. ** ** itjs.php - Delivers /itjs/ files through AliasMatch in httpd.conf */ require "itools/itools.lib"; if (EDC('slow' . it::match('\.(css|js)\b', U($_GET)))) sleep(5); if (is_array($_GET['files']) || it::match('/server/', $_SERVER['DOCUMENT_ROOT'])) exit; # useless here. cannot write tempfiles itjs::far_future_headers(); # may exit if (it::match('W3C_CSS_Validator', $_SERVER['HTTP_USER_AGENT'])) $_GET['files'] = it::replace([',jquery.fancybox.css,' => ","], $_GET['files']); $files = itjs::filenames($_GET['files'] ?: it::match('/itjs/([-a-z0-9_,.]*)', $_SERVER['PHP_SELF'])); $data = itjs::filecontents($files); $lastfile = end($files) ?: it::match('[^,]+$', $_GET['files']); # set correct mime type even if files not found if (it::match('\.gif$', $lastfile)) { header("Content-Type: image/gif"); } else if (it::match('\.css', $lastfile)) { header("Content-Type: text/css"); $data .= "\n#it_boot_dom { display:none }\n"; # Append magic style for it_boot if (!it::match('^devel', $GLOBALS['ULTRASERVERTYPE'])) $data = it::replace(array('[ \t]*([{};])[ \t]*' => '$1', '/\*.*?\*/' => ""), $data); if (it::match('W3C_CSS_Validator', $_SERVER['HTTP_USER_AGENT']) || $_GET['w3c']) $data = it::replace(array( '@-.*|@page.*' => "", 'background[^;}]*(gradient|rgba)[^;}]*;?' => "", '::-webkit[^ ,{]*' => '.foo', '\n:.*' => "\n", '(filter:\s*(progid|none)|text-overflow:|zoom:|-webkit-[-\w]+:|display:-moz-|-moz-|-o-|cursor:|border-radius:|behavior:|text-rendering:|\w+:expression:|[-\w]*appearance:)[^;}]*;?' => "", 'pointer-events:[^;}]*' => "", 'html\.ie6.*' => "", ':valid:' => ":", # hack for iOS datetime '([^/])\*(\w)' => '$1$2', 'svg\..*' => "", # ignore svg styles '\battr\(.*?\)' => "'x'", # ignore content:attr(placeholder) '\benv\(.*?\)' => "0", # ignore env(), e.g. env(safe-area-inset-left) for iPhone X '\bcalc\(.*?\)' => "0", # ignore calc() '\bbackground-position-[xy]' => "background-position", ), $data ); if ((($ie = it::match('MSIE (\d+)', $_SERVER['HTTP_USER_AGENT'])) && intval($ie) < 9) || EDC('iecompat')) $data = it::replace(array( '([;{]\s*)(background-size:[^;}])' => '\1behavior:url(/itjs/ie-backgroundsize-min.htc);\2'), $data ); } else if (it::match('\.htc$', $lastfile)) { header("Content-Type: text/x-component"); } else if ($files && !it::match('\.html$', $lastfile)) { header("Content-Type: application/x-javascript; charset=" . (ini_get('default_charset') ?: 'iso-8859-1')); $data = "window.trace+='i';\n$data\nwindow.trace+='I';\n"; $data .= "\nwindow.it_gotjs = (window.it_gotjs ? window.it_gotjs : '') + '." . it::match('\w+', basename($lastfile)) . "';\n"; } if (strpos($data, " "%25", '.' => "%2e", 'e' => "%65", 'i' => "%69")), grapheme_strlen($data)); # Protect from Firewalls/Proxies altering Javascript source code } echo it_untaint($data); ?>