diff options
| author | kj_sh604 | 2026-03-01 19:07:42 -0500 |
|---|---|---|
| committer | kj_sh604 | 2026-03-01 19:07:42 -0500 |
| commit | 41fa7fe9ed84c4b8989f622fb532722b7f39ad72 (patch) | |
| tree | c0cff2582ae6bfa4f06a699dc13e4210d76c318f /src/font.php | |
| parent | a181069363b19274f65e36e69b172e7063647c1e (diff) | |
refactor: src/
Diffstat (limited to 'src/font.php')
| -rw-r--r-- | src/font.php | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/src/font.php b/src/font.php new file mode 100644 index 0000000..de39569 --- /dev/null +++ b/src/font.php @@ -0,0 +1,44 @@ +<?php +/* font.php — serve font files from the server's font directories */ + +$encoded = $_GET['f'] ?? ''; +if (empty($encoded)) { + http_response_code(400); + exit('Missing parameter'); +} + +$file = base64_decode($encoded, true); +if ($file === false || !file_exists($file)) { + http_response_code(404); + exit('Font not found'); +} + +$real = realpath($file); +$allowed = ['/usr/share/fonts', '/usr/local/share/fonts']; +$ok = false; + +foreach ($allowed as $dir) { + if (str_starts_with($real, $dir)) { + $ok = true; + break; + } +} + +if (!$ok) { + http_response_code(403); + exit('Access denied'); +} + +$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); +$mime = match ($ext) { + 'ttf' => 'font/ttf', + 'otf' => 'font/otf', + 'woff' => 'font/woff', + 'woff2' => 'font/woff2', + default => 'application/octet-stream', +}; + +header("Content-Type: $mime"); +header('Cache-Control: public, max-age=31536000, immutable'); +header('Content-Length: ' . filesize($file)); +readfile($file); |