147 lines
5.0 KiB
PHP
147 lines
5.0 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
final class Http
|
|
{
|
|
public static function bootstrapGlobals(): void
|
|
{
|
|
if (PHP_SAPI !== 'cli') {
|
|
return;
|
|
}
|
|
$_SERVER['REQUEST_METHOD'] = strtoupper((string)(getenv('REQUEST_METHOD') ?: 'GET'));
|
|
foreach ([
|
|
'USER',
|
|
'USERNAME',
|
|
'SESSION_ID',
|
|
'REQUEST_URI',
|
|
'HTTP_HOST',
|
|
'SERVER_NAME',
|
|
'SERVER_PORT',
|
|
'REMOTE_ADDR',
|
|
'HTTP_X_FORWARDED_FOR',
|
|
'HTTP_X_FORWARDED_PROTO',
|
|
] as $key) {
|
|
if (!isset($_SERVER[$key])) {
|
|
$value = getenv($key);
|
|
if ($value !== false) {
|
|
$_SERVER[$key] = $value;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
public static function method(): string
|
|
{
|
|
return strtoupper((string)($_SERVER['REQUEST_METHOD'] ?? 'GET'));
|
|
}
|
|
|
|
public static function redirectNoStore(string $url): void
|
|
{
|
|
self::sendResponse(302, [
|
|
'Cache-Control' => 'no-store, private',
|
|
'Pragma' => 'no-cache',
|
|
'Referrer-Policy' => 'no-referrer',
|
|
'X-Content-Type-Options' => 'nosniff',
|
|
'Location' => $url,
|
|
], '');
|
|
exit;
|
|
}
|
|
|
|
public static function browserRedirectNoStore(string $url): void
|
|
{
|
|
self::sendResponse(200, [
|
|
'Content-Type' => 'text/html; charset=UTF-8',
|
|
'Cache-Control' => 'no-store, private',
|
|
'Pragma' => 'no-cache',
|
|
'Referrer-Policy' => 'no-referrer',
|
|
'X-Content-Type-Options' => 'nosniff',
|
|
'Content-Security-Policy' => "default-src 'none'; script-src 'unsafe-inline'; style-src 'unsafe-inline'; base-uri 'none'; form-action 'none'",
|
|
], self::redirectPageHtml($url));
|
|
exit;
|
|
}
|
|
|
|
public static function redirectPageHtml(string $url): string
|
|
{
|
|
$safeUrl = htmlspecialchars($url, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
|
|
$jsonUrl = json_encode($url, JSON_UNESCAPED_SLASHES | JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_APOS | JSON_HEX_QUOT);
|
|
if (!is_string($jsonUrl)) {
|
|
$jsonUrl = '"/"';
|
|
}
|
|
|
|
return '<!doctype html><html lang="pl"><head><meta charset="utf-8">'
|
|
. '<meta name="viewport" content="width=device-width, initial-scale=1">'
|
|
. '<meta http-equiv="refresh" content="0;url=' . $safeUrl . '">'
|
|
. '<title>Zaloguj do serwera poczty</title></head><body>'
|
|
. '<script>(function(){var target=' . $jsonUrl . ';'
|
|
. 'try{if(window.top){window.top.location.replace(target);return;}}catch(e){}'
|
|
. 'window.location.replace(target);}());</script>'
|
|
. '<p><a rel="noreferrer" href="' . $safeUrl . '">Otwórz panel poczty</a></p>'
|
|
. '</body></html>';
|
|
}
|
|
|
|
public static function errorPage(string $message, int $status): void
|
|
{
|
|
$safe = htmlspecialchars($message, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
|
|
$body = '<!doctype html><html lang="pl"><head><meta charset="utf-8">'
|
|
. '<meta name="viewport" content="width=device-width, initial-scale=1">'
|
|
. '<title>Zaloguj do serwera poczty</title></head><body>'
|
|
. '<h1>Zaloguj do serwera poczty</h1><p>' . $safe . '</p>'
|
|
. '</body></html>';
|
|
self::sendResponse($status, [
|
|
'Content-Type' => 'text/html; charset=UTF-8',
|
|
'Cache-Control' => 'no-store, private',
|
|
'Referrer-Policy' => 'no-referrer',
|
|
], $body);
|
|
exit;
|
|
}
|
|
|
|
/**
|
|
* @param array<string,string> $headers
|
|
*/
|
|
public static function rawHttpResponse(int $status, array $headers, string $body): string
|
|
{
|
|
$headers['Content-Length'] = (string)strlen($body);
|
|
$lines = ['HTTP/1.1 ' . $status . ' ' . self::reasonPhrase($status)];
|
|
foreach ($headers as $name => $value) {
|
|
$safeName = preg_replace('/[^A-Za-z0-9-]/', '', (string)$name) ?? '';
|
|
if ($safeName === '') {
|
|
continue;
|
|
}
|
|
$safeValue = str_replace(["\r", "\n"], '', (string)$value);
|
|
$lines[] = $safeName . ': ' . $safeValue;
|
|
}
|
|
return implode("\r\n", $lines) . "\r\n\r\n" . $body;
|
|
}
|
|
|
|
/**
|
|
* @param array<string,string> $headers
|
|
*/
|
|
private static function sendResponse(int $status, array $headers, string $body): void
|
|
{
|
|
if (PHP_SAPI === 'cli') {
|
|
echo self::rawHttpResponse($status, $headers, $body);
|
|
return;
|
|
}
|
|
|
|
http_response_code($status);
|
|
foreach ($headers as $name => $value) {
|
|
header($name . ': ' . $value);
|
|
}
|
|
header('Content-Length: ' . strlen($body));
|
|
echo $body;
|
|
}
|
|
|
|
private static function reasonPhrase(int $status): string
|
|
{
|
|
return match ($status) {
|
|
200 => 'OK',
|
|
302 => 'Found',
|
|
403 => 'Forbidden',
|
|
405 => 'Method Not Allowed',
|
|
500 => 'Internal Server Error',
|
|
502 => 'Bad Gateway',
|
|
default => 'OK',
|
|
};
|
|
}
|
|
}
|