Google OpenSocial Gadgets Proxy

Posted 2011-02-09 | archive

Just found Google's most generous proxy service.

Some core code (in Java):

protected void setResponseContentHeaders(HttpResponseBuilder response, HttpResponse results) {
  // We're skipping the content disposition header for flash due to an issue with Flash player 10
  // This does make some sites a higher value phishing target, but this can be mitigated by
  // additional referer checks.
  if (!isFlash(response.getHeader("Content-Type"), results.getHeader("Content-Type"))) {
    response.setHeader("Content-Disposition", "attachment;filename=p.txt");
  }
  if (results.getHeader("Content-Type") == null) {
    response.setHeader("Content-Type", "application/octet-stream");
  }
}

private static final String FLASH_CONTENT_TYPE = "application/x-shockwave-flash";

/**
 * Test for presence of flash
 *
 * @param responseContentType the Content-Type header from the HttpResponseBuilder
 * @param resultsContentType the Content-Type header from the HttpResponse
 * @return true if either content type matches that of Flash
 */
private boolean isFlash(String responseContentType, String resultsContentType) {
  return StringUtils.startsWithIgnoreCase(responseContentType, FLASH_CONTENT_TYPE)
      || StringUtils.startsWithIgnoreCase(resultsContentType, FLASH_CONTENT_TYPE);
}

Or PHP version:

$isShockwaveFlash = false;

foreach ($cleanedResponseHeaders as $key => $val) {
  header("$key: $val", true);
  if (strtoupper($key) == 'CONTENT-TYPE' && strtolower($val) == 'application/x-shockwave-flash') {
    // We're skipping the content disposition header for flash due to an issue with Flash player 10
    // This does make some sites a higher value phishing target, but this can be mitigated by
    // additional referer checks.
    $isShockwaveFlash = true;
  }
}
if (! $isShockwaveFlash && !Config::get('debug')) {
  header('Content-Disposition: attachment;filename=p.txt');
}

Here is what a proxy request looks like:

GET / HTTP/1.1
User-Agent: Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)
X-shindig-dos: on
Cache-Control: no-cache, no-store
Host: xxx.xxx.xxx
X-Forwarded-For: xxx.xxx.xxx.xxx
Accept-Encoding: gzip

One more note, you can use &rewriteMime=image/*& in your request to modify MIME.

Comments