From 9d5e40c8fdca37b9451a2e1e1242d58d447d33fc Mon Sep 17 00:00:00 2001 From: =?utf8?q?Tim=20D=C3=BCsterhus?= Date: Tue, 14 Jul 2020 17:26:48 +0200 Subject: [PATCH] Add support for font families to getFont.php --- wcfsetup/install/files/font/getFont.php | 102 ++++++++++++++---------- 1 file changed, 59 insertions(+), 43 deletions(-) diff --git a/wcfsetup/install/files/font/getFont.php b/wcfsetup/install/files/font/getFont.php index bfcf0b88d2..258ca313db 100644 --- a/wcfsetup/install/files/font/getFont.php +++ b/wcfsetup/install/files/font/getFont.php @@ -19,49 +19,65 @@ $types = [ 'woff2' => 'font/woff2' // the specs at http://dev.w3.org/webfonts/WOFF2/spec/ are not perfectly clear, but font/woff2 seems to be the most sane one and is currently used by Google Fonts ]; -if (!empty($_GET['type'])) { - // get parameters - $type = $_GET['type']; - $font = (!empty($_GET['font']) ? basename($_GET['font']) : 'fontawesome-webfont'); - - if (isset($types[$type])) { - if (file_exists($font . '.' . $type)) { - $filename = $font . '.' . $type; - $filemtime = filemtime($filename); - - $etag = '"' . md5($filemtime . $filename) . '"'; - $clientEtag = (!empty($_SERVER['HTTP_IF_NONE_MATCH'])) ? trim($_SERVER['HTTP_IF_NONE_MATCH']) : ''; - $clientLastModified = (!empty($_SERVER['HTTP_IF_MODIFIED_SINCE'])) ? trim($_SERVER['HTTP_IF_MODIFIED_SINCE']) : 0; - $clientLastModified = @strtotime($clientLastModified); - - // ignore request if client seems to already have fetched this file - if (($clientLastModified && $clientEtag) ? (($clientLastModified == $filemtime) && ($clientEtag == $etag)) : ($clientLastModified == $filemtime) ) { - header("HTTP/1.1 304 Not Modified"); - exit; - } - - $data = file_get_contents($filename); - - // send cache and type headers - // allow font fetching from all domains (CORS) - header('Access-Control-Allow-Origin: *'); - header('Content-Type: ' . $types[$type]); - header('Cache-Control: max-age=31536000, public'); - header('ETag: ' . $etag); - header('Expires: ' . gmdate("D, d M Y H:i:s", time() + 31536000) . ' GMT'); - header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $filemtime) . ' GMT'); - header('Content-Length: ' . strlen($data)); - - die($data); - } - - header("HTTP/1.1 400 Bad Request"); - die("Invalid font '" . htmlentities($font) . "' given"); - } - +function badRequest($reason) { header("HTTP/1.1 400 Bad Request"); - die("Invalid type '" . htmlentities($type) . "' given"); + header("Content-Type: text/plain"); + die($reason); +} + +function notFound($reason = "Unable to find font.") { + header("HTTP/1.1 404 Not Found"); + header("Content-Type: text/plain"); + die($reason); +} + +if (empty($_GET['filename'])) { + if (empty($_GET['type'])) { + badRequest('Neither filename nor type is given.'); + } + $filename = (!empty($_GET['font']) ? basename($_GET['font']) : 'fontawesome-webfont').'.'.$_GET['type']; +} +else { + $filename = __DIR__.'/'; + if (!empty($_GET['family'])) { + $filename .= 'families/'.basename($_GET['family']).'/'; + } + $filename .= $_GET['filename']; } -header("HTTP/1.1 400 Bad Request"); -die("Missing type parameter"); +$type = pathinfo($filename, PATHINFO_EXTENSION); + +if (!isset($types[$type])) { + badRequest('Invalid type given.'); +} + +if (!is_readable($filename)) { + notFound(); +} + +$filemtime = filemtime($filename); + +$etag = '"' . md5($filemtime . $filename) . '"'; +$clientEtag = (!empty($_SERVER['HTTP_IF_NONE_MATCH'])) ? trim($_SERVER['HTTP_IF_NONE_MATCH']) : ''; +$clientLastModified = (!empty($_SERVER['HTTP_IF_MODIFIED_SINCE'])) ? trim($_SERVER['HTTP_IF_MODIFIED_SINCE']) : 0; +$clientLastModified = @strtotime($clientLastModified); + +// ignore request if client seems to already have fetched this file +if (($clientLastModified && $clientEtag) ? (($clientLastModified == $filemtime) && ($clientEtag == $etag)) : ($clientLastModified == $filemtime) ) { + header("HTTP/1.1 304 Not Modified"); + exit; +} + +$data = file_get_contents($filename); + +// send cache and type headers +// allow font fetching from all domains (CORS) +header('Access-Control-Allow-Origin: *'); +header('Content-Type: ' . $types[$type]); +header('Cache-Control: max-age=31536000, public'); +header('ETag: ' . $etag); +header('Expires: ' . gmdate("D, d M Y H:i:s", time() + 31536000) . ' GMT'); +header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $filemtime) . ' GMT'); +header('Content-Length: ' . strlen($data)); + +die($data); -- 2.20.1