Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue With Website Security Checks #7

Open
LeeThompson opened this issue Mar 10, 2023 · 5 comments
Open

Issue With Website Security Checks #7

LeeThompson opened this issue Mar 10, 2023 · 5 comments
Labels
enhancement New feature or request

Comments

@LeeThompson
Copy link
Contributor

LeeThompson commented Mar 10, 2023
edited
Loading

There is a problem if one of the "need to review the security of your connection" checks comes up when get-fav is attempting to find icons.

Unfortunately, I don't think this is fixable (other than trying again or hoping the API catches things) using cURL.

Some of this may be user agent related, will try to see if some sites are happy enough with the default cURL user agent.

Will look into some possible solutions.
@gaffling
Copy link
Owner

Mabe better use:

curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36');

than

curl_setopt($ch, CURLOPT_USERAGENT, getGlobal('curl_useragent'));

The getGlobal('curl_useragent') function is likely to return a generic user agent that may be out of date or not contain all the required information.

@gaffling gaffling added the enhancement New feature or request label May 19, 2023
@LeeThompson
Copy link
Contributor Author

LeeThompson commented May 19, 2023
edited
Loading

curl_useragent is set earlier via a command line switch so it can be whatever it needs to be. (I'm actually changing it to http_usergent internally since I'm having the non-curl route be able to change the string as well.)

It defaults to FaviconBot/1.0 or FaviconBot/1.0 (+http://'.$_SERVER['SERVER_NAME'].'/

Anyway you can have it use the one you specified with:
--user-agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36" switch when invoking get-fav.php

@LeeThompson
Copy link
Contributor Author

LeeThompson commented May 19, 2023
edited
Loading

Hmm this seems to be an issue with exif_imagetype as well, fortunately the user agent can be set.
Now if user-agent is set on the command line switch, php's user agent will be temporarily set as well.

Example:
https://pcpartpicker.com/favicon-32x32.png will cause exif_imagetype to return false if php's user agent is not set because it gets a 403 forbidden.

@LeeThompson
Copy link
Contributor Author

I guess the big question is, should we set the user agent to something like "Mozilla/5.0..." by default?

@LeeThompson LeeThompson mentioned this issue May 19, 2023
Open
39 tasks
@LeeThompson
Copy link
Contributor Author

In my branch, the default user agent is now defined near the beginning so someone could change it there. Soon it will be able to be set in an ini file.

define('DEFAULT_USER_AGENT', "FaviconBot/1.0/");

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@LeeThompson @gaffling