From e08ba7771d60158481adda2794c56ab52a28adfc Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@miniflux.net>
Date: Sat, 17 Jan 2015 19:17:44 -0500
Subject: [PATCH] Change session lifetime and do not use the image proxy for
 https urls

---
 controllers/common.php                        |  2 +-
 vendor/autoload.php                           |  2 +-
 vendor/composer/autoload_real.php             | 10 +--
 vendor/composer/installed.json                | 86 +++++++++----------
 .../picofarad/lib/PicoFarad/Session.php       |  4 +-
 .../lib/PicoFeed/Filter/Attribute.php         |  4 +-
 .../picofeed/tests/Filter/FilterTest.php      | 20 ++++-
 7 files changed, 71 insertions(+), 57 deletions(-)

diff --git a/controllers/common.php b/controllers/common.php
index 053a2a2..dcefa2a 100644
--- a/controllers/common.php
+++ b/controllers/common.php
@@ -9,7 +9,7 @@ use PicoFarad\Template;
 // Called before each action
 Router\before(function($action) {
 
-    Session\open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH);
+    Session\open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH, 0);
 
     // Select the requested database. If it fails, logout to destroy session and
     // 'remember me' cookie
diff --git a/vendor/autoload.php b/vendor/autoload.php
index 00626c1..7fae426 100644
--- a/vendor/autoload.php
+++ b/vendor/autoload.php
@@ -4,4 +4,4 @@
 
 require_once __DIR__ . '/composer' . '/autoload_real.php';
 
-return ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0::getLoader();
+return ComposerAutoloaderInit1aea6e0e97930d7617e83f53a5287aca::getLoader();
diff --git a/vendor/composer/autoload_real.php b/vendor/composer/autoload_real.php
index b24cab3..9d83a4a 100644
--- a/vendor/composer/autoload_real.php
+++ b/vendor/composer/autoload_real.php
@@ -2,7 +2,7 @@
 
 // autoload_real.php @generated by Composer
 
-class ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0
+class ComposerAutoloaderInit1aea6e0e97930d7617e83f53a5287aca
 {
     private static $loader;
 
@@ -19,9 +19,9 @@ class ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0
             return self::$loader;
         }
 
-        spl_autoload_register(array('ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0', 'loadClassLoader'), true, true);
+        spl_autoload_register(array('ComposerAutoloaderInit1aea6e0e97930d7617e83f53a5287aca', 'loadClassLoader'), true, true);
         self::$loader = $loader = new \Composer\Autoload\ClassLoader();
-        spl_autoload_unregister(array('ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0', 'loadClassLoader'));
+        spl_autoload_unregister(array('ComposerAutoloaderInit1aea6e0e97930d7617e83f53a5287aca', 'loadClassLoader'));
 
         $map = require __DIR__ . '/autoload_namespaces.php';
         foreach ($map as $namespace => $path) {
@@ -42,14 +42,14 @@ class ComposerAutoloaderInit14b220c217b5c0a54b55656dba0c7ad0
 
         $includeFiles = require __DIR__ . '/autoload_files.php';
         foreach ($includeFiles as $file) {
-            composerRequire14b220c217b5c0a54b55656dba0c7ad0($file);
+            composerRequire1aea6e0e97930d7617e83f53a5287aca($file);
         }
 
         return $loader;
     }
 }
 
-function composerRequire14b220c217b5c0a54b55656dba0c7ad0($file)
+function composerRequire1aea6e0e97930d7617e83f53a5287aca($file)
 {
     require $file;
 }
diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json
index f7a26af..b58beb8 100644
--- a/vendor/composer/installed.json
+++ b/vendor/composer/installed.json
@@ -77,45 +77,6 @@
         "description": "A simple Json-RPC client/server library that just works",
         "homepage": "https://github.com/fguillot/JsonRPC"
     },
-    {
-        "name": "fguillot/picofarad",
-        "version": "dev-master",
-        "version_normalized": "9999999-dev",
-        "source": {
-            "type": "git",
-            "url": "https://github.com/fguillot/picoFarad.git",
-            "reference": "070e1a90d71f403e75ac5464109eb7904daed9f3"
-        },
-        "dist": {
-            "type": "zip",
-            "url": "https://api.github.com/repos/fguillot/picoFarad/zipball/070e1a90d71f403e75ac5464109eb7904daed9f3",
-            "reference": "070e1a90d71f403e75ac5464109eb7904daed9f3",
-            "shasum": ""
-        },
-        "require": {
-            "php": ">=5.3.0"
-        },
-        "time": "2014-12-29 21:34:25",
-        "type": "library",
-        "installation-source": "dist",
-        "autoload": {
-            "psr-0": {
-                "PicoFarad": "lib/"
-            }
-        },
-        "notification-url": "https://packagist.org/downloads/",
-        "license": [
-            "Unlicense"
-        ],
-        "authors": [
-            {
-                "name": "Frédéric Guillot",
-                "homepage": "http://fredericguillot.com"
-            }
-        ],
-        "description": "Minimalist micro-framework",
-        "homepage": "https://github.com/fguillot/picoFarad"
-    },
     {
         "name": "fguillot/picodb",
         "version": "dev-master",
@@ -155,6 +116,45 @@
         "description": "Minimalist database query builder",
         "homepage": "https://github.com/fguillot/picoDb"
     },
+    {
+        "name": "fguillot/picofarad",
+        "version": "dev-master",
+        "version_normalized": "9999999-dev",
+        "source": {
+            "type": "git",
+            "url": "https://github.com/fguillot/picoFarad.git",
+            "reference": "749506cd204ae05c3cc8894be1b4302b4aed6e53"
+        },
+        "dist": {
+            "type": "zip",
+            "url": "https://api.github.com/repos/fguillot/picoFarad/zipball/749506cd204ae05c3cc8894be1b4302b4aed6e53",
+            "reference": "749506cd204ae05c3cc8894be1b4302b4aed6e53",
+            "shasum": ""
+        },
+        "require": {
+            "php": ">=5.3.0"
+        },
+        "time": "2015-01-17 23:58:31",
+        "type": "library",
+        "installation-source": "dist",
+        "autoload": {
+            "psr-0": {
+                "PicoFarad": "lib/"
+            }
+        },
+        "notification-url": "https://packagist.org/downloads/",
+        "license": [
+            "Unlicense"
+        ],
+        "authors": [
+            {
+                "name": "Frédéric Guillot",
+                "homepage": "http://fredericguillot.com"
+            }
+        ],
+        "description": "Minimalist micro-framework",
+        "homepage": "https://github.com/fguillot/picoFarad"
+    },
     {
         "name": "fguillot/picofeed",
         "version": "dev-master",
@@ -162,18 +162,18 @@
         "source": {
             "type": "git",
             "url": "https://github.com/fguillot/picoFeed.git",
-            "reference": "efe811fcf56644df4664370815bccab90c289b13"
+            "reference": "d3785fc54d0bf9d521fd85e369cc5600f66099cc"
         },
         "dist": {
             "type": "zip",
-            "url": "https://api.github.com/repos/fguillot/picoFeed/zipball/efe811fcf56644df4664370815bccab90c289b13",
-            "reference": "efe811fcf56644df4664370815bccab90c289b13",
+            "url": "https://api.github.com/repos/fguillot/picoFeed/zipball/d3785fc54d0bf9d521fd85e369cc5600f66099cc",
+            "reference": "d3785fc54d0bf9d521fd85e369cc5600f66099cc",
             "shasum": ""
         },
         "require": {
             "php": ">=5.3.0"
         },
-        "time": "2015-01-10 22:07:07",
+        "time": "2015-01-18 00:05:29",
         "type": "library",
         "installation-source": "dist",
         "autoload": {
diff --git a/vendor/fguillot/picofarad/lib/PicoFarad/Session.php b/vendor/fguillot/picofarad/lib/PicoFarad/Session.php
index ee7b415..390a461 100644
--- a/vendor/fguillot/picofarad/lib/PicoFarad/Session.php
+++ b/vendor/fguillot/picofarad/lib/PicoFarad/Session.php
@@ -5,13 +5,13 @@ namespace PicoFarad\Session;
 const SESSION_LIFETIME = 2678400;
 
 
-function open($base_path = '/', $save_path = '')
+function open($base_path = '/', $save_path = '', $session_lifetime = SESSION_LIFETIME)
 {
     if ($save_path !== '') session_save_path($save_path);
 
     // HttpOnly and secure flags for session cookie
     session_set_cookie_params(
-        SESSION_LIFETIME,
+        $session_lifetime,
         $base_path ?: '/',
         null,
         isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
diff --git a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Attribute.php b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Attribute.php
index b1c4906..02126d2 100644
--- a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Attribute.php
+++ b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Attribute.php
@@ -376,7 +376,7 @@ class Attribute
     }
 
     /**
-     * Rewrite image url to use with a proxy
+     * Rewrite image url to use with a proxy (HTTPS resource are ignored)
      *
      * @access public
      * @param  string    $tag           Tag name
@@ -386,7 +386,7 @@ class Attribute
      */
     public function rewriteImageProxyUrl($tag, $attribute, &$value)
     {
-        if ($tag === 'img' && $attribute === 'src') {
+        if ($tag === 'img' && $attribute === 'src' && strpos($value, 'http:') === 0) {
 
             if ($this->image_proxy_url) {
                 $value = sprintf($this->image_proxy_url, rawurlencode($value));
diff --git a/vendor/fguillot/picofeed/tests/Filter/FilterTest.php b/vendor/fguillot/picofeed/tests/Filter/FilterTest.php
index 8bbb2b9..08a57a1 100644
--- a/vendor/fguillot/picofeed/tests/Filter/FilterTest.php
+++ b/vendor/fguillot/picofeed/tests/Filter/FilterTest.php
@@ -95,6 +95,19 @@ class FilterTest extends PHPUnit_Framework_TestCase
             $f->execute()
         );
 
+        // Test setFilterImageProxyUrl and HTTPS
+        $config = new Config;
+        $config->setFilterImageProxyUrl('http://myproxy/?url=%s');
+
+        $f = Filter::html('<p>Image <img src="https://localhost/image.png" alt="My Image"/></p>', 'http://foo');
+        $f->setConfig($config);
+
+        $this->assertEquals(
+            '<p>Image <img src="https://localhost/image.png" alt="My Image"/></p>',
+            $f->execute()
+        );
+
+        // Test setFilterImageProxyUrl
         $config = new Config;
         $config->setFilterImageProxyUrl('http://myproxy/?url=%s');
 
@@ -102,21 +115,22 @@ class FilterTest extends PHPUnit_Framework_TestCase
         $f->setConfig($config);
 
         $this->assertEquals(
-            '<p>Image <img src="http://myproxy/?url='.urlencode('http://foo/image.png').'" alt="My Image"/></p>',
+            '<p>Image <img src="http://myproxy/?url='.rawurlencode('http://foo/image.png').'" alt="My Image"/></p>',
             $f->execute()
         );
 
+        // Test setFilterImageProxyCallback
         $config = new Config;
         $config->setFilterImageProxyCallback(function ($image_url) {
             $key = hash_hmac('sha1', $image_url, 'secret');
-            return 'https://mypublicproxy/'.$key.'/'.urlencode($image_url);
+            return 'https://mypublicproxy/'.$key.'/'.rawurlencode($image_url);
         });
 
         $f = Filter::html('<p>Image <img src="/image.png" alt="My Image"/></p>', 'http://foo');
         $f->setConfig($config);
 
         $this->assertEquals(
-            '<p>Image <img src="https://mypublicproxy/4924964043f3119b3cf2b07b1922d491bcc20092/'.urlencode('http://foo/image.png').'" alt="My Image"/></p>',
+            '<p>Image <img src="https://mypublicproxy/4924964043f3119b3cf2b07b1922d491bcc20092/'.rawurlencode('http://foo/image.png').'" alt="My Image"/></p>',
             $f->execute()
         );
     }