| [ Index ] |
|
Code source de PHProxy 0.5b2 |
1 PHProxy Source Code README 2 _____________________________________________________________________ 3 4 Source Code Version 0.5b2 - January 20th 2007 5 Latest Version: http://www.sourceforge.net/projects/poxy/ 6 7 Copyright 2002-2007 Abdullah Arif 8 9 10 Contact 11 _____________________________________________________________________ 12 13 Email: phproxy.support@gmail.com 14 Website: http://whitefyre.com/ 15 16 17 Support and Bug Reports 18 _____________________________________________________________________ 19 20 http://whitefyre.com/forums/ 21 phproxy.support@gmail.com 22 23 24 Table of Contents 25 _____________________________________________________________________ 26 27 1. License 28 2. What is PHProxy? 29 3. How it Works 30 4. Requirements 31 5. Installation 32 6. Configurable Script Variables 33 7. Available Options 34 8. Disclaimer 35 9. Bugs and Limitations 36 10. ChangeLog, FAQ, TODO, LICENSE, Bugs, Limitations 37 11. Credits 38 39 40 1. License 41 _____________________________________________________________________ 42 43 This source code is released under the GPL. 44 A copy of the license in provided in this package in the file 45 named LICENSE.txt 46 47 48 2. What is PHProxy? 49 _____________________________________________________________________ 50 51 52 PHProxy is a web HTTP proxy 53 designed to bypass proxy restrictions through 54 a web interface very similar to the popular CGIProxy 55 (http://www.jmarshall.com/tools/cgiproxy/). For example, in my 56 university, the IT department blocks a lot of harmless websites 57 simply because of their popularity. So I use this porgram to access 58 those websites. The only thing that PHProxy needs is a web server 59 with PHP installed (see Requirements below). 60 Be aware though, that the sever has to be able to access those 61 resources to deliver them to you. 62 63 64 65 3. How it Works 66 _____________________________________________________________________ 67 68 You simply supply a URL to the form and click Browse. The script then 69 accesses that URL, and if it has any HTML contents, it modifies 70 any URLs so that they point back to the script. Of course, there is more 71 to it than this, but if you would like to know more in 72 detail, view the source code. 73 Comments have yet to be added. 74 75 76 4. Requirements 77 _____________________________________________________________________ 78 79 - PHP version >= 4.2.0 80 - safe_mode turned off or at least having the fsockopen() function not disabled 81 - PHP version >= 4.3.0 and OpenSSL for support for secure connections (https) 82 - Zlib for output compression 83 - file_uploads turned On for HTTP file uploads. 84 85 86 5. Installation 87 _____________________________________________________________________ 88 89 Simply upload these files to a directory of your liking (prefrebly in its own directory): 90 91 - index.php 92 - index.inc.php 93 - style.css 94 95 You can rename index.php without any problems, but not index.inc.php. 96 97 A good idea is to change these PHP settings in your php.ini file 98 or for instance Apache's httpd.conf or per directory .htaccess files: 99 100 - register_globals = Off (safer for your script) 101 - magic_quotes_gpc = Off (avoids unnecessary, slow stripslashing in the script) 102 - always_populate_raw_post_data = Off (no need for this extraneous data) 103 - zlib.output_compression = On (to enable output compression, better than doing it inside the script) 104 105 Your script will still function normally without these settings though. 106 107 All you need to do now is to access index.php and start browsing! 108 109 110 6. Configurable Script Variables 111 _____________________________________________________________________ 112 113 These variables are available at the beginning of the index.php file: 114 115 - $_config: 116 ___________ 117 118 url_var_name: name of the variable the contains the url 119 to be passed to the script. default: 'q' 120 flags_var_name: name of the variables the contains the flags 121 to be passed to the script. default: 'hl' 122 get_form_name: name of the GET forms in case they were 123 passed through the proxy. 124 default: '____pgfa' 125 basic_auth_var_name: name of the variable when prompted for Basic 126 authentication. default: '____pbavn' 127 max_file_size: maximum file size in BYTES that can be 128 downloaded through the proxy. 129 Use -1 for unlimited. default: -1 130 allow_hotlinking: whether to allow hotlinking or not. 131 default is not unless in $_hotlink_domains. 132 default:0 133 upon_hotlink: what to do if a website hotlinks through your 134 proxy. Possible values: 135 - 1: show the URL form (homepage) 136 - 2: issue a HTTP 404 Not Found error 137 - any web address which the user will be 138 redirected to (e.g. goatse pic) 139 default: 1 140 compress_output: whether to use gzip compression or not. 141 This may or may not work depending on whether 142 your PHP installation has Zlib loaded, and 143 whether the user's browser supports gzip 144 content encoding. Turn this on if you're 145 worried about bandwidth. This might be a 146 bit taxing on your server if you have any kind of 147 substantial traffic. It is also better to enable 148 output compression through php.ini than here. 149 default: 0 150 151 152 - $_flags: 153 __________ 154 155 This array contains the default values for the browsing options which 156 are explained in section 7. 157 158 159 - $_frozen_flags: 160 _________________ 161 162 When a flag is frozen, it is no longer shown in the URL forms, and the 163 user won't be able to change its value. A frozen flag will always 164 assume its value given in $_flags. This is useful for forcing 165 a specific URL encoding, or forcing the mini URL form to always be 166 there for instance. 167 0 is for not frozen. 1 is for frozen. default: all are unfrozen. 168 169 170 - $_labels: 171 ___________ 172 173 The labels on flags. 174 175 176 - $_hosts: 177 __________ 178 179 Each entry in this array is a seperate piece of regular expression 180 code that is matched against the host part of the currently browsed URL. 181 If it evaluates to true, the user will not be allowed to access 182 that URL. 183 The first default entry contains the regular expression for private 184 networks which are not supposed to be shown on the Internet. 185 186 187 - $_hotlink_domains: 188 ____________________ 189 190 This array holds entries of domain names which are allowed to hotlink 191 through your proxy when allow_hotlinking is 0. 192 193 To allow "example.com" and "example2.com" to hotlink: 194 195 $_hotlink_domains = array('example.com', 'example2.com'); 196 197 You don't need to include the "www" part as it is automatically 198 accounted for. Your website's domain name is also automatically included 199 in this array. 200 201 202 - $_insert: 203 ___________ 204 205 This does nothing yet. 206 207 208 7. Available Options 209 _____________________________________________________________________ 210 211 These options are available to you through the web interface. 212 You can also edit the default values in the $_flags in index.php 213 Values can either be 1 (true) or 0 (false). 214 215 +-------------------------------------------------------------------+ 216 | Option | Explanation | 217 +-------------------------------------------------------------------+ 218 | Include Form | Includes a mini URL-form on every HTML page for | 219 | | easier browsing. | 220 | Remove Scripts | Remove all sorts of client-side scripting | 221 | | (i.e. JavaScript). Removal is not perfect. Some | 222 | | scripts might slip by here and there. | 223 | Accept Cookies | Accept HTTP cookies | 224 | Show Images | Show images. You might want to turn this off if | 225 | | you want to save your server's bandwith. | 226 | Show Referer | Show referring website in HTTP headers. This | 227 | | will show the base URL for the website you're | 228 | | currently viewing. Because many website disable | 229 | | HotLinking, this can be quite useful. | 230 | Rotate13 | Use rotate13 encoding on the URL. * | 231 | Base64 | Use base64 encoding on the URL. * | 232 | Strip Meta | Strip meta HTML tags | 233 | Strip Title | Strip Website title | 234 | Session Cookies| Store cookies for this current session only | 235 +-------------------------------------------------------------------+ 236 237 * only one type of encoding will be used even if both are selected 238 239 240 8. Disclaimer 241 _____________________________________________________________________ 242 243 Since this script basically bypasses restrictions that were imposed 244 on you, using it might be illegal in your country, school, office, 245 or whatever. Even your host might not allow you to run it. Use it at 246 your own risk. I will not be responsible for any damages done or any 247 harm that might result from using this script. 248 249 250 251 9. Bugs and Limitations 252 _____________________________________________________________________ 253 254 PHP is retarded by nature, and as such, some problems arise that 255 would have not if this script were otherwise coded in another programming 256 language. The first example of this is dots in incoming variable names 257 from POST and GET. In a normal programming language, this wouldn't be 258 a problem as these variables could be accessed normally as they are 259 supplied, with dots included. In PHP, however, dots in GET, POST, and 260 COOKIE variable names are magically transformed into underscores 261 because of the stupid shit that is register_globals. Things like Yahoo! 262 Mail which has dots in variable names will not work. There's no easy way 263 around this, but luckily, I have provided the solutions right here: 264 265 1. I've already taken care of cookies by manually transforming 266 the underscores manually into dots when needed. 267 2. For GET variables, this shouldn't be a huge problem since the URLs 268 are URL-encoded into the url_var_name. The only time this should be 269 an issue is when a GET form uses dots in input names, and this could 270 be recitified by using $_SERVER['QUERY_STRING'], and parsing that 271 variable. But this, luckily, doesn't happen too often. 272 3. As for POST data, one solution is to use $HTTP_RAW_POST_DATA. But then, 273 this variable might not be available in certain PHP configurations, 274 and it would need further parsing, and it still doesn't account 275 for uploaded FILES. This is extremely impractical and ugly. 276 277 The best thing you could do if you have enough control over your Web server 278 and can compile custom builds of PHP is to delete a single line in a PHP source 279 code file called "php_variables.c" located in the "main" directory. 280 The function in question is called "php_register_variable_ex". I've only checked 281 this with PHP v4.4.4 and the exact line to delete is 117th line which basically 282 consists of this: 283 284 case '.': 285 286 Now just compile and install PHP and everything should be fine. Just make 287 sure that you have register_globals off or something might get messed up. 288 I've done this on my demo install on http://grab.cc/ and it's working 289 flawlessly. 290 291 292 Another problem facing many Web proxies is support for JavaScript. 293 Currently, therse is no such thing in PHProxy 0.5 but hopefully basic 294 support will be introduced for version 0.6. The best thing you could do 295 right now is to have the JavaScript disabled on your browsing options 296 as most sites degrade gracefully, such as Gmail. 297 298 A third limitation for Web proxies is content accessed from within proxied 299 Flash and Java applications and such. Since the proxy script doesn't have access 300 to the source code of these applications, the links which they may decide 301 to stream or access will not be proxified. There's no easy solution for this 302 right now. 303 304 PHProxy also doesn't support FTP. This may or may not be introduced 305 in future releases, but there are no current plans for FTP support. 306 307 308 10. ChangeLog, TODO, LICENSE 309 _____________________________________________________________________ 310 311 Refer to the accompanying files. 312 313 314 315 11. Credits 316 _____________________________________________________________________ 317 318 James Marshall (http://www.jmarshall.com/) for his excellent CGIProxy 319 script which was a high inspiration and guide for me. The HTML 320 modification section is based off his script. 321 322 Also massive thanks to everyone who emailed me or posted on forums bugs, 323 suggestions, and feedback. I really appreciate it. 324
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Tue Nov 20 19:39:29 2007 | par Balluche grâce à PHPXref 0.7 |
|