1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
<?php
/*
** Copyright (C) 1995-2007 by the ITools Authors.
** This file is part of ITools - the Internet Tools Library
**
** ITools is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 3 of the License, or
** (at your option) any later version.
**
** ITools is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program. If not, see <http://www.gnu.org/licenses/>.
**
** itjs.php - Delivers /itjs/ files through AliasMatch in httpd.conf
*/
require "itools/itools.lib";
if (EDC('slow' . it::match('\.(css|js)\b', U($_GET))))
sleep(5);
if (is_array($_GET['files']) || it::match('/server/', $_SERVER['DOCUMENT_ROOT']))
exit; # useless here. cannot write tempfiles
itjs::far_future_headers(); # may exit
$files = itjs::filenames($_GET['files'] ?: it::match('/itjs/([-a-z0-9_,.]*)', $_SERVER['PHP_SELF']));
$data = itjs::filecontents($files);
$lastfile = end($files) ?: it::match('[^,]+$', $_GET['files']); # set correct mime type even if files not found
if (it::match('\.gif$', $lastfile))
{
header("Content-Type: image/gif");
}
else if (it::match('\.css', $lastfile))
{
header("Content-Type: text/css");
$data .= "\n#it_boot_dom { display:none }\n"; # Append magic style for it_boot
if (!it::match('^devel', $GLOBALS['ULTRASERVERTYPE']))
$data = it::replace(array('[ \t]*([{};])[ \t]*' => '$1', '/\*.*?\*/' => ""), $data);
if (it::match('W3C_CSS_Validator', $_SERVER['HTTP_USER_AGENT']) || $_GET['w3c'])
$data = it::replace(array(
'@-.*|@page.*' => "",
'background[^;}]*(gradient|rgba)[^;}]*;?' => "",
'::-webkit[^ ,{]*' => '.foo',
'\n:.*' => "\n",
'(filter:\s*(progid|none)|text-overflow:|zoom:|-webkit-[-\w]+:|display:-moz-|-moz-|-o-|cursor:|border-radius:|behavior:|text-rendering:|\w+:expression:|[-\w]*appearance:)[^;}]*;?' => "",
'pointer-events:[^;}]*' => "",
'html\.ie6.*' => "",
':valid:' => ":", # hack for iOS datetime
'([^/])\*(\w)' => '$1$2',
'svg\..*' => "", # ignore svg styles
'\battr\(.*?\)' => "'x'", # ignore content:attr(placeholder)
'\benv\(.*?\)' => "0", # ignore env(), e.g. env(safe-area-inset-left) for iPhone X
'\bcalc\(.*?\)' => "0", # ignore calc()
'\bbackground-position-[xy]' => "background-position",
),
$data
);
if ((($ie = it::match('MSIE (\d+)', $_SERVER['HTTP_USER_AGENT'])) && intval($ie) < 9) || EDC('iecompat'))
$data = it::replace(array(
'([;{]\s*)(background-size:[^;}])' => '\1behavior:url(/itjs/ie-backgroundsize-min.htc);\2'),
$data
);
}
else if (it::match('\.htc$', $lastfile))
{
header("Content-Type: text/x-component");
}
else if (!it::match('\.html$', $lastfile))
{
header("Content-Type: application/x-javascript; charset=" . (ini_get('default_charset') ?: 'iso-8859-1'));
$data = "window.trace+='i';\n$data\nwindow.trace+='I';\n";
$data .= "\nwindow.it_gotjs = (window.it_gotjs ? window.it_gotjs : '') + '." . it::match('\w+', basename($lastfile)) . "';\n";
}
$data = itjs::strip($data);
if ($_REQUEST['boot'])
{
$data .= "window.it_boot_init();\n";
if (!$_REQUEST['script'])
$data = sprintf("/*sln:%d*/\n%s/*eln:%d*/", grapheme_strlen($data), strtr($data, array('%' => "%25", '.' => "%2e", 'e' => "%65", 'i' => "%69")), grapheme_strlen($data)); # Protect from Firewalls/Proxies altering Javascript source code
}
echo it_untaint($data);
?>
|