tumuyan
commented
5 years ago It seems to be useful . But why not been merged?
Closed daanggc closed 5 years ago
tumuyan
commented
5 years ago It seems to be useful . But why not been merged?
joshdick
commented
5 years ago @daancart2quote Thanks for the PR, but this approach seems flawed to me, so I'm closing it.
JavaScript has no language guarantee that the literal string src="something" appearing anywhere in a script means that something is a URL that should be proxied. You could try to do things like validate whether the value is actually a URL, but that doesn't address the underlying problem. HTML does have this guarantee, so you can always assume the value of src in the current page's HTML is actually a URL that should be proxied.
Furthermore, even if we ignore this JavaScript issue, using an actual parser is always preferred to using regular expressions as a makeshift parser. That's why miniProxy itself uses DOMDocument::loadHTML to parse HTML and read specific tags/atttributes/etc from it.
Added some base proxification of src attributes in JS (script tag and JS files)
Also added proxification of the 'onerror' attribute in image objects. As any on(change|click|error) contain JS this can use the function that was created for the JS proxification and solves some placeholder image JS issues. (Where the onerror attribute is used to replace an image that failed to load)