From 6c8213d2176b6760a8080ad292dae72f0fc68767 Mon Sep 17 00:00:00 2001
From: Fil <fil@rezo.net>
Date: Wed, 31 Oct 2018 20:38:47 +0000
Subject: [PATCH] ajout de flipboardproxy comme _IS_BOT_FRIEND et refactoring
 de la grosse regexp sous forme de liste ; je remets aussi owlin a sa place
 dans l'ordre alphabetique

---
 config/ecran_securite.php | 163 +++++++++++++++++++++++++++++++++++---
 1 file changed, 150 insertions(+), 13 deletions(-)

diff --git a/config/ecran_securite.php b/config/ecran_securite.php
index e734a486f0..867da38dcf 100644
--- a/config/ecran_securite.php
+++ b/config/ecran_securite.php
@@ -5,7 +5,7 @@
  * ------------------
  */
 
-define('_ECRAN_SECURITE', '1.3.7'); // 2018-10-13
+define('_ECRAN_SECURITE', '1.3.8'); // 2018-10-31
 
 /*
  * Documentation : http://www.spip.net/fr_article4200.html
@@ -33,23 +33,160 @@ if (!defined('_IS_BOT') and isset($_GET['var_isbot'])){
 if (!defined('_IS_BOT')){
 	define('_IS_BOT',
 		isset($_SERVER['HTTP_USER_AGENT'])
-		and preg_match(
-		// mots generiques
-			',bot|slurp|crawler|spider|webvac|yandex|'
-			// MSIE 6.0 est un botnet 99,9% du temps, on traite donc ce USER_AGENT comme un bot
-			. 'MSIE 6\.0|'
-			// UA plus cibles
-			. '200please|80legs|a6-indexer|aboundex|accoona|addthis|adressendeutschland|alexa|altavista|analyticsseo|archive|aspseek|baidu|begunadvertising|bingpreview|bloglines|browsershots|bubing|butterfly|changedetection|charlotte|chilkat|china|coccoc|crowsnest|dataminr|daumoa|dlweb|ec2linkfinder|estyle|ezooms|facebookexternalhit|facebookplatform|fairshare|feedfetcher|feedfetcher-google|feedly|fetch|flipboardproxy|genieo|google|grapeshot|hatena-useragent|head|hosttracker|hubspot|ia_archiver|ichiro|iltrovatore-setaccio|immediatenet|ina|infegyatlas|infohelfer|instapaper|jabse|james|kumkie|linkdex|linkfluence|linkwalker|litefinder|loadimpactpageanalyzer|luminate|lycos|lycosa|mediapartners-google|msai|najdi|netcraftsurveyagent|netestate|netseer|nuhk|panscient|parsijoo|plukkie|proximic|qirina|qualidator|rambler|readability|sbsearch|scooter|scrapy|scrubby|scrubbybloglines|shareaholic|shopwiki|sistrix|sitechecker|siteexplorer|sogou|special_archiver|speedy|spinn3r|spreadtrum|steeler|subscriber|suma|superdownloads|svenska-webbsido|teoma|thumbshots|tineye|trendiction|tweetedtimes|tweetmeme|uaslinkchecker|undrip|unwindfetchor|vedma|vkshare|vm|wch|webalta|webcookies|webthumbnail|wesee|wise-guys|woko|wotbox|y!j-bri|y!j-bro|y!j-brw|y!j-bsc|yahoo|yahoo!|yahooysmcm|yats|yeti|zeerch|owlin'
-			. ',i', (string)$_SERVER['HTTP_USER_AGENT'])
+		and preg_match(','
+		. array(
+			// mots generiques
+			'bot',
+			'slurp',
+			'crawler',
+			'spider',
+			'webvac',
+			'yandex',
+			'MSIE 6\.0', // botnet 99,9% du temps
+			// UA plus cibles 
+			'200please',
+			'80legs',
+			'a6-indexer',
+			'aboundex',
+			'accoona',
+			'addthis',
+			'adressendeutschland',
+			'alexa',
+			'altavista',
+			'analyticsseo',
+			'archive',
+			'aspseek',
+			'baidu',
+			'begunadvertising',
+			'bingpreview',
+			'bloglines',
+			'browsershots',
+			'bubing',
+			'butterfly',
+			'changedetection',
+			'charlotte',
+			'chilkat',
+			'china',
+			'coccoc',
+			'crowsnest',
+			'dataminr',
+			'daumoa',
+			'dlweb',
+			'ec2linkfinder',
+			'estyle',
+			'ezooms',
+			'facebookexternalhit',
+			'facebookplatform',
+			'fairshare',
+			'feedfetcher',
+			'feedfetcher-google',
+			'feedly',
+			'fetch',
+			'flipboardproxy',
+			'genieo',
+			'google',
+			'grapeshot',
+			'hatena-useragent',
+			'head',
+			'hosttracker',
+			'hubspot',
+			'ia_archiver',
+			'ichiro',
+			'iltrovatore-setaccio',
+			'immediatenet',
+			'ina',
+			'infegyatlas',
+			'infohelfer',
+			'instapaper',
+			'jabse',
+			'james',
+			'kumkie',
+			'linkdex',
+			'linkfluence',
+			'linkwalker',
+			'litefinder',
+			'loadimpactpageanalyzer',
+			'luminate',
+			'lycos',
+			'lycosa',
+			'mediapartners-google',
+			'msai',
+			'najdi',
+			'netcraftsurveyagent',
+			'netestate',
+			'netseer',
+			'nuhk',
+			'panscient',
+			'parsijoo',
+			'plukkie',
+			'proximic',
+			'owlin',
+			'qirina',
+			'qualidator',
+			'rambler',
+			'readability',
+			'sbsearch',
+			'scooter',
+			'scrapy',
+			'scrubby',
+			'scrubbybloglines',
+			'shareaholic',
+			'shopwiki',
+			'sistrix',
+			'sitechecker',
+			'siteexplorer',
+			'sogou',
+			'special_archiver',
+			'speedy',
+			'spinn3r',
+			'spreadtrum',
+			'steeler',
+			'subscriber',
+			'suma',
+			'superdownloads',
+			'svenska-webbsido',
+			'teoma',
+			'thumbshots',
+			'tineye',
+			'trendiction',
+			'tweetedtimes',
+			'tweetmeme',
+			'uaslinkchecker',
+			'undrip',
+			'unwindfetchor',
+			'vedma',
+			'vkshare',
+			'vm',
+			'wch',
+			'webalta',
+			'webcookies',
+			'webthumbnail',
+			'wesee',
+			'wise-guys',
+			'woko',
+			'wotbox',
+			'y!j-bri',
+			'y!j-bro',
+			'y!j-brw',
+			'y!j-bsc',
+			'yahoo',
+			'yahoo!',
+			'yahooysmcm',
+			'yats',
+			'yeti',
+			'zeerch'
+		).join('|') . ',i',
+		(string)$_SERVER['HTTP_USER_AGENT'])
 	);
 }
 if (!defined('_IS_BOT_FRIEND')){
 	define('_IS_BOT_FRIEND',
 		isset($_SERVER['HTTP_USER_AGENT'])
-		and preg_match(','
-			// UA plus cibles
-			. 'facebookexternalhit'
-			. ',i', (string)$_SERVER['HTTP_USER_AGENT'])
+		and preg_match(',' . array(
+			'facebookexternalhit',
+			'flipboardproxy'
+		).join('|') . ',i',
+		(string)$_SERVER['HTTP_USER_AGENT'])
 	);
 }
 
-- 
GitLab