hypejunction/http-parser 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

hypejunction/http-parser

Composer 安装命令:

composer require hypejunction/http-parser

包简介

A tool for scraping URL resources (oEmbed, OpenGraph, Twitter cards, JSON-LD)

README 文档

README

CI

Parses HTTP resources into serializable arrays of oEmbed-like metatags.

Features

  • Parses HTTP resources into oEmbed-like arrays of metatags
  • Extracts OpenGraph, Twitter card, JSON-LD (schema.org), <link>, <meta> and <img> data
  • Discovers and resolves oEmbed endpoints (JSON and XML)
  • Handy for rendering URL cards / link previews

Requirements

  • PHP 8.1+
  • Guzzle 7

Installation

composer require hypejunction/http-parser

Usage

require __DIR__ . '/vendor/autoload.php';

$client = new \GuzzleHttp\Client([
	'headers' => [
		'User-Agent' => 'MyApp LinkPreview/1.0 (+https://myapp.example)',
	],
	'timeout' => 5,
	'connect_timeout' => 5,
]);

$parser = new \hypeJunction\Parser($client);

$data = $parser->parse('https://example.com/some/page');

Options

$parser = new \hypeJunction\Parser($client, [
	// Maximum number of bytes read from a response body (default: 2 MB)
	'max_body_length' => 2097152,

	// URL schemes the parser is allowed to fetch (default: http, https)
	'allowed_schemes' => ['http', 'https'],

	// Allow requests to private/reserved IP ranges (default: false — see SECURITY.md)
	'allow_private_hosts' => false,

	// Maximum number of <img> tags verified with an HTTP request per document (default: 10)
	'max_image_checks' => 10,

	// Maximum number of discovered oEmbed endpoints fetched per document (default: 3)
	'max_oembed_fetches' => 3,

	// Maximum number of redirects to follow; each target is re-validated (default: 5)
	'max_redirects' => 5,

	// Extra Guzzle request options merged into every request
	'request_options' => [],
], $logger); // optional PSR-3 logger

Security

Fetching user-supplied URLs is dangerous by nature. The parser blocks private/reserved networks, re-validates redirects, and caps response sizes by default, but you must still:

  • Escape everything you render. All returned values are attacker-controlled strings. Only render the oEmbed html field for an explicit allowlist of trusted providers, ideally in a sandboxed iframe.
  • Keep TLS verification on. Never pass 'verify' => false to Guzzle.
  • Consider an egress proxy or IP pinning at the HTTP-client layer if DNS rebinding is in your threat model.

See SECURITY.md for the full threat model.

Sample Output

{
	"url": "https://soundcloud.com/phobosrecords/maksim-light-pulse",
	"canonical": "https://soundcloud.com/phobosrecords/maksim-light-pulse",
	"oembed_url": "https://soundcloud.com/oembed?url=https%3A%2F%2Fsoundcloud.com%2Fphobosrecords%2Fmaksim-light-pulse&format=json",
	"icons": [
		"https://a-v2.sndcdn.com/assets/images/sc-icons/favicon-2cadd14b.ico"
	],
	"metatags": {
		"og:site_name": "SoundCloud",
		"og:type": "soundcloud:sound",
		"og:url": "https://soundcloud.com/phobosrecords/maksim-light-pulse",
		"twitter:title": "PHS014: Maksim Dark & Light Breath - Finger Pulse (Original Mix)",
		"twitter:card": "audio"
	},
	"tags": ["record", "sounds", "share", "sound", "audio", "tracks", "music", "soundcloud"],
	"provider_name": "SoundCloud",
	"description": "Stream PHS014: Maksim Dark & Light Breath - Finger Pulse (Original Mix) by Phobos Records",
	"title": "PHS014: Maksim Dark & Light Breath - Finger Pulse (Original Mix) by Phobos Records",
	"thumbnails": [
		"https://i1.sndcdn.com/artworks-000145456354-01w756-t500x500.jpg"
	],
	"type": "rich",
	"version": "1",
	"width": "100%",
	"height": "400",
	"html": "<iframe width=\"100%\" height=\"400\" scrolling=\"no\" frameborder=\"no\" src=\"https://w.soundcloud.com/player/?visual=true&url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F244902712&show_artwork=true\"></iframe>",
	"author_name": "Phobos Records",
	"author_url": "https://soundcloud.com/phobosrecords",
	"provider_url": "http://soundcloud.com",
	"thumbnail_url": "http://i1.sndcdn.com/artworks-000145456354-01w756-t500x500.jpg"
}

Development

composer install
composer test      # PHPUnit
composer analyse   # PHPStan

hypejunction/http-parser 适用场景与选型建议

hypejunction/http-parser 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 5.11k 次下载、GitHub Stars 达 5, 最近一次更新时间为 2016 年 02 月 08 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「oembed」 「JSON-LD」 「scraper」 「open graph」 「card」 「twitter tags」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 hypejunction/http-parser 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 hypejunction/http-parser 我们能提供哪些服务?
定制开发 / 二次开发

基于 hypejunction/http-parser 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 5.11k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 6
  • 点击次数: 6
  • 依赖项目数: 3
  • 推荐数: 0

GitHub 信息

  • Stars: 5
  • Watchers: 3
  • Forks: 3
  • 开发语言: PHP

其他信息

  • 授权协议: GPL-2.0-only
  • 更新时间: 2016-02-08