Last active
February 24, 2024 18:29
-
-
Save iovar/9091078 to your computer and use it in GitHub Desktop.
Simple PHP Proxy Script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* Warning! Read and use at your own risk! | |
* | |
* This tiny proxy script is completely transparent and it passes | |
* all requests and headers without any checking of any kind. | |
* The same happens with JSON data. They are simply forwarded. | |
* | |
* This is just an easy and convenient solution for the AJAX | |
* cross-domain request issue, during development. | |
* No sanitization of input is made either, so use this only | |
* if you are sure your requests are made correctly and | |
* your urls are valid. | |
* | |
*/ | |
$method = $_SERVER['REQUEST_METHOD']; | |
if ($_GET && $_GET['url']) { | |
$headers = getallheaders(); | |
$headers_str = []; | |
$url = $_GET['url']; | |
foreach ( $headers as $key => $value){ | |
if($key == 'Host') | |
continue; | |
$headers_str[]=$key.":".$value; | |
} | |
$ch = curl_init($url); | |
curl_setopt($ch,CURLOPT_URL, $url); | |
if( $method !== 'GET') { | |
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method); | |
} | |
if($method == "PUT" || $method == "PATCH" || ($method == "POST" && empty($_FILES))) { | |
$data_str = file_get_contents('php://input'); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_str); | |
//error_log($method.': '.$data_str.serialize($_POST).'\n',3, 'err.log'); | |
} | |
elseif($method == "POST") { | |
$data_str = array(); | |
if(!empty($_FILES)) { | |
foreach ($_FILES as $key => $value) { | |
$full_path = realpath( $_FILES[$key]['tmp_name']); | |
$data_str[$key] = '@'.$full_path; | |
} | |
} | |
//error_log($method.': '.serialize($data_str+$_POST).'\n',3, 'err.log'); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_str+$_POST); | |
} | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
curl_setopt( $ch, CURLOPT_HTTPHEADER, $headers_str ); | |
$result = curl_exec($ch); | |
curl_close($ch); | |
header('Content-Type: application/json'); | |
echo $result; | |
} | |
else { | |
echo $method; | |
var_dump($_POST); | |
var_dump($_GET); | |
$data_str = file_get_contents('php://input'); | |
echo $data_str; | |
} |
I am getting an error: https://gyazo.com/80e0842acee6393bda87553cd94405c9
This is my code: https://hastebin.com/xunemiyaha.xml
WARNING There is standing MY IP for sequrity reasons, but i see only this for my own ip whats wrong?!
Is there such an example for post requests?
This script is here since 2014. In the meantime I completely forgot it exists, and I can't really provide any support for it.
I haven't worked with PHP for at least 6-7 years :)
Here is a working code:
<?php
// Get the URL of the server to proxy requests to
$proxy_url = "https://example.com/";
// Get the path from the query string
$path = $_GET['path'];
// Construct the full URL to request
$url = $proxy_url . $path;
// Initialize a CURL session
$ch = curl_init($url);
// Set request method
$request_method = $_SERVER['REQUEST_METHOD'];
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $request_method);
// Check if it's a POST, PUT, or PATCH request and set appropriate options
if ($request_method === 'POST' || $request_method === 'PUT' || $request_method === 'PATCH') {
// Forward POST data
$post_data = file_get_contents('php://input');
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
}
// Get request headers
$headers = [];
foreach (getallheaders() as $name => $value) {
$headers[] = $name . ': ' . $value;
}
// Set headers in CURL
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// Set other CURL options
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Execute the request
$response = curl_exec($ch);
// Check for errors
if(curl_error($ch)) {
// If there's an error, output it
echo 'Error: ' . curl_error($ch);
}
// Close CURL session
curl_close($ch);
// Output the response
echo $response;
?>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks a million!
@linxlad's additions are a must, especially for the response code!
@realtinymonster; I had the same - use
curl_setopt($ch, CURLOPT_ENCODING, '');
before sending the request. This implementation doesn't handle gzip encoding properly. See info here for an explanation: https://stackoverflow.com/questions/21910607/php-curl-returning-strange-characters