diff options
Diffstat (limited to 'plugins/static')
-rw-r--r-- | plugins/static/config.go | 55 | ||||
-rw-r--r-- | plugins/static/etag.go | 72 | ||||
-rw-r--r-- | plugins/static/plugin.go | 188 |
3 files changed, 0 insertions, 315 deletions
diff --git a/plugins/static/config.go b/plugins/static/config.go deleted file mode 100644 index c3f9c17d..00000000 --- a/plugins/static/config.go +++ /dev/null @@ -1,55 +0,0 @@ -package static - -import ( - "os" - - "github.com/spiral/errors" -) - -// Config describes file location and controls access to them. -type Config struct { - Static *struct { - // Dir contains name of directory to control access to. - // Default - "." - Dir string - - // CalculateEtag can be true/false and used to calculate etag for the static - CalculateEtag bool `mapstructure:"calculate_etag"` - - // Weak etag `W/` - Weak bool - - // forbid specifies list of file extensions which are forbidden for access. - // example: .php, .exe, .bat, .htaccess and etc. - Forbid []string - - // Allow specifies list of file extensions which are allowed for access. - // example: .php, .exe, .bat, .htaccess and etc. - Allow []string - - // Request headers to add to every static. - Request map[string]string - - // Response headers to add to every static. - Response map[string]string - } -} - -// Valid returns nil if config is valid. -func (c *Config) Valid() error { - const op = errors.Op("static_plugin_valid") - st, err := os.Stat(c.Static.Dir) - if err != nil { - if os.IsNotExist(err) { - return errors.E(op, errors.Errorf("root directory '%s' does not exists", c.Static.Dir)) - } - - return err - } - - if !st.IsDir() { - return errors.E(op, errors.Errorf("invalid root directory '%s'", c.Static.Dir)) - } - - return nil -} diff --git a/plugins/static/etag.go b/plugins/static/etag.go deleted file mode 100644 index 5ee0d2f3..00000000 --- a/plugins/static/etag.go +++ /dev/null @@ -1,72 +0,0 @@ -package static - -import ( - "hash/crc32" - "io" - "net/http" - - "github.com/spiral/roadrunner/v2/utils" -) - -const etag string = "Etag" - -// weak Etag prefix -var weakPrefix = []byte(`W/`) - -// CRC32 table -var crc32q = crc32.MakeTable(0x48D90782) - -// SetEtag sets etag for the file -func SetEtag(weak bool, f http.File, name string, w http.ResponseWriter) { - // preallocate - calculatedEtag := make([]byte, 0, 64) - - // write weak - if weak { - calculatedEtag = append(calculatedEtag, weakPrefix...) - calculatedEtag = append(calculatedEtag, '"') - calculatedEtag = appendUint(calculatedEtag, crc32.Checksum(utils.AsBytes(name), crc32q)) - calculatedEtag = append(calculatedEtag, '"') - - w.Header().Set(etag, utils.AsString(calculatedEtag)) - return - } - - // read the file content - body, err := io.ReadAll(f) - if err != nil { - return - } - - // skip for 0 body - if len(body) == 0 { - return - } - - calculatedEtag = append(calculatedEtag, '"') - calculatedEtag = appendUint(calculatedEtag, uint32(len(body))) - calculatedEtag = append(calculatedEtag, '-') - calculatedEtag = appendUint(calculatedEtag, crc32.Checksum(body, crc32q)) - calculatedEtag = append(calculatedEtag, '"') - - w.Header().Set(etag, utils.AsString(calculatedEtag)) -} - -// appendUint appends n to dst and returns the extended dst. -func appendUint(dst []byte, n uint32) []byte { - var b [20]byte - buf := b[:] - i := len(buf) - var q uint32 - for n >= 10 { - i-- - q = n / 10 - buf[i] = '0' + byte(n-q*10) - n = q - } - i-- - buf[i] = '0' + byte(n) - - dst = append(dst, buf[i:]...) - return dst -} diff --git a/plugins/static/plugin.go b/plugins/static/plugin.go deleted file mode 100644 index f6d9a0f2..00000000 --- a/plugins/static/plugin.go +++ /dev/null @@ -1,188 +0,0 @@ -package static - -import ( - "net/http" - "path" - "strings" - - "github.com/spiral/errors" - "github.com/spiral/roadrunner/v2/plugins/config" - "github.com/spiral/roadrunner/v2/plugins/logger" -) - -// PluginName contains default service name. -const PluginName = "static" - -const RootPluginName = "http" - -// Plugin serves static files. Potentially convert into middleware? -type Plugin struct { - // server configuration (location, forbidden files and etc) - cfg *Config - - log logger.Logger - - // root is initiated http directory - root http.Dir - - // file extensions which are allowed to be served - allowedExtensions map[string]struct{} - - // file extensions which are forbidden to be served - forbiddenExtensions map[string]struct{} -} - -// Init must return configure service and return true if service hasStatus enabled. Must return error in case of -// misconfiguration. Services must not be used without proper configuration pushed first. -func (s *Plugin) Init(cfg config.Configurer, log logger.Logger) error { - const op = errors.Op("static_plugin_init") - if !cfg.Has(RootPluginName) { - return errors.E(op, errors.Disabled) - } - - err := cfg.UnmarshalKey(RootPluginName, &s.cfg) - if err != nil { - return errors.E(op, errors.Disabled, err) - } - - if s.cfg.Static == nil { - return errors.E(op, errors.Disabled) - } - - s.log = log - s.root = http.Dir(s.cfg.Static.Dir) - - err = s.cfg.Valid() - if err != nil { - return errors.E(op, err) - } - - // create 2 hashmaps with the allowed and forbidden file extensions - s.allowedExtensions = make(map[string]struct{}, len(s.cfg.Static.Allow)) - s.forbiddenExtensions = make(map[string]struct{}, len(s.cfg.Static.Forbid)) - - // init forbidden - for i := 0; i < len(s.cfg.Static.Forbid); i++ { - // skip empty lines - if s.cfg.Static.Forbid[i] == "" { - continue - } - s.forbiddenExtensions[s.cfg.Static.Forbid[i]] = struct{}{} - } - - // init allowed - for i := 0; i < len(s.cfg.Static.Allow); i++ { - // skip empty lines - if s.cfg.Static.Allow[i] == "" { - continue - } - s.allowedExtensions[s.cfg.Static.Allow[i]] = struct{}{} - } - - // check if any forbidden items presented in the allowed - // if presented, delete such items from allowed - for k := range s.forbiddenExtensions { - delete(s.allowedExtensions, k) - } - - // at this point we have distinct allowed and forbidden hashmaps, also with alwaysServed - return nil -} - -func (s *Plugin) Name() string { - return PluginName -} - -// Middleware must return true if request/response pair is handled within the middleware. -func (s *Plugin) Middleware(next http.Handler) http.Handler { - // Define the http.HandlerFunc - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - // do not allow paths like ../../resource - // only specified folder and resources in it - // https://lgtm.com/rules/1510366186013/ - if strings.Contains(r.URL.Path, "..") { - w.WriteHeader(http.StatusForbidden) - return - } - - if s.cfg.Static.Request != nil { - for k, v := range s.cfg.Static.Request { - r.Header.Add(k, v) - } - } - - if s.cfg.Static.Response != nil { - for k, v := range s.cfg.Static.Response { - w.Header().Set(k, v) - } - } - - // first - create a proper file path - fPath := path.Clean(r.URL.Path) - ext := strings.ToLower(path.Ext(fPath)) - - // check that file extension in the forbidden list - if _, ok := s.forbiddenExtensions[ext]; ok { - s.log.Debug("file extension is forbidden", "ext", ext) - next.ServeHTTP(w, r) - return - } - - // if we have some allowed extensions, we should check them - // if not - all extensions allowed except forbidden - if len(s.allowedExtensions) > 0 { - // not found in allowed - if _, ok := s.allowedExtensions[ext]; !ok { - next.ServeHTTP(w, r) - return - } - - // file extension allowed - } - - // ok, file is not in the forbidden list - // Stat it and get file info - f, err := s.root.Open(fPath) - if err != nil { - // else no such file, show error in logs only in debug mode - s.log.Debug("no such file or directory", "error", err) - // pass request to the worker - next.ServeHTTP(w, r) - return - } - - // at high confidence there is should not be an error - // because we stat-ed the path previously and know, that that is file (not a dir), and it exists - finfo, err := f.Stat() - if err != nil { - // else no such file, show error in logs only in debug mode - s.log.Debug("no such file or directory", "error", err) - // pass request to the worker - next.ServeHTTP(w, r) - return - } - - defer func() { - err = f.Close() - if err != nil { - s.log.Error("file close error", "error", err) - } - }() - - // if provided path to the dir, do not serve the dir, but pass the request to the worker - if finfo.IsDir() { - s.log.Debug("possible path to dir provided") - // pass request to the worker - next.ServeHTTP(w, r) - return - } - - // set etag - if s.cfg.Static.CalculateEtag { - SetEtag(s.cfg.Static.Weak, f, finfo.Name(), w) - } - - // we passed all checks - serve the file - http.ServeContent(w, r, finfo.Name(), finfo.ModTime(), f) - }) -} |