From 31e3aafbd7e5aec05a31fc421d6f5e7bde805bed Mon Sep 17 00:00:00 2001
From: Pablo Ferreiro <pferreiromero@gmail.com>
Date: Wed, 5 Jan 2022 20:16:50 +0100
Subject: [PATCH] Check if domain is valid dynamically

---
 helpers/domains.php | 17 -----------------
 routes/assets.php   | 33 +++++++++++++++++++++------------
 routes/index.php    |  2 +-
 3 files changed, 22 insertions(+), 30 deletions(-)
 delete mode 100644 helpers/domains.php

diff --git a/helpers/domains.php b/helpers/domains.php
deleted file mode 100644
index df5e953..0000000
--- a/helpers/domains.php
+++ /dev/null
@@ -1,17 +0,0 @@
-<?php
-$domains = [
-    "image" => [
-        "p16-sign-va.tiktokcdn.com",
-        "p16-sign-sg.tiktokcdn.com",
-        "p77-sign-va.tiktokcdn.com",
-        "p77-sign-sg.tiktokcdn.com",
-        "p77-sign-sg-lite.tiktokcdn.com"
-    ],
-    "video" => [
-        "v16-webapp.tiktok.com"
-    ],
-    "audio" => [
-        "sf16-ies-music-va.tiktokcdn.com",
-        "sf77-ies-music-va.tiktokcdn.com"
-    ],
-];
diff --git a/routes/assets.php b/routes/assets.php
index 337c146..7e578a4 100644
--- a/routes/assets.php
+++ b/routes/assets.php
@@ -1,15 +1,26 @@
 <?php
-require __DIR__ . "/../helpers/domains.php";
 use Steampixel\Route;
 
-Route::add('/images', function () use ($domains) {
+/**
+ * Check if an url has a valid domain
+ * @param string $url URL you want to check
+ * @return bool
+ */
+function isValidDomain(string $url): bool {
+    $valid_domains = [
+        "tiktokcdn.com", "tiktokcdn-us.com", "tiktok.com"
+    ];
+    $host = parse_url($url, PHP_URL_HOST);
+    $host_split = explode('.', $host);
+    return count($host_split) === 3 && in_array($host_split[1] . '.' . $host_split[2], $valid_domains);
+}
+
+Route::add('/images', function () {
     if (!isset($_GET['url'])) {
 		die('You need to send a url!');
 	}
     $url = $_GET['url'];
-    $host = parse_url($url, PHP_URL_HOST);
-
-    if (!filter_var($url, FILTER_VALIDATE_URL) || !in_array($host, $domains['image'])) {
+    if (!filter_var($url, FILTER_VALIDATE_URL) || !isValidDomain($url)) {
         die('Not a valid URL');
     }
     $img = file_get_contents($url, false, stream_context_create(['http' => ['ignore_errors' => true]]));
@@ -21,13 +32,13 @@ Route::add('/images', function () use ($domains) {
     }
 });
 
-Route::add('/audios', function () use ($domains) {
+Route::add('/audios', function () {
     if (!isset($_GET['url'])) {
 		die('You need to send a url!');
 	}
     $url = $_GET['url'];
-    $host = parse_url($url, PHP_URL_HOST);
-    if (!filter_var($url, FILTER_VALIDATE_URL) || !in_array($host, $domains['audio'])) {
+
+    if (!filter_var($url, FILTER_VALIDATE_URL) || !isValidDomain($url)) {
         die('Not a valid URL');
     }
     $audio = file_get_contents($url, false, stream_context_create(['http' => ['ignore_errors' => true]]));
@@ -39,15 +50,13 @@ Route::add('/audios', function () use ($domains) {
     }
 });
 
-Route::add('/stream', function () use ($domains) {
+Route::add('/stream', function () {
 	if (!isset($_GET['url'])) {
 		die('You need to send a url!');
 	}
 
     $url = $_GET['url'];
-    $host = parse_url($url, PHP_URL_HOST);
-
-    if (!filter_var($url, FILTER_VALIDATE_URL) || !in_array($host, $domains['video'])) {
+    if (!filter_var($url, FILTER_VALIDATE_URL) || !isValidDomain($url)) {
         die('Not a valid URL');
     }
 
diff --git a/routes/index.php b/routes/index.php
index 622db55..8c6c8a4 100644
--- a/routes/index.php
+++ b/routes/index.php
@@ -4,7 +4,7 @@ require __DIR__ . '/settings.php';
 require __DIR__ . "/../helpers/settings_elements.php";
 use Steampixel\Route;
 
-// - ROUTING HELPERS - //
+// -- ROUTING HELPERS -- //
 function getApi(array $proxy_elements): \Sovit\TikTok\Api {
     $options = [];
     // Proxy config