package net.yacy.http.servlets;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.regex.PatternSyntaxException;
import javax.servlet.Servlet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.yacy.cora.document.encoding.UTF8;
import net.yacy.cora.document.id.DigestURL;
import net.yacy.cora.protocol.ClientIdentification;
import net.yacy.cora.protocol.Domains;
import net.yacy.cora.protocol.HeaderFramework;
import net.yacy.cora.protocol.RequestHeader;
import net.yacy.cora.protocol.ResponseHeader;
import net.yacy.cora.util.ConcurrentLog;
import net.yacy.http.ProxyHandler;
import net.yacy.kelondro.util.FileUtils;
import net.yacy.search.Switchboard;
import net.yacy.server.http.ChunkedInputStream;
import net.yacy.server.http.HTTPDProxyHandler;
import org.eclipse.jetty.continuation.Continuation;
import org.eclipse.jetty.continuation.ContinuationSupport;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.jsoup.nodes.Element;
import org.jsoup.select.Elements;
/**
* Rewrite of the url-proxy servlet (YaCyProxyServlet "/proxy.html?url=xyz")
* using different rewrite of url methode (using JSoup instead of regex for more flexibility)
* (problem with regex was to also modify http header tags, causing problems with some relative link urls
* and on included <base> header tag)
*
* Design goal of this urlproxy
* - option to handle links/urls the owner/user clicked on
* - index visited pages on the fly (without to configure a permanent "transparent" proxy
*
* For the goal and as distinguish from the "transparent" proxy we don't want (and need) to route all content
* through the proxy (e.g. we are not interested in transporting css etc. but concentrate on searcheable content.
*
* general functionallity to implement
* 1 - check user access right
* 2 - get target url from parameter
* 3 - check target url accepteable
* 4 - get target url
* 5 - index target url
* 6 - perform any custom event/treatment (for/on this user clicked url) - not implemented
* 7 - modify loaded target content (like rewrite links to get proxied)
* 8 - optionally add augmentation / interaction - not implemented
* 9 - deliver to client broser
*
* The rewrite of links can't be perfect, as all kinds of scripting etc. can be involved,
* with jsoup only the <a href /> attributes of the body are modified. What will help to display
* the page correct but will also results that e.g. with forms and javascript menues links will not
* point to the original site (instead to the proxy url)
*
* TODO: instead of using JSoup on top the (2 time parsing - for indexing & content rewrite) check option to joined parsing steps
*
* Hint: a browser favorite of
* javascript: window.location.href = ('http://localhost:9090/proxy.html?url=' + location.href);
* will start the urlproxy with the current browser address.
*
* This class is linked to YaCy within jetty using the defaults/web.xml configuration
*/
public class UrlProxyServlet extends HttpServlet implements Servlet {
private static final long serialVersionUID = 4900000000000001121L;
private String _stopProxyText = null;
@Override
public void init(ServletConfig config) throws ServletException {
super.init(config);
String tmps = config.getInitParameter("stopProxyText");
if (tmps != null) {
_stopProxyText = tmps;
}
}
/* ------------------------------------------------------------ */
@Override
public void service (ServletRequest req, ServletResponse res) throws ServletException, IOException {
final HttpServletRequest request = (HttpServletRequest) req;
final HttpServletResponse response = (HttpServletResponse) res;
// 1 - check usser access rights
if (!Switchboard.getSwitchboard().getConfigBool("proxyURL", false)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN,"proxy use not allowed. URL proxy globally switched off (see: System Administration -> Advanced Settings -> URL proxy)");
return;
}
final String remoteHost = req.getRemoteHost();
if (!Domains.isThisHostIP(remoteHost)) {
if (!proxyippatternmatch(remoteHost)) {
response.sendError(HttpServletResponse.SC_FORBIDDEN,
"proxy use not granted for IP " + remoteHost + " (see: System Administration -> Advanced Settings -> URL Proxy Access Settings -> Restrict URL proxy use filter)");
return;
}
}
if ("CONNECT".equalsIgnoreCase(request.getMethod())) {
return;
}
final Continuation continuation = ContinuationSupport.getContinuation(request);
if (!continuation.isInitial()) {
response.sendError(HttpServletResponse.SC_GATEWAY_TIMEOUT); // Need better test that isInitial
return;
}
// 2 - get target url
DigestURL proxyurl = null;
final String strUrl = request.getParameter("url");
if (strUrl == null) {
response.sendError(HttpServletResponse.SC_NOT_FOUND,"url parameter missing");
return;
}
try {
proxyurl = new DigestURL(strUrl);
} catch (final MalformedURLException e) {
proxyurl = new DigestURL(URLDecoder.decode(strUrl, StandardCharsets.UTF_8.name()));
}
if (proxyurl == null) {
response.sendError(HttpServletResponse.SC_NOT_FOUND,"url parameter missing");
return;
}
String hostwithport = proxyurl.getHost();
if (proxyurl.getPort() != -1) {
hostwithport += ":" + proxyurl.getPort();
}
// 4 - get target url
RequestHeader yacyRequestHeader = ProxyHandler.convertHeaderFromJetty(request);
yacyRequestHeader.remove(RequestHeader.KEEP_ALIVE);
yacyRequestHeader.remove(HeaderFramework.CONTENT_LENGTH);
final HashMap<String, Object> prop = new HashMap<String, Object>();
prop.put(HeaderFramework.CONNECTION_PROP_HTTP_VER, HeaderFramework.HTTP_VERSION_1_1);
prop.put(HeaderFramework.CONNECTION_PROP_DIGESTURL, proxyurl);
prop.put(HeaderFramework.CONNECTION_PROP_CLIENTIP, Domains.LOCALHOST);
prop.put(HeaderFramework.CONNECTION_PROP_CLIENT_HTTPSERVLETREQUEST, request);
// 4 & 5 get & index target url
final ByteArrayOutputStream tmpproxyout = new ByteArrayOutputStream();
HTTPDProxyHandler.doGet(prop, yacyRequestHeader, tmpproxyout, ClientIdentification.yacyProxyAgent);
// reparse header to extract content-length and mimetype
final ResponseHeader proxyResponseHeader = new ResponseHeader(200); //
InputStream proxyout = new ByteArrayInputStream(tmpproxyout.toByteArray());
String line = readLine(proxyout);
while (line != null && !line.equals("")) {
int p;
if ((p = line.indexOf(':')) >= 0) {
// store a property
proxyResponseHeader.put(line.substring(0, p).trim(), line.substring(p + 1).trim());
}
line = readLine(proxyout);
}
if (line == null) {
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,"Proxy Header missing");
return;
}
if (proxyResponseHeader.containsKey(HeaderFramework.LOCATION)) {
// rewrite location header
String location = proxyResponseHeader.get(HeaderFramework.LOCATION);
if (location.startsWith("http")) {
location = request.getServletPath() + "?url=" + location;
} else {
location = request.getServletPath() + "?url=" + proxyurl.getProtocol() + "://" + hostwithport + "/" + location;
}
response.addHeader(HeaderFramework.LOCATION, location);
}
final int httpStatus = proxyResponseHeader.getStatusCode();
final String mimeType = proxyResponseHeader.getContentType();
response.setStatus(httpStatus);
response.setContentType(mimeType);
if ((httpStatus < HttpServletResponse.SC_BAD_REQUEST) && (mimeType != null) && mimeType.startsWith("text")) {
if (proxyResponseHeader.containsKey(HeaderFramework.TRANSFER_ENCODING) && proxyResponseHeader.get(HeaderFramework.TRANSFER_ENCODING).contains("chunked")) {
proxyout = new ChunkedInputStream(proxyout);
}
// 7 - modify target content
final String servletstub = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getServletPath() + "?url=";
Document doc;
try {
doc = Jsoup.parse(proxyout, proxyResponseHeader.getCharacterEncoding(), proxyurl.toString());
} catch (IOException eio) {
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,"Proxy: parser error on " + proxyurl.toString() +"\n\n"+ eio.getMessage());
return;
}
Element bde = doc.body(); // start with body element to rewrite href links
// rewrite all href with abs proxy url (must be abs because of <base> head tag
Elements taglist = bde.getElementsByAttribute("href");
final Switchboard sb = Switchboard.getSwitchboard();
for (Element e : taglist) {
if (e.tagName().equals("a")) { // get <a> tag
String absurl = e.absUrl("href"); // get href attribut as abs url
if (absurl.startsWith("data:") || absurl.startsWith("#") || absurl.startsWith("mailto:") || absurl.startsWith("javascript:")) {
continue;
}
if (sb.getConfig("proxyURL.rewriteURLs", "all").equals("domainlist")) {
try {
if (sb.crawlStacker.urlInAcceptedDomain(new DigestURL(absurl)) != null) {
continue;
}
} catch (MalformedURLException ex) {
ConcurrentLog.fine("PROXY", "ProxyServlet: malformed url for url-rewirte " + absurl);
continue;
}
}
e.attr("href", servletstub + absurl); // rewrite with abs proxy-url
}
}
Element hd = doc.head();
if (hd != null) {
// add a base url if not exist (to make sure relative links point to original)
Elements basetags = hd.getElementsByTag("base");
if (basetags.isEmpty()) {
Element newbasetag = hd.prependElement("base");
String basestr = proxyurl.getProtocol() + "://" + hostwithport + proxyurl.getPath(); //+directory;
newbasetag.attr("href", basestr);
}
}
// 8 - add interaction elements (e.g. proxy exit button to switch back to original url)
if (_stopProxyText != null) {
String httpsAlertMsg = "";
if (proxyurl.getProtocol().equalsIgnoreCase("https") && !request.getScheme().equalsIgnoreCase("https")) httpsAlertMsg = " - <span style='color:red'>(Warning: secure target viewed over normal http)</span>";
// use a template file, to allow full servlet functionallity header as iframe included
String hdrtemplate = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + "/proxymsg/urlproxyheader.html?url=" + proxyurl.toString();
hdrtemplate = "<iframe src='" + hdrtemplate +"' width='98%' height='50px' >"
// alternative for no-frame supporting browser
+ "<div width='100%' style='padding:5px; background:white; border-bottom: medium solid lightgrey;'>"
+ "<div align='center' style='font-size:11px;'><a style='font-size:11px; color:black;' href='" + proxyurl + "'>" + _stopProxyText + "</a> "
+ httpsAlertMsg + "</div></div>"
+ "</iframe>";
bde.prepend(hdrtemplate); // put as 1st element in body
}
// 9 - deliver to client
byte[] sbb;
if (doc.charset() == null) {
sbb = UTF8.getBytes(doc.toString());
response.setCharacterEncoding(StandardCharsets.UTF_8.name());
} else { // keep orig charset
sbb = doc.toString().getBytes(doc.charset());
response.setCharacterEncoding(doc.charset().name());
}
// add some proxy-headers to response header
if (proxyResponseHeader.containsKey(HeaderFramework.SERVER)) {
response.setHeader(HeaderFramework.SERVER, proxyResponseHeader.get(HeaderFramework.SERVER));
}
if (proxyResponseHeader.containsKey(HeaderFramework.DATE)) {
response.setHeader(HeaderFramework.DATE, proxyResponseHeader.get(HeaderFramework.DATE));
}
if (proxyResponseHeader.containsKey(HeaderFramework.LAST_MODIFIED)) {
response.setHeader(HeaderFramework.LAST_MODIFIED, proxyResponseHeader.get(HeaderFramework.LAST_MODIFIED));
}
if (proxyResponseHeader.containsKey(HeaderFramework.EXPIRES)) {
response.setHeader(HeaderFramework.EXPIRES, proxyResponseHeader.get(HeaderFramework.EXPIRES));
}
response.setIntHeader(HeaderFramework.CONTENT_LENGTH, sbb.length);
response.getOutputStream().write(sbb);
} else {
if (httpStatus >= HttpServletResponse.SC_BAD_REQUEST) {
if (HeaderFramework.http1_1.containsKey(Integer.toString(httpStatus))) {
//http1_1 includes http1_0 messages
final String httpStatusText = HeaderFramework.http1_1.get(Integer.toString(httpStatus));
response.sendError(httpStatus, "Site " + proxyurl + " returned with status " + httpStatus + " (" + httpStatusText + ")");
} else {
response.sendError(httpStatus, "Site " + proxyurl + " returned with status " + httpStatus);
}
return;
}
if ((response.getHeader(HeaderFramework.CONTENT_LENGTH) == null) && prop.containsKey(HeaderFramework.CONNECTION_PROP_PROXY_RESPOND_SIZE)) {
response.setHeader(HeaderFramework.CONTENT_LENGTH, (String) prop.get(HeaderFramework.CONNECTION_PROP_PROXY_RESPOND_SIZE));
}
FileUtils.copy(proxyout, response.getOutputStream());
}
}
private String readLine(final InputStream in) throws IOException {
final ByteArrayOutputStream buf = new ByteArrayOutputStream();
int b;
while ((b = in.read()) != '\r' && b != -1) {
buf.write(b);
}
if (b == -1) {
return null;
}
b = in.read(); // read \n
if (b == -1) {
return null;
}
return buf.toString(StandardCharsets.UTF_8.name());
}
/**
* helper for proxy IP config pattern check
*/
private boolean proxyippatternmatch(final String key) {
// the cfgippattern is a comma-separated list of patterns
// each pattern may contain one wildcard-character '*' which matches anything
final String[] cfgippattern = Switchboard.getSwitchboard().getConfigArray("proxyURL.access", "*");
if (cfgippattern[0].equals("*")) {
return true;
}
for (String pattern : cfgippattern) {
try {
if (key.matches(pattern)) {
return true;
}
} catch (PatternSyntaxException ex) {
ConcurrentLog.warn("PROXY", "wrong ip pattern in url proxy config " + ex.getMessage() );
}
}
return false;
}
@Override
public String getServletInfo() {
return "YaCy Proxy Servlet";
}
}