johnfmorton/proxy-for-partytown.php

## proxy-for-partytown.php
<?php

/**
 * About this script:
 * This proxy was built with PartyTown.js in mind. https://github.com/BuilderIO/partytown
 * Partytown is a lazy-loaded library to help relocate resource intensive scripts into a
 * web worker, and off of the main thread.
 * Many third-party scripts already provide the correct CORS headers, but not all do.
 * For services that do not add the correct headers, then a reverse proxy to another domain must be used in order to provide the CORS headers.
 * see: https://github.com/BuilderIO/partytown/wiki/Proxying-Requests
 *
 * This script has only been tested on PHP 8.0
 *
 * @author John Morton
 * @since 1.0
 * @version 1.0
 * @license http://www.opensource.org/licenses/mit-license.php The MIT License
 *
 */

// Replace with the URL of the site you want to allow to proxy with this service
$whitelist = 'https://proxy.example.com/';

// Note that you will also need to add a header to proxy.example.com to allow
// the site that is calling out to the proxy (i.e. https://example.com)
// to have access headers to avoid CORS errors
// In an NGINX.config, that would look like this:
// add_header 'Access-Control-Allow-Origin' 'https://example.com';

// Function to log to a file for debugging
function myLogger(string $message)
{

  // Replace with the path to the log file
  $pathToFile = '../proxy-details.log';

  // check file size and if it is too large, 1 meg = 1000000, delete it
  if (file_exists($pathToFile) && filesize($pathToFile) > 1000000) {
    unlink($pathToFile);
  }

  // if file doesn't exist, create it
  if (!file_exists($pathToFile)) {
    $file = fopen($pathToFile, 'w');
    fclose($file);
  }

  $dataToLog = array(
    date("Y-m-d H:i:s"), //Date and time
    $message
  );
  $data = implode(" - ", $dataToLog);
  $data .= PHP_EOL;
  file_put_contents($pathToFile, $data, FILE_APPEND);
}

// Check that a http_referer is set
if (!isset($_SERVER['HTTP_REFERER'])) {
  myLogger('No HTTP_REFERER');
  header('HTTP/1.0 403 Forbidden');
  exit;
}

// Check that the http_referer is on the whitelist
if ($_SERVER['HTTP_REFERER'] != $whitelist) {
  myLogger('Incorrect HTTP_REFERER: ' . $_SERVER['HTTP_REFERER']);
  header('HTTP/1.0 403 Forbidden');
  exit;
}

// get url parameter
$url = $_GET['url'];

// santize url
$url = filter_var($url, FILTER_SANITIZE_URL);

// confirm that url is valid
if (filter_var($url, FILTER_VALIDATE_URL) === false) {
  myLogger('Not a valid url: ' . $url);
  echo "URL is not valid";
} else {
  // get the url
  $urlcontent = file_get_contents($url);

  if ($urlcontent !== false and !empty($urlcontent)) {
    myLogger('Success: ' . $url);
    echo $urlcontent;
  } else {
    myLogger('No content retrieved for url: ' . $url);
  }
}
	<?php

	/**
	* About this script:
	* This proxy was built with PartyTown.js in mind. https://github.com/BuilderIO/partytown
	* Partytown is a lazy-loaded library to help relocate resource intensive scripts into a
	* web worker, and off of the main thread.
	* Many third-party scripts already provide the correct CORS headers, but not all do.
	* For services that do not add the correct headers, then a reverse proxy to another domain must be used in order to provide the CORS headers.
	* see: https://github.com/BuilderIO/partytown/wiki/Proxying-Requests
	*
	* This script has only been tested on PHP 8.0
	*
	* @author John Morton
	* @since 1.0
	* @version 1.0
	* @license http://www.opensource.org/licenses/mit-license.php The MIT License
	*
	*/

	// Replace with the URL of the site you want to allow to proxy with this service
	$whitelist = 'https://proxy.example.com/';

	// Note that you will also need to add a header to proxy.example.com to allow
	// the site that is calling out to the proxy (i.e. https://example.com)
	// to have access headers to avoid CORS errors
	// In an NGINX.config, that would look like this:
	// add_header 'Access-Control-Allow-Origin' 'https://example.com';

	// Function to log to a file for debugging
	function myLogger(string $message)
	{

	// Replace with the path to the log file
	$pathToFile = '../proxy-details.log';

	// check file size and if it is too large, 1 meg = 1000000, delete it
	if (file_exists($pathToFile) && filesize($pathToFile) > 1000000) {
	unlink($pathToFile);
	}

	// if file doesn't exist, create it
	if (!file_exists($pathToFile)) {
	$file = fopen($pathToFile, 'w');
	fclose($file);
	}

	$dataToLog = array(
	date("Y-m-d H:i:s"), //Date and time
	$message
	);
	$data = implode(" - ", $dataToLog);
	$data .= PHP_EOL;
	file_put_contents($pathToFile, $data, FILE_APPEND);
	}

	// Check that a http_referer is set
	if (!isset($_SERVER['HTTP_REFERER'])) {
	myLogger('No HTTP_REFERER');
	header('HTTP/1.0 403 Forbidden');
	exit;
	}

	// Check that the http_referer is on the whitelist
	if ($_SERVER['HTTP_REFERER'] != $whitelist) {
	myLogger('Incorrect HTTP_REFERER: ' . $_SERVER['HTTP_REFERER']);
	header('HTTP/1.0 403 Forbidden');
	exit;
	}

	// get url parameter
	$url = $_GET['url'];

	// santize url
	$url = filter_var($url, FILTER_SANITIZE_URL);

	// confirm that url is valid
	if (filter_var($url, FILTER_VALIDATE_URL) === false) {
	myLogger('Not a valid url: ' . $url);
	echo "URL is not valid";
	} else {
	// get the url
	$urlcontent = file_get_contents($url);

	if ($urlcontent !== false and !empty($urlcontent)) {
	myLogger('Success: ' . $url);
	echo $urlcontent;
	} else {
	myLogger('No content retrieved for url: ' . $url);
	}
	}