Merge "Adding wildcard support to $wgCopyUploadsDomains"

[lhc/web/wiklou.git] / includes / upload / UploadFromUrl.php
diff --git a/includes/upload/UploadFromUrl.php b/includes/upload/UploadFromUrl.php

index a9e4519..7f430c5 100644 (file)
--- a/includes/upload/UploadFromUrl.php
+++ b/includes/upload/UploadFromUrl.php
@@ -41,7 +41,7 @@ class UploadFromUrl extends UploadBase {
          *
          * @param $user User
          *
-        * @return true|string
+        * @return bool|string
          */
         public static function isAllowed( $user ) {
                 if ( !$user->isAllowed( 'upload_by_url' ) ) {
@@ -61,6 +61,8 @@ class UploadFromUrl extends UploadBase {
  
         /**
          * Checks whether the URL is for an allowed host
+        * The domains in the whitelist can include wildcard characters (*) in place
+        * of any of the domain levels, e.g. '*.flickr.com' or 'upload.*.gov.uk'.
          *
          * @param $url string
          * @return bool
@@ -76,10 +78,28 @@ class UploadFromUrl extends UploadBase {
                 }
                 $valid = false;
                 foreach( $wgCopyUploadsDomains as $domain ) {
+                       // See if the domain for the upload matches this whitelisted domain
+                       $whitelistedDomainPieces = explode( '.', $domain );
+                       $uploadDomainPieces = explode( '.', $parsedUrl['host'] );
+                       if ( count( $whitelistedDomainPieces ) === count( $uploadDomainPieces ) ) {
+                               $valid = true;
+                               // See if all the pieces match or not (excluding wildcards)
+                               foreach ( $whitelistedDomainPieces as $index => $piece ) {
+                                       if ( $piece !== '*' && $piece !== $uploadDomainPieces[$index] ) {
+                                               $valid = false;
+                                       }
+                               }
+                               if ( $valid ) {
+                                       // We found a match, so quit comparing against the list
+                                       break;
+                               }
+                       }
+                       /* Non-wildcard test
                         if ( $parsedUrl['host'] === $domain ) {
                                 $valid = true;
                                 break;
                         }
+                       */
                 }
                 return $valid;
         }
@@ -92,6 +112,7 @@ class UploadFromUrl extends UploadBase {
          * @param $async mixed Whether the download should be performed
          * asynchronous. False for synchronous, async or async-leavemessage for
          * asynchronous download.
+        * @throws MWException
          */
         public function initialize( $name, $url, $async = false ) {
                 global $wgAllowAsyncCopyUploads;
@@ -206,9 +227,14 @@ class UploadFromUrl extends UploadBase {
                 $this->mRemoveTempFile = true;
                 $this->mFileSize = 0;
  
-               $req = MWHttpRequest::factory( $this->mUrl, array(
+               $options = array(
                         'followRedirects' => true
-               ) );
+               );
+               global $wgCopyUploadProxy;
+               if ( $wgCopyUploadProxy !== false ) {
+                       $options['proxy'] = $wgCopyUploadProxy;
+               }
+               $req = MWHttpRequest::factory( $this->mUrl, $options );
                 $req->setCallback( array( $this, 'saveTempFileChunk' ) );
                 $status = $req->execute();
  
@@ -256,6 +282,7 @@ class UploadFromUrl extends UploadBase {
         /**
          * Wrapper around the parent function in order to defer checking protection
          * until we are sure that the file can actually be uploaded
+        * @param $user User
          * @return bool|mixed
          */
         public function verifyTitlePermissions( $user ) {
@@ -268,6 +295,10 @@ class UploadFromUrl extends UploadBase {
         /**
          * Wrapper around the parent function in order to defer uploading to the
          * job queue for asynchronous uploads
+        * @param $comment string
+        * @param $pageText string
+        * @param $watch bool
+        * @param $user User
          * @return Status
          */
         public function performUpload( $comment, $pageText, $watch, $user ) {
@@ -281,11 +312,11 @@ class UploadFromUrl extends UploadBase {
         }
  
         /**
-        * @param  $comment
-        * @param  $pageText
-        * @param  $watch
-        * @param  $user User
-        * @return
+        * @param $comment
+        * @param $pageText
+        * @param $watch
+        * @param $user User
+        * @return String
          */
         protected function insertJob( $comment, $pageText, $watch, $user ) {
                 $sessionKey = $this->stashSession();