERVER['REQUEST_METHOD'];
 $url = 'http://eyglobal.avature.net' . $_SERVER['REQUEST_URI'];
 $proxyHost = $_SERVER['HTTP_HOST'];

 // Check that we have a URL
 if( ! $url)
    http_response_code(400) and exit("X-Proxy-URL header missing");

 // Check that the URL looks like an absolute URL
 if( ! parse_url($url, PHP_URL_SCHEME))
    http_response_code(403) and exit("Not an absolute URL: $url");

 session_start();

 // Remove ignored headers and prepare the rest for resending
 $ignore = ['Cookie', 'Host', 'X-Proxy-URL', 'X-Forwarded-Port', 'X-Forwarded-Proto', 'X-Real-IP', 'X-Requested-With', 'Authorization', 'Referer', 'Content-Type', 'Content-Length'];
 $headers = array_diff_key($headers, array_flip($ignore));
 $headers['Cookie'] = isset($_SESSION['cookie']) ? $_SESSION['cookie'] : null;
 $headers['Host'] = 'eyglobal.avature.net';
 $headers['Origin'] = 'http://eyglobal.avature.net';
 foreach($headers as $key => &$value) {
    $value = "$key: $value";
 }

 // Init curl
 $curl = curl_init();
 // Set generic options
 curl_setopt_array($curl, [
    CURLOPT_URL => $url,
    CURLOPT_HTTPHEADER => $headers,
    CURLOPT_HEADER => TRUE,
    CURLOPT_TIMEOUT => $curl_timeout,
    CURLOPT_FOLLOWLOCATION => TRUE,
    CURLOPT_MAXREDIRS => $curl_maxredirs,
    CURLOPT_RETURNTRANSFER => TRUE,
    CURLOPT_ENCODING => "gzip",
    CURLINFO_HEADER_OUT => true
 ]);

 // Method specific options
 switch($method)
 {
    case 'HEAD':
        curl_setopt($curl, CURLOPT_NOBODY, TRUE);
        break;

    case 'GET':
        break;

    case 'PUT':
    case 'POST':
    case 'DELETE':
    default:
        curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $method);
        $requestBody = file_get_contents('php://input');
        if (!empty($requestBody)) {
            curl_setopt($curl, CURLOPT_POSTFIELDS, $requestBody);
        } else {
            curl_setopt($curl, CURLOPT_POSTFIELDS, $_REQUEST);
        }
        break;
 }

 $response = curl_exec($curl);
 $headerSize = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
 $content = substr($response, $headerSize);
 $responseHeaders = explode(chr(10), trim(substr($response, 0, $headerSize)));

 sentry_log($_SERVER['REQUEST_URI'], 'info', array(
    'url' => $url,
    'method' => $method,
    'content' => $content,
    'requestHeaders' => $headers,
    'responseHeaders' => $responseHeaders,
    '$_SERVER' => $_SERVER,
    '$_REQUEST' => $_REQUEST
 ));

 //if ($method || isset($_REQUEST['debug']) || (isset($_REQUEST['1221']) && $_REQUEST['1221'] == '283798')) {
 //    var_dump($method, $content, $responseHeaders);
 //    exit();
 //}

 header('Access-Control-Allow-Origin: *');
 foreach ($responseHeaders as $header) {
    $parts = explode(':', $header);
    if (in_array($parts[0], array('Content-Encoding', 'P3P', 'ETag', 'Transfer-Encoding', 'Cookie', 'X-Frame-Options', 'Content-Length'))) {
        continue;
    }
    if ($parts[0] == 'Set-Cookie') {
        $values = explode(';', $parts[1]);
        $_SESSION['cookie'] = $values[0];
    }
    header($header);
 }

 $content = str_replace('http://eyglobal.avature.net', 'http://' . $proxyHost, $content);
 $content = preg_replace('/<meta name="viewport"[^>]+>/', '<meta name="viewport" content="user-scalable=no, initial-scale=2, maximum-scale=2, minimum-scale=2, width=device-width">', $content);
 $content = str_replace('</head>', '
 <style>
 	body {
 		transform: scale(2);
 		margin-top: 305px;
 		width: 1000px;
 		margin-left: 400px;
 		padding-top: 40px;
 		background: white
 	}
 	#header {
 		display: none;
 	}
 	#content h2.sectionTitle .flags {
 		display: none;
 	}
 </style></head>', $content);
 echo $content;
 curl_close($curl);
	<?php

	if( ! isset($curl_maxredirs))
	$curl_maxredirs = 10;

	if( ! isset($curl_timeout))
	$curl_timeout = 30;

	function sentry_log($message, $logLevel = 'info', $context = array()) {
	$sentryUrl = 'http://docker.mia3.com:9000/api/10/store/?sentry_version=7&sentry_client=raven-js%2F3.0.4&sentry_key=80e40c062a184525b2ab66b88f64b4f5&sentry_secret=0394c79e57784c5f841788699c74bf54';
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $sentryUrl);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
	curl_setopt($ch, CURLOPT_POST, 1 );
	curl_setopt($ch, CURLOPT_POSTFIELDS, '{
	"project": "10",
	"logger": "ey-proxy",
	"platform": "php",
	"request": {
	"headers": {},
	"url": "http://' . $_SERVER['HTTP_HOST'] . '/"
	},
	"level": "' . $logLevel . '",
	"message": "' . $message . '",
	"extra": ' . json_encode($context) . '
	}');
	curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));

	$result=curl_exec ($ch);
	}

	// Get stuff
	$headers = getallheaders();
	$method = $_SERVER['REQUEST_METHOD'];
	$url = 'http://eyglobal.avature.net' . $_SERVER['REQUEST_URI'];
	$proxyHost = $_SERVER['HTTP_HOST'];

	// Check that we have a URL
	if( ! $url)
	http_response_code(400) and exit("X-Proxy-URL header missing");

	// Check that the URL looks like an absolute URL
	if( ! parse_url($url, PHP_URL_SCHEME))
	http_response_code(403) and exit("Not an absolute URL: $url");

	session_start();

	// Remove ignored headers and prepare the rest for resending
	$ignore = ['Cookie', 'Host', 'X-Proxy-URL', 'X-Forwarded-Port', 'X-Forwarded-Proto', 'X-Real-IP', 'X-Requested-With', 'Authorization', 'Referer', 'Content-Type', 'Content-Length'];
	$headers = array_diff_key($headers, array_flip($ignore));
	$headers['Cookie'] = isset($_SESSION['cookie']) ? $_SESSION['cookie'] : null;
	$headers['Host'] = 'eyglobal.avature.net';
	$headers['Origin'] = 'http://eyglobal.avature.net';
	foreach($headers as $key => &$value) {
	$value = "$key: $value";
	}

	// Init curl
	$curl = curl_init();
	// Set generic options
	curl_setopt_array($curl, [
	CURLOPT_URL => $url,
	CURLOPT_HTTPHEADER => $headers,
	CURLOPT_HEADER => TRUE,
	CURLOPT_TIMEOUT => $curl_timeout,
	CURLOPT_FOLLOWLOCATION => TRUE,
	CURLOPT_MAXREDIRS => $curl_maxredirs,
	CURLOPT_RETURNTRANSFER => TRUE,
	CURLOPT_ENCODING => "gzip",
	CURLINFO_HEADER_OUT => true
	]);

	// Method specific options
	switch($method)
	{
	case 'HEAD':
	curl_setopt($curl, CURLOPT_NOBODY, TRUE);
	break;

	case 'GET':
	break;

	case 'PUT':
	case 'POST':
	case 'DELETE':
	default:
	curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $method);
	$requestBody = file_get_contents('php://input');
	if (!empty($requestBody)) {
	curl_setopt($curl, CURLOPT_POSTFIELDS, $requestBody);
	} else {
	curl_setopt($curl, CURLOPT_POSTFIELDS, $_REQUEST);
	}
	break;
	}

	$response = curl_exec($curl);
	$headerSize = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
	$content = substr($response, $headerSize);
	$responseHeaders = explode(chr(10), trim(substr($response, 0, $headerSize)));

	sentry_log($_SERVER['REQUEST_URI'], 'info', array(
	'url' => $url,
	'method' => $method,
	'content' => $content,
	'requestHeaders' => $headers,
	'responseHeaders' => $responseHeaders,
	'$_SERVER' => $_SERVER,
	'$_REQUEST' => $_REQUEST
	));

	//if ($method \|\| isset($_REQUEST['debug']) \|\| (isset($_REQUEST['1221']) && $_REQUEST['1221'] == '283798')) {
	// var_dump($method, $content, $responseHeaders);
	// exit();
	//}

	header('Access-Control-Allow-Origin: *');
	foreach ($responseHeaders as $header) {
	$parts = explode(':', $header);
	if (in_array($parts[0], array('Content-Encoding', 'P3P', 'ETag', 'Transfer-Encoding', 'Cookie', 'X-Frame-Options', 'Content-Length'))) {
	continue;
	}
	if ($parts[0] == 'Set-Cookie') {
	$values = explode(';', $parts[1]);
	$_SESSION['cookie'] = $values[0];
	}
	header($header);
	}

	$content = str_replace('http://eyglobal.avature.net', 'http://' . $proxyHost, $content);
	$content = preg_replace('/<meta name="viewport"[^>]+>/', '<meta name="viewport" content="user-scalable=no, initial-scale=2, maximum-scale=2, minimum-scale=2, width=device-width">', $content);
	$content = str_replace('</head>', '
	<style>
	body {
	transform: scale(2);
	margin-top: 305px;
	width: 1000px;
	margin-left: 400px;
	padding-top: 40px;
	background: white
	}
	#header {
	display: none;
	}
	#content h2.sectionTitle .flags {
	display: none;
	}
	</style></head>', $content);
	echo $content;
	curl_close($curl);