app/Http/Controllers/ProxyMediaController.php at master · keii.dev/osu-web

keii.dev / osu-web

the browser-facing portion of osu!

osu-web / app / Http / Controllers / ProxyMediaController.php

at master 1.0 kB view raw

 1<?php
 2
 3// Copyright (c) ppy Pty Ltd <contact@ppy.sh>. Licensed under the GNU Affero General Public License v3.0.
 4// See the LICENCE file in the repository root for full licence text.
 5
 6declare(strict_types=1);
 7
 8namespace App\Http\Controllers;
 9
10class ProxyMediaController extends Controller
11{
12    private static function fromNonBrowser(): bool
13    {
14        $headers = \Request::instance()->headers;
15
16        return $headers->get('origin') === null
17            && $headers->get('referer') === null
18            && $headers->get('sec-fetch-site') === null;
19    }
20
21    public function __invoke()
22    {
23        if (!static::fromNonBrowser() && !from_app_url()) {
24            return response('Forbidden', 403);
25        }
26
27        $url = presence(get_string(\Request::input('url')));
28
29        if (!isset($url)) {
30            return response('Missing url parameter', 422);
31        }
32
33        // Tell browser to cache redirect url for a while.
34        return redirect(proxy_media($url))->header('Cache-Control', 'max-age=86400');
35    }
36}