Basic whitelist domain implementation

2022-04-28 09:02:59 +02:00 · 2022-04-28 09:02:59 +02:00 · 90215a488f
parent 87857bab47
commit 90215a488f
2 changed files with 11 additions and 1 deletions
--- a/config-sample.php
+++ b/config-sample.php
@ -7,3 +7,5 @@ define('CONFIG_TYPE', 'ergol');
 // See ergol.json description on
 // https://codeberg.org/adele.work/ergol#configuration-ergol-json
 define('CONFIG_PATH', __DIR__."/../ergol.json");
+
+define('WHITELIST_DOMAINS_PATH', __DIR__.'/whitelist_domains.txt');
--- a/index.php
+++ b/index.php
@ -131,6 +131,8 @@ if(strpos($_SERVER['HTTP_HOST'],':')!==false)
 else
 	$capsule = strtolower($_SERVER['HTTP_HOST']);

+$whitelist_domains = explode("\n", file_get_contents(WHITELIST_DOMAINS_PATH));
+
 $response = false;
 $response_code = 0;
 $body = false;
@ -356,6 +358,7 @@ exit;

 function gmi2html($capsule, $body, $lang, $urlgem, $favicon)
 {
+	global $whitelist_domains;
 	if(isset($_SERVER['REQUEST_SCHEME'])) {
 		$scheme = $_SERVER['REQUEST_SCHEME'];
 	}
@ -437,7 +440,12 @@ function gmi2html($capsule, $body, $lang, $urlgem, $favicon)
 					$lines[] = '<a href="'.str_replace('gemini://'.$capsule,$scheme.'://'.$_SERVER['HTTP_HOST'], $link[0]).'">'.htmlentities(empty($link[1])?rawurldecode($link[0]):$link[1])."</a>";
 				}
 				else if(str_starts_with($link[0], 'gemini://')) {
-					$lines[] = '<a href="/?qx='.urlencode($link[0]).'">'.htmlentities(empty($link[1])?rawurldecode($link[0]):$link[1])."</a>";
+					$link_domain = parse_url($link[0], PHP_URL_HOST);
+					if(in_array($link_domain, $whitelist_domains))
+						$link_href = str_replace('gemini://','http://',$link[0]);
+					else
+						$link_href = '/?qx='.urlencode($link[0]);
+					$lines[] = '<a href="'.$link_href.'">'.htmlentities(empty($link[1])?rawurldecode($link[0]):$link[1])."</a>";
 				}
 				else {
 					$lines[] = '<a href="'.$link[0].'">'.htmlentities(empty($link[1])?rawurldecode($link[0]):$link[1])."</a>";