diff options
| author | kj_sh604 | 2026-03-16 13:53:01 -0400 |
|---|---|---|
| committer | kj_sh604 | 2026-03-16 13:53:01 -0400 |
| commit | ecb13bb1343d14a7b42a55ee12ae0c15a575975f (patch) | |
| tree | c7a9fd8bdb5ebe367f59151549056d2c77a507e4 | |
| parent | 28e41c18d5391a49a66f05042601c918456dadc0 (diff) | |
refactor: src/font.php
| -rw-r--r-- | src/font.php | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/src/font.php b/src/font.php deleted file mode 100644 index d12ceb8..0000000 --- a/src/font.php +++ /dev/null @@ -1,50 +0,0 @@ -<?php -/* font.php — serve font files from the server's font directories */ - -$encoded = $_GET['f'] ?? ''; -if (empty($encoded)) { - http_response_code(400); - exit('Missing parameter'); -} - -$file = base64_decode($encoded, true); -if ($file === false || !file_exists($file)) { - http_response_code(404); - exit('Font not found'); -} - -$real = realpath($file); -$allowed = ['/usr/share/fonts', '/usr/local/share/fonts']; - -foreach (glob('/home/*', GLOB_ONLYDIR) as $home) { - $allowed[] = $home . '/.local/share/fonts'; - $allowed[] = $home . '/.fonts'; -} - -$ok = false; - -foreach ($allowed as $dir) { - if (str_starts_with($real, realpath($dir) ?: $dir)) { - $ok = true; - break; - } -} - -if (!$ok) { - http_response_code(403); - exit('Access denied'); -} - -$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); -$mime = match ($ext) { - 'ttf' => 'font/ttf', - 'otf' => 'font/otf', - 'woff' => 'font/woff', - 'woff2' => 'font/woff2', - default => 'application/octet-stream', -}; - -header("Content-Type: $mime"); -header('Cache-Control: public, max-age=31536000, immutable'); -header('Content-Length: ' . filesize($file)); -readfile($file); |