ÿØÿà JFIF    ÿÛ „  ( %"1!%)+...383,7(-.+  -+++--++++---+-+-----+---------------+---+-++7-----ÿÀ  ß â" ÿÄ     ÿÄ H    !1AQaq"‘¡2B±ÁÑð#R“Ò Tbr‚²á3csƒ’ÂñDS¢³$CÿÄ   ÿÄ %  !1AQa"23‘ÿÚ   ? ôÿ ¨pŸªáÿ —åYõõ\?àÒü©ŠÄï¨pŸªáÿ —åYõõ\?àÓü©ŠÄá 0Ÿªáÿ Ÿå[úƒ ú®ði~TÁbqÐ8OÕpÿ ƒOò¤Oè`–RÂáœá™êi€ßÉ< FtŸI“öÌ8úDf´°å}“¾œ6  öFá°y¥jñÇh†ˆ¢ã/ÃÐ:ªcÈ "Y¡ðÑl>ÿ ”ÏËte:qž\oäŠe÷󲍷˜HT4&ÿ ÓÐü6ö®¿øþßèô Ÿ•7Ñi’•j|“ñì>b…þS?*Óôÿ ÓÐü*h¥£ír¶ü UãSç‚Ÿ[AÐaè[ûª•õ&õj?†Éö+EzP—WeÒírJFt ‘BŒ†Ï‡%#tE Øz ¥OÛ«!1›üä±Í™%ºÍãö]°î(–:@<‹ŒÊö×òÆt¦ãº+‡¦%ÌÁ²h´OƒJŒtMÜ>ÀÜÊw3Y´•牋4ǍýʏTì>œú=Íwhyë,¾Ôò×õ¿ßÊa»«þˆѪQ|%6ž™A õ%:øj<>É—ÿ Å_ˆCbõ¥š±ý¯Ýƒï…¶|RëócÍf溪“t.СøTÿ *Ä¿-{†çàczůŽ_–^XþŒ±miB[X±d 1,é”zEù»& î9gœf™9Ð'.;—™i}!ôšåîqêÛ٤ёý£½ÆA–àôe"A$˝Úsäÿ ÷Û #°xŸëí(l »ý3—¥5m! rt`†0~'j2(]S¦¦kv,ÚÇ l¦øJA£Šƒ J3E8ÙiŽ:cÉžúeZ°€¯\®kÖ(79«Ž:¯X”¾³Š&¡* ….‰Ž(ÜíŸ2¥ª‡×Hi²TF¤ò[¨íÈRëÉ䢍mgÑ.Ÿ<öäS0í„ǹÁU´f#Vß;Õ–…P@3ío<ä-±»Ž.L|kªÀê›fÂ6@»eu‚|ÓaÞÆŸ…¨ááå>åŠ?cKü6ùTÍÆ”†sĤÚ;H2RÚ†õ\Ö·Ÿn'¾ ñ#ºI¤Å´%çÁ­‚â7›‹qT3Iï¨ÖÚ5I7Ë!ÅOóŸ¶øÝñØôת¦$Tcö‘[«Ö³šÒ';Aþ ¸èíg A2Z"i¸vdÄ÷.iõ®§)¿]¤À†–‡É&ä{V¶iŽ”.Ó×Õÿ û?h¬Mt–íª[ÿ Ñÿ ÌV(í}=ibÔ¡›¥¢±b Lô¥‡piη_Z<‡z§èŒ)iÖwiÇ 2hÙ3·=’d÷8éŽ1¦¸c¤µ€7›7Ø ð\á)} ¹fËí›pAÃL%âc2 í§æQz¿;T8sæ°qø)QFMð‰XŒÂ±N¢aF¨…8¯!U  Z©RÊ ÖPVÄÀÍin™Ì-GˆªÅËŠ›•zË}º±ŽÍFò¹}Uw×#ä5B¤{î}Ð<ÙD é©¤&‡ïDbàÁôMÁ.. namespace core\local\guzzle; use core\files\curl_security_helper_base; use GuzzleHttp\Exception\RequestException; use Psr\Http\Message\RequestInterface; use GuzzleHttp\Promise\PromiseInterface; /** * Class to check request against curl security helper. * * @package core * @copyright 2022 Andrew Lyons * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class check_request { /** @var curl_security_helper_base The helper to use */ protected $securityhelper; /** @var array The settings for the request */ protected $settings; /** * Initial setup for the request. * * @param array $settings * @return callable */ public static function setup(array $settings): callable { return static function (callable $handler) use ($settings): self { return new self($handler, $settings); }; } /** * The following handler. * * @var callable(RequestInterface, array): PromiseInterface */ private $nexthandler; /** * Check request constructor. * * @param callable $next The following handler * @param array $settings The settings of the request */ public function __construct(callable $next, array $settings) { $this->nexthandler = $next; $this->settings = $settings; } /** * Set the security according to the settings. * * @param curl_security_helper_base $securityhelper The security helper to use * @return void */ protected function set_security(curl_security_helper_base $securityhelper): void { $this->securityhelper = $securityhelper; } /** * Curl security setup. * * @param RequestInterface $request The request interface * @param array $options The options from the request * @return PromiseInterface */ public function __invoke(RequestInterface $request, array $options): PromiseInterface { global $USER; $fn = $this->nexthandler; $settings = $this->settings; if (!empty($settings['ignoresecurity'])) { return $fn($request, $options); } // Curl security setup. Allow injection of a security helper, but if not found, default to the core helper. if (isset($settings['securityhelper']) && $settings['securityhelper'] instanceof \core\files\curl_security_helper_base) { $this->set_security($settings['securityhelper']); } else { $this->set_security(new \core\files\curl_security_helper()); } if ($this->securityhelper->url_is_blocked((string) $request->getUri())) { $msg = $this->securityhelper->get_blocked_url_string(); debugging( sprintf('Blocked %s [user %d]', $msg, $USER->id), DEBUG_NONE ); throw new RequestException($msg, $request); } return $fn($request, $options); } }