#!/usr/bin/perl -wT # WARNING # THIS SCRIPT IS VULNERABLE TO XSS ATTACKS # If you use this on your site, be careful not to have anything on # your entire domain that cares about being hit by an XSS attack. # content-type-proxy: A script to serve a remote resource with a # different content type # # Copyright (c) 2002 by Ian Hickson # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA use strict; # be anal about stuff use diagnostics; # enable fuller diagnostics of warnings use CGI; # oh yeah, this is a CGI script use LWP::UserAgent; # which reads web pages my $query = CGI->new(); my $uri = $query->param('uri'); my $type = $query->param('type'); if (($ENV{HTTP_ORIGIN} eq 'https://software.hixie.ch/') and defined($uri) && defined($type)) { sleep 5; # discourage use my $ua = LWP::UserAgent->new(); $ua->protocols_allowed(['http', 'https']); warn "content-type-proxy: fetching '$uri'\n"; my $request = HTTP::Request->new(GET => $uri); #print "Content-Base: $uri\n"; #print "Content-Location: $uri\n"; print "Content-Type: $type\n\n"; print $ua->request($request)->content; } else { print < Content-Type Proxy

Content-Type Proxy

Location:

Content-Type:

eof }