mirror of
https://code.mensbeam.com/MensBeam/Arsse.git
synced 2024-12-23 09:02:41 +00:00
9eadd602bd
While the test suite passes, this commit yields a broken server: replacing ad hoc request objectss with PSR-7 ones is still required, as is emission of PSR-7 responses. Both will come in subsequent commits, with tests Diactoros was chosen specifically because it includes facilities for emitting responses, something which is awkward to test. The end of this refactoring should see both the Response and Request classes disappear, and the general REST class fully covered (as well as any speculative additions to AbstractHanlder).
34 lines
1.2 KiB
PHP
34 lines
1.2 KiB
PHP
<?php
|
|
/** @license MIT
|
|
* Copyright 2017 J. King, Dustin Wilson et al.
|
|
* See LICENSE and AUTHORS files for details */
|
|
|
|
declare(strict_types=1);
|
|
namespace JKingWeb\Arsse\REST\TinyTinyRSS;
|
|
|
|
use JKingWeb\Arsse\Arsse;
|
|
use Zend\Diactoros\Response\EmptyResponse as Response;
|
|
|
|
class Icon extends \JKingWeb\Arsse\REST\AbstractHandler {
|
|
public function __construct() {
|
|
}
|
|
|
|
public function dispatch(\JKingWeb\Arsse\REST\Request $req): \Psr\Http\Message\ResponseInterface {
|
|
if ($req->method != "GET") {
|
|
// only GET requests are allowed
|
|
return new Response(405, ['Allow' => "GET"]);
|
|
} elseif (!preg_match("<^(\d+)\.ico$>", $req->url, $match) || !((int) $match[1])) {
|
|
return new Response(404);
|
|
}
|
|
$url = Arsse::$db->subscriptionFavicon((int) $match[1]);
|
|
if ($url) {
|
|
// strip out anything after literal line-end characters; this is to mitigate a potential header (e.g. cookie) injection from the URL
|
|
if (($pos = strpos($url, "\r")) !== false || ($pos = strpos($url, "\n")) !== false) {
|
|
$url = substr($url, 0, $pos);
|
|
}
|
|
return new Response(301, ['Location' => $url]);
|
|
} else {
|
|
return new Response(404);
|
|
}
|
|
}
|
|
}
|