summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--it_url.class14
1 files changed, 13 insertions, 1 deletions
diff --git a/it_url.class b/it_url.class
index 851c1d9..d718201 100644
--- a/it_url.class
+++ b/it_url.class
@@ -111,6 +111,7 @@ static function _postprocess($data, $p)
* @param $p['retrysleep'] Number of seconds to wait before retry (additional to fetchsleep), fractions ok
* @param $p['accept_encoding'] Contents of the "Accept-Encoding: " header. Enables decoding of the response. Set to null to disable, "" (default) for all supported encodings.
* @param $p['postprocess'] function called with content and $p which has it_error. returns content or null (which triggers retry)
+ * @param $p['protocols'] Array of protocols to accept, defaults to ['http', 'https'], @see curl_opts for other values
* @return Content of resulting page (considering redirects, excluding headers or false on error) or array (empty on error) if 'assoc' => true
*/
static function get($p = [], $timeout = null)
@@ -200,7 +201,18 @@ static function curl_opts($p=array())
'timeout' => 5,
'followlocation' => !$p['files'], # disallow redirects for file uploads as recommended by https://curl.se/libcurl/security.html
'accept_encoding' => '', # set header to accept any supported encoding and enable automatic decompression
+ 'protocols' => ['http', 'https'], # Array with allowed protocols, see list below
];
+ $protocols = [
+ 'file' => CURLPROTO_FILE,
+ 'ftp' => CURLPROTO_FTP,
+ 'ftps' => CURLPROTO_FTPS,
+ 'http' => CURLPROTO_HTTP,
+ 'https' => CURLPROTO_HTTPS,
+ 'scp' => CURLPROTO_SCP,
+ 'sftp' => CURLPROTO_SFTP,
+ ];
+
$add = [];
if (it::grep("[\n\r]", it::map('"$k$v"', $p['headers'])))
@@ -253,7 +265,7 @@ static function curl_opts($p=array())
CURLOPT_CUSTOMREQUEST => $p['method'] ?: null,
CURLOPT_NOBODY => $p['method'] == 'HEAD',
CURLOPT_SAFE_UPLOAD => true, # disable special meaning of @value in POST forms (security)
- CURLOPT_PROTOCOLS => CURLPROTO_HTTP | CURLPROTO_HTTPS,
+ CURLOPT_PROTOCOLS => array_reduce($p['protocols'], fn($c, $v) => $c | $protocols[$v], 0),
CURLOPT_CAPATH => '/etc/ssl/certs/',
CURLOPT_SSL_VERIFYPEER => !$p['allow_insecure_ssl'],