Facebook and Google+ has both a great feature: Image preview. When you write in URL of your web, images are taken and you can select between them - it's done with proxy script.
My question is - Is there a way to reproduce same behavior BUT prevent users to insert links to big files which are expected to be HTML files? Proxy script could look like this
<?php
$contents = file_get_contents($_GET['url']); //problem is on this line - When $_GET['url'] is url to 5GB file, it will try to download it - How could I prevent it?
$images = preg_match_all('~img src="(.*?)"~', $contents, $images);
if ($images){
echo json_encode($images[1]);
else
die('[]');
Issue a HEAD request, which is basically a GET but does not transfer any of the file's contents. You can then extract the Content-length header and see how much data you WOULD be fetching had it been a GET.
However, note that nothing prevents a malicious user from serving up two different sets of data - "this image is 10k" via 'head', and then serving up a terabyte of data via 'get'. It'd waste their bandwidth as well as yours, but it is possible.