Change session lifetime and do not use the image proxy for https urls

2015-01-17 19:17:44 -05:00 · 2015-01-17 19:17:44 -05:00 · e08ba7771d
parent cd1a0115c2
commit e08ba7771d
7 changed files with 71 additions and 57 deletions
--- a/controllers/common.php
+++ b/controllers/common.php
@ -9,7 +9,7 @@ use PicoFarad\Template;
 // Called before each action
 Router\before(function($action) {

-    Session\open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH);
+    Session\open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH, 0);

    // Select the requested database. If it fails, logout to destroy session and
    // 'remember me' cookie
--- a/vendor/autoload.php
+++ b/vendor/autoload.php
@ -4,4 +4,4 @@

 require_once __DIR__ . '/composer' . '/autoload_real.php';

-return ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0::getLoader();
+return ComposerAutoloaderInit1aea6e0e97930d7617e83f53a5287aca::getLoader();
--- a/vendor/composer/autoload_real.php
+++ b/vendor/composer/autoload_real.php
@ -2,7 +2,7 @@

 // autoload_real.php @generated by Composer

-class ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0
+class ComposerAutoloaderInit1aea6e0e97930d7617e83f53a5287aca
 {
    private static $loader;

@ -19,9 +19,9 @@ class ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0
            return self::$loader;
        }

-        spl_autoload_register(array('ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0', 'loadClassLoader'), true, true);
+        spl_autoload_register(array('ComposerAutoloaderInit1aea6e0e97930d7617e83f53a5287aca', 'loadClassLoader'), true, true);
        self::$loader = $loader = new \Composer\Autoload\ClassLoader();
-        spl_autoload_unregister(array('ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0', 'loadClassLoader'));
+        spl_autoload_unregister(array('ComposerAutoloaderInit1aea6e0e97930d7617e83f53a5287aca', 'loadClassLoader'));

        $map = require __DIR__ . '/autoload_namespaces.php';
        foreach ($map as $namespace => $path) {
@ -42,14 +42,14 @@ class ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0

        $includeFiles = require __DIR__ . '/autoload_files.php';
        foreach ($includeFiles as $file) {
-            composerRequire14b220c217b5c0a54b55656dba0c7ad0($file);
+            composerRequire1aea6e0e97930d7617e83f53a5287aca($file);
        }

        return $loader;
    }
 }

-function composerRequire14b220c217b5c0a54b55656dba0c7ad0($file)
+function composerRequire1aea6e0e97930d7617e83f53a5287aca($file)
 {
    require $file;
 }
--- a/vendor/composer/installed.json
+++ b/vendor/composer/installed.json
@ -77,45 +77,6 @@
        "description": "A simple Json-RPC client/server library that just works",
        "homepage": "https://github.com/fguillot/JsonRPC"
    },
-    {
-        "name": "fguillot/picofarad",
-        "version": "dev-master",
-        "version_normalized": "9999999-dev",
-        "source": {
-            "type": "git",
-            "url": "https://github.com/fguillot/picoFarad.git",
-            "reference": "070e1a90d71f403e75ac5464109eb7904daed9f3"
-        },
-        "dist": {
-            "type": "zip",
-            "url": "https://api.github.com/repos/fguillot/picoFarad/zipball/070e1a90d71f403e75ac5464109eb7904daed9f3",
-            "reference": "070e1a90d71f403e75ac5464109eb7904daed9f3",
-            "shasum": ""
-        },
-        "require": {
-            "php": ">=5.3.0"
-        },
-        "time": "2014-12-29 21:34:25",
-        "type": "library",
-        "installation-source": "dist",
-        "autoload": {
-            "psr-0": {
-                "PicoFarad": "lib/"
-            }
-        },
-        "notification-url": "https://packagist.org/downloads/",
-        "license": [
-            "Unlicense"
-        ],
-        "authors": [
-            {
-                "name": "Frédéric Guillot",
-                "homepage": "http://fredericguillot.com"
-            }
-        ],
-        "description": "Minimalist micro-framework",
-        "homepage": "https://github.com/fguillot/picoFarad"
-    },
    {
        "name": "fguillot/picodb",
        "version": "dev-master",
@ -155,6 +116,45 @@
        "description": "Minimalist database query builder",
        "homepage": "https://github.com/fguillot/picoDb"
    },
+    {
+        "name": "fguillot/picofarad",
+        "version": "dev-master",
+        "version_normalized": "9999999-dev",
+        "source": {
+            "type": "git",
+            "url": "https://github.com/fguillot/picoFarad.git",
+            "reference": "749506cd204ae05c3cc8894be1b4302b4aed6e53"
+        },
+        "dist": {
+            "type": "zip",
+            "url": "https://api.github.com/repos/fguillot/picoFarad/zipball/749506cd204ae05c3cc8894be1b4302b4aed6e53",
+            "reference": "749506cd204ae05c3cc8894be1b4302b4aed6e53",
+            "shasum": ""
+        },
+        "require": {
+            "php": ">=5.3.0"
+        },
+        "time": "2015-01-17 23:58:31",
+        "type": "library",
+        "installation-source": "dist",
+        "autoload": {
+            "psr-0": {
+                "PicoFarad": "lib/"
+            }
+        },
+        "notification-url": "https://packagist.org/downloads/",
+        "license": [
+            "Unlicense"
+        ],
+        "authors": [
+            {
+                "name": "Frédéric Guillot",
+                "homepage": "http://fredericguillot.com"
+            }
+        ],
+        "description": "Minimalist micro-framework",
+        "homepage": "https://github.com/fguillot/picoFarad"
+    },
    {
        "name": "fguillot/picofeed",
        "version": "dev-master",
@ -162,18 +162,18 @@
        "source": {
            "type": "git",
            "url": "https://github.com/fguillot/picoFeed.git",
-            "reference": "efe811fcf56644df4664370815bccab90c289b13"
+            "reference": "d3785fc54d0bf9d521fd85e369cc5600f66099cc"
        },
        "dist": {
            "type": "zip",
-            "url": "https://api.github.com/repos/fguillot/picoFeed/zipball/efe811fcf56644df4664370815bccab90c289b13",
-            "reference": "efe811fcf56644df4664370815bccab90c289b13",
+            "url": "https://api.github.com/repos/fguillot/picoFeed/zipball/d3785fc54d0bf9d521fd85e369cc5600f66099cc",
+            "reference": "d3785fc54d0bf9d521fd85e369cc5600f66099cc",
            "shasum": ""
        },
        "require": {
            "php": ">=5.3.0"
        },
-        "time": "2015-01-10 22:07:07",
+        "time": "2015-01-18 00:05:29",
        "type": "library",
        "installation-source": "dist",
        "autoload": {
--- a/vendor/fguillot/picofarad/lib/PicoFarad/Session.php
+++ b/vendor/fguillot/picofarad/lib/PicoFarad/Session.php
@ -5,13 +5,13 @@ namespace PicoFarad\Session;
 const SESSION_LIFETIME = 2678400;


-function open($base_path = '/', $save_path = '')
+function open($base_path = '/', $save_path = '', $session_lifetime = SESSION_LIFETIME)
 {
    if ($save_path !== '') session_save_path($save_path);

    // HttpOnly and secure flags for session cookie
    session_set_cookie_params(
-        SESSION_LIFETIME,
+        $session_lifetime,
        $base_path ?: '/',
        null,
        isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
--- a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Attribute.php
+++ b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Attribute.php
@ -376,7 +376,7 @@ class Attribute
    }

    /**
-     * Rewrite image url to use with a proxy
+     * Rewrite image url to use with a proxy (HTTPS resource are ignored)
     *
     * @access public
     * @param  string    $tag           Tag name
@ -386,7 +386,7 @@ class Attribute
     */
    public function rewriteImageProxyUrl($tag, $attribute, &$value)
    {
-        if ($tag === 'img' && $attribute === 'src') {
+        if ($tag === 'img' && $attribute === 'src' && strpos($value, 'http:') === 0) {

            if ($this->image_proxy_url) {
                $value = sprintf($this->image_proxy_url, rawurlencode($value));
--- a/vendor/fguillot/picofeed/tests/Filter/FilterTest.php
+++ b/vendor/fguillot/picofeed/tests/Filter/FilterTest.php
@ -95,6 +95,19 @@ class FilterTest extends PHPUnit_Framework_TestCase
            $f->execute()
        );

+        // Test setFilterImageProxyUrl and HTTPS
+        $config = new Config;
+        $config->setFilterImageProxyUrl('http://myproxy/?url=%s');
+
+        $f = Filter::html('<p>Image <img src="https://localhost/image.png" alt="My Image"/></p>', 'http://foo');
+        $f->setConfig($config);
+
+        $this->assertEquals(
+            '<p>Image <img src="https://localhost/image.png" alt="My Image"/></p>',
+            $f->execute()
+        );
+
+        // Test setFilterImageProxyUrl
        $config = new Config;
        $config->setFilterImageProxyUrl('http://myproxy/?url=%s');

@ -102,21 +115,22 @@ class FilterTest extends PHPUnit_Framework_TestCase
        $f->setConfig($config);

        $this->assertEquals(
-            '<p>Image <img src="http://myproxy/?url='.urlencode('http://foo/image.png').'" alt="My Image"/></p>',
+            '<p>Image <img src="http://myproxy/?url='.rawurlencode('http://foo/image.png').'" alt="My Image"/></p>',
            $f->execute()
        );

+        // Test setFilterImageProxyCallback
        $config = new Config;
        $config->setFilterImageProxyCallback(function ($image_url) {
            $key = hash_hmac('sha1', $image_url, 'secret');
-            return 'https://mypublicproxy/'.$key.'/'.urlencode($image_url);
+            return 'https://mypublicproxy/'.$key.'/'.rawurlencode($image_url);
        });

        $f = Filter::html('<p>Image <img src="/image.png" alt="My Image"/></p>', 'http://foo');
        $f->setConfig($config);

        $this->assertEquals(
-            '<p>Image <img src="https://mypublicproxy/4924964043f3119b3cf2b07b1922d491bcc20092/'.urlencode('http://foo/image.png').'" alt="My Image"/></p>',
+            '<p>Image <img src="https://mypublicproxy/4924964043f3119b3cf2b07b1922d491bcc20092/'.rawurlencode('http://foo/image.png').'" alt="My Image"/></p>',
            $f->execute()
        );
    }