forked from electricdusk/rushlink
Format errors with HTML
This commit is contained in:
Daan Sprenkels
240
handlers.go
240
handlers.go
@@ -10,10 +10,15 @@ import (
|
||||
"crypto/subtle"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"html/template"
|
||||
"io"
|
||||
"log"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"regexp"
|
||||
"runtime/debug"
|
||||
"sort"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
"unicode"
|
||||
@@ -36,6 +41,11 @@ type StoredPaste struct {
|
||||
TimeCreated time.Time
|
||||
}
|
||||
|
||||
type HTMLPage struct {
|
||||
Title string
|
||||
Content string
|
||||
}
|
||||
|
||||
const (
|
||||
TypePaste PasteType = iota
|
||||
TypeRedirect
|
||||
@@ -55,8 +65,16 @@ var ReservedPasteKeys [][]byte = [][]byte{[]byte("xd42"), []byte("example")}
|
||||
var base64Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"
|
||||
var base64Encoder = base64.NewEncoding(base64Alphabet).WithPadding(base64.NoPadding)
|
||||
|
||||
// Page contents
|
||||
var indexContents = MustAsset("assets/index.txt")
|
||||
// Asset contents
|
||||
var layoutContents = string(MustAsset("assets/layout.html"))
|
||||
var indexContents = string(MustAsset("assets/index.txt"))
|
||||
|
||||
// Templates
|
||||
var HtmlTemplate = template.Must(template.New("layout").Parse(layoutContents))
|
||||
|
||||
var acceptHeaderMediaRangeRegex = regexp.MustCompile(`^\s*([^()<>@,;:\\"/\[\]?.=]+)/([^()<>@,;:\\"/\[\]?.=]+)\s*$`)
|
||||
var acceptHeaderAcceptParamsRegex = regexp.MustCompile(`^\s*(\w+)=([A-Za-z0-9.-])\s*$`)
|
||||
var acceptHeaderWeight = regexp.MustCompile(`^\s*q=0(?:\.([0-9]{0,3}))|1(?:\.0{0,3})\s*$`)
|
||||
|
||||
func (t PasteType) String() (string, error) {
|
||||
switch t {
|
||||
@@ -81,36 +99,30 @@ func (t PasteState) String() (string, error) {
|
||||
}
|
||||
|
||||
func indexGetHandler(w http.ResponseWriter, r *http.Request) {
|
||||
_, err := w.Write(indexContents)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
page := HTMLPage{Title: "rushlink", Content: indexContents}
|
||||
RenderPage(w, r, page)
|
||||
}
|
||||
|
||||
func indexPostHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if err := r.ParseMultipartForm(50 * 1000 * 1000); err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
fmt.Fprintf(w, "Internal server error: %v\n", err)
|
||||
log.Printf("error: %v\n", err)
|
||||
msg := fmt.Sprintf("internal server error: %v\n", err)
|
||||
RenderError(w, r, http.StatusInternalServerError, msg)
|
||||
return
|
||||
}
|
||||
|
||||
// Determine what kind of post this is, currently only `shorten=...`
|
||||
if len(r.PostForm) == 0 {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
var buf []byte
|
||||
r.Body.Read(buf)
|
||||
io.WriteString(w, "empty body in POST request\n")
|
||||
RenderError(w, r, http.StatusBadRequest, "empty body in POST request\n")
|
||||
return
|
||||
}
|
||||
shorten_values, prs := r.PostForm["shorten"]
|
||||
if !prs {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
io.WriteString(w, "no 'shorten' param supplied\n")
|
||||
RenderError(w, r, http.StatusBadRequest, "no 'shorten' param supplied\n")
|
||||
return
|
||||
}
|
||||
if len(shorten_values) != 1 {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
io.WriteString(w, "only one 'shorten' param is allowed per request\n")
|
||||
RenderError(w, r, http.StatusBadRequest, "only one 'shorten' param is allowed per request\n")
|
||||
return
|
||||
}
|
||||
|
||||
@@ -138,30 +150,29 @@ func pasteGetHandlerInner(w http.ResponseWriter, r *http.Request, noRedirect, sh
|
||||
storedPaste, err = getURL(tx, []byte(key))
|
||||
return err
|
||||
}); err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
log.Printf("error: %v\n", err)
|
||||
fmt.Fprintf(w, "internal server error: %v\n", err)
|
||||
msg := fmt.Sprintf("internal server error: %v\n", err)
|
||||
RenderError(w, r, http.StatusInternalServerError, msg)
|
||||
return
|
||||
}
|
||||
if storedPaste == nil {
|
||||
w.WriteHeader(http.StatusNotFound)
|
||||
fmt.Fprintf(w, "url key not found in the database\n")
|
||||
RenderError(w, r, http.StatusNotFound, "url key not found in the database\n")
|
||||
return
|
||||
}
|
||||
|
||||
if showMeta {
|
||||
typeString, err := storedPaste.Type.String()
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
log.Printf("error: %v\n", err)
|
||||
fmt.Fprintf(w, "internal server error: %v\n", err)
|
||||
msg := fmt.Sprintf("internal server error: %v\n", err)
|
||||
RenderError(w, r, http.StatusInternalServerError, msg)
|
||||
return
|
||||
}
|
||||
stateString, err := storedPaste.State.String()
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
log.Printf("error: %v\n", err)
|
||||
fmt.Fprintf(w, "internal server error: %v\n", err)
|
||||
msg := fmt.Sprintf("internal server error: %v\n", err)
|
||||
RenderError(w, r, http.StatusInternalServerError, msg)
|
||||
return
|
||||
}
|
||||
isOwner := "no"
|
||||
@@ -185,21 +196,23 @@ func pasteGetHandlerInner(w http.ResponseWriter, r *http.Request, noRedirect, sh
|
||||
rawurl := string(storedPaste.Content)
|
||||
urlParse, err := url.Parse(rawurl)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
log.Printf("error: invalid URL ('%v') in database for key '%v': %v\n", rawurl, storedPaste.Key, err)
|
||||
fmt.Fprintf(w, "internal server error: invalid url in database\n")
|
||||
msg := fmt.Sprintf("internal server error: invalid url in database\n")
|
||||
RenderError(w, r, http.StatusInternalServerError, msg)
|
||||
return
|
||||
}
|
||||
http.Redirect(w, r, urlParse.String(), http.StatusSeeOther)
|
||||
}
|
||||
w.Write(storedPaste.Content)
|
||||
case StateDeleted:
|
||||
w.WriteHeader(http.StatusGone)
|
||||
fmt.Fprintf(w, "key has been deleted\n")
|
||||
RenderError(w, r, http.StatusGone, "paste has been deleted\n")
|
||||
return
|
||||
default:
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
log.Printf("error: invalid storedPaste.State (%v) for key '%v'\n", storedPaste.State, storedPaste.Key)
|
||||
fmt.Fprintf(w, "internal server error: invalid storedPaste.State (%v\n)", storedPaste.State)
|
||||
msg := fmt.Sprintf("internal server error: invalid storedPaste.State (%v)\n", storedPaste.State)
|
||||
RenderError(w, r, http.StatusInternalServerError, msg)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
@@ -207,18 +220,18 @@ func shortenPostHandler(w http.ResponseWriter, r *http.Request) {
|
||||
rawurl := r.PostForm.Get("shorten")
|
||||
userURL, err := url.ParseRequestURI(rawurl)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
fmt.Fprintf(w, "invalid url (%v): %v\n", err, rawurl)
|
||||
msg := fmt.Sprintf("invalid url (%v): %v\n", err, rawurl)
|
||||
RenderError(w, r, http.StatusBadRequest, msg)
|
||||
return
|
||||
}
|
||||
if userURL.Scheme == "" {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
fmt.Fprintf(w, "invalid url (unspecified scheme)\n", rawurl)
|
||||
msg := fmt.Sprintf("invalid url (unspecified scheme)\n", rawurl)
|
||||
RenderError(w, r, http.StatusBadRequest, msg)
|
||||
return
|
||||
}
|
||||
if userURL.Host == "" {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
fmt.Fprintf(w, "invalid url (unspecified host)\n", rawurl)
|
||||
msg := fmt.Sprintf("invalid url (unspecified host)\n", rawurl)
|
||||
RenderError(w, r, http.StatusBadRequest, msg)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -237,23 +250,30 @@ func shortenPostHandler(w http.ResponseWriter, r *http.Request) {
|
||||
storedPaste = sp
|
||||
return err
|
||||
}); err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
log.Printf("error: %v\n", err)
|
||||
fmt.Fprintf(w, "internal server error: %v\n", err)
|
||||
msg := fmt.Sprintf("internal server error: %v\n", err)
|
||||
RenderError(w, r, http.StatusInternalServerError, msg)
|
||||
return
|
||||
}
|
||||
|
||||
saveURL, err := r.URL.Parse(string(storedPaste.Key))
|
||||
if err != nil {
|
||||
log.Printf("error: %v\n", errors.Wrap(err, "parsing url"))
|
||||
err = errors.Wrap(err, "parsing url")
|
||||
log.Printf("error: %v\n", err)
|
||||
msg := fmt.Sprintf("internal server error: %v\n", err)
|
||||
RenderError(w, r, http.StatusInternalServerError, msg)
|
||||
return
|
||||
}
|
||||
var base64OwnerToken = make([]byte, 24)
|
||||
base64Encoder.Encode(base64OwnerToken, storedPaste.OwnerToken[:])
|
||||
|
||||
w.WriteHeader(http.StatusOK)
|
||||
fmt.Fprintf(w, "URL saved at %v\n", saveURL)
|
||||
isNotPrint := func(r rune) bool { return !unicode.IsPrint(r) }
|
||||
fmt.Fprintf(w, "Owner key is %s\n", strings.TrimRightFunc(string(base64OwnerToken), isNotPrint))
|
||||
ownerKey := strings.TrimRightFunc(string(base64OwnerToken), isNotPrint)
|
||||
page := HTMLPage{
|
||||
Title: fmt.Sprintf("URL saved at %v\n", saveURL),
|
||||
Content: fmt.Sprintf("URL saved at %v\nOwner key is %s\n", saveURL, ownerKey),
|
||||
}
|
||||
RenderPage(w, r, page)
|
||||
}
|
||||
|
||||
// Retrieve a URL from the database
|
||||
@@ -387,3 +407,141 @@ func getOwnerTokenFromRequest(r *http.Request) ([16]byte, bool) {
|
||||
}
|
||||
return ownerKey, false
|
||||
}
|
||||
|
||||
func RenderPage(w http.ResponseWriter, r *http.Request, page HTMLPage) {
|
||||
contentType, err := resolveResponseContentType(r, []string{"text/plain", "text/html"})
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
log.Printf("error: %v\n", err)
|
||||
fmt.Fprintf(w, "internal server error: %v\n", err)
|
||||
}
|
||||
|
||||
switch contentType {
|
||||
case "text/plain":
|
||||
w.Header().Set("Content-Type", "text/plain")
|
||||
io.WriteString(w, page.Content)
|
||||
case "text/html":
|
||||
w.Header().Set("Content-Type", "text/html")
|
||||
err = HtmlTemplate.Execute(w, page)
|
||||
default:
|
||||
w.WriteHeader(http.StatusNotAcceptable)
|
||||
io.WriteString(w, "could not resolve an acceptable content-type\n")
|
||||
}
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
func RenderError(w http.ResponseWriter, r *http.Request, status int, msg string) {
|
||||
statusText := http.StatusText(status)
|
||||
if statusText == "" {
|
||||
statusText = "Unkown"
|
||||
}
|
||||
w.WriteHeader(status)
|
||||
page := HTMLPage{
|
||||
Title: fmt.Sprintf("%v %v", status, statusText),
|
||||
Content: msg,
|
||||
}
|
||||
RenderPage(w, r, page)
|
||||
}
|
||||
|
||||
// Try to resolve the preferred content-type for the response to this request.
|
||||
//
|
||||
// This is done by reading from the `types` argument. If one of them matches
|
||||
// the preferences supplied by the client in their Accept header, we will
|
||||
// return that one. We will take the clients preferences into account.
|
||||
//
|
||||
// Iff no match could be found, this function will return an empty string, and
|
||||
// the caller should probably respond with a 406 Not Acceptable status code.
|
||||
// Iff the Accept header was invalid, we will return an error. In this case,
|
||||
// the situation calls for a 400 Bad Request.
|
||||
func resolveResponseContentType(r *http.Request, types []string) (string, error) {
|
||||
// Ref: https://tools.ietf.org/html/rfc7231#section-5.3.2
|
||||
if len(types) == 0 {
|
||||
return "", nil
|
||||
}
|
||||
acceptHeader := r.Header.Get("Accept")
|
||||
if acceptHeader == "" {
|
||||
return types[0], nil
|
||||
}
|
||||
|
||||
type AcceptValue struct {
|
||||
Type string
|
||||
Subtype string
|
||||
Weight int
|
||||
}
|
||||
|
||||
avStrings := strings.Split(acceptHeader, ",")
|
||||
avs := make([]AcceptValue, len(avStrings))
|
||||
for i, avString := range avStrings {
|
||||
av := AcceptValue{Weight: 1000}
|
||||
choiceParts := strings.Split(avString, ";")
|
||||
mediaRange := acceptHeaderMediaRangeRegex.FindStringSubmatch(choiceParts[0])
|
||||
if mediaRange == nil {
|
||||
return "", fmt.Errorf("bad media-range (\"%v\")", choiceParts[0])
|
||||
}
|
||||
av.Type = mediaRange[1]
|
||||
av.Subtype = mediaRange[2]
|
||||
// Go through the rest to see if there is a q=... parameter
|
||||
for choiceParts = choiceParts[1:]; len(choiceParts) > 0; choiceParts = choiceParts[1:] {
|
||||
// Try to parse the weight param
|
||||
weight := acceptHeaderWeight.FindStringSubmatch(choiceParts[0])
|
||||
if weight != nil {
|
||||
if weight[1] == "" {
|
||||
av.Weight = 0
|
||||
} else {
|
||||
var err error
|
||||
av.Weight, err = strconv.Atoi((weight[1] + "000")[:3])
|
||||
if err != nil {
|
||||
log.Println("error: unreachable statement")
|
||||
debug.PrintStack()
|
||||
av.Weight = 1000 // Reset to default value
|
||||
}
|
||||
}
|
||||
break
|
||||
}
|
||||
// Check if this parameter is still invalid in any case
|
||||
acceptParams := acceptHeaderAcceptParamsRegex.FindStringSubmatchIndex(choiceParts[0])
|
||||
if acceptParams == nil {
|
||||
return "", fmt.Errorf("bad accept-params (\"%v\")", choiceParts[0])
|
||||
}
|
||||
}
|
||||
avs[i] = av
|
||||
}
|
||||
|
||||
sort.SliceStable(avs, func(i, j int) bool {
|
||||
if avs[i].Weight > avs[j].Weight {
|
||||
return true
|
||||
}
|
||||
if avs[i].Type != "*" && avs[j].Type == "*" {
|
||||
return true
|
||||
}
|
||||
if avs[i].Subtype != "*" && avs[j].Subtype == "*" {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
})
|
||||
|
||||
avArgs := make([]AcceptValue, len(types))
|
||||
for i, fulltype := range types {
|
||||
split := strings.Split(fulltype, "/")
|
||||
if len(split) == 1 {
|
||||
avArgs[i] = AcceptValue{Type: split[0]}
|
||||
} else {
|
||||
avArgs[i] = AcceptValue{Type: split[0], Subtype: split[1]}
|
||||
}
|
||||
}
|
||||
|
||||
for _, av := range avs {
|
||||
for j, avArg := range avArgs {
|
||||
if !(av.Type == avArg.Type || av.Type == "*" || avArg.Type == "*") {
|
||||
continue
|
||||
}
|
||||
if !(av.Subtype == avArg.Subtype || av.Subtype == "*" || avArg.Subtype == "*") {
|
||||
continue
|
||||
}
|
||||
return types[j], nil
|
||||
}
|
||||
}
|
||||
return "", nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user