2016-11-29 17:26:36 +01:00
// Copyright 2016 The Gitea Authors. All rights reserved.
2022-11-27 19:20:29 +01:00
// SPDX-License-Identifier: MIT
2016-11-29 17:26:36 +01:00
package public
2017-01-28 23:14:56 +01:00
import (
2023-04-12 12:16:45 +02:00
"bytes"
"io"
2018-02-03 23:37:05 +01:00
"net/http"
2021-05-30 12:25:11 +02:00
"os"
2023-04-12 12:16:45 +02:00
"path"
2018-02-03 23:37:05 +01:00
"strings"
2023-04-12 12:16:45 +02:00
"time"
2017-01-28 23:14:56 +01:00
2023-04-12 12:16:45 +02:00
"code.gitea.io/gitea/modules/assetfs"
2022-10-12 07:18:26 +02:00
"code.gitea.io/gitea/modules/container"
2020-11-17 23:44:52 +01:00
"code.gitea.io/gitea/modules/httpcache"
2021-05-30 12:25:11 +02:00
"code.gitea.io/gitea/modules/log"
2017-01-28 23:14:56 +01:00
"code.gitea.io/gitea/modules/setting"
2023-03-08 13:17:39 +01:00
"code.gitea.io/gitea/modules/util"
2017-01-28 23:14:56 +01:00
)
2023-04-12 12:16:45 +02:00
func CustomAssets ( ) * assetfs . Layer {
return assetfs . Local ( "custom" , setting . CustomPath , "public" )
2016-11-29 17:26:36 +01:00
}
2017-01-28 23:14:56 +01:00
2023-04-12 12:16:45 +02:00
func AssetFS ( ) * assetfs . LayeredFS {
return assetfs . Layered ( CustomAssets ( ) , BuiltinAssets ( ) )
}
2022-01-20 12:41:25 +01:00
// AssetsHandlerFunc implements the static handler for serving custom or original assets.
2023-04-12 12:16:45 +02:00
func AssetsHandlerFunc ( prefix string ) http . HandlerFunc {
assetFS := AssetFS ( )
prefix = strings . TrimSuffix ( prefix , "/" ) + "/"
2022-01-20 12:41:25 +01:00
return func ( resp http . ResponseWriter , req * http . Request ) {
2023-04-12 12:16:45 +02:00
subPath := req . URL . Path
if ! strings . HasPrefix ( subPath , prefix ) {
2022-01-20 12:41:25 +01:00
return
}
2023-04-12 12:16:45 +02:00
subPath = strings . TrimPrefix ( subPath , prefix )
2018-02-03 23:37:05 +01:00
2023-04-12 12:16:45 +02:00
if req . Method != "GET" && req . Method != "HEAD" {
resp . WriteHeader ( http . StatusNotFound )
2022-01-20 12:41:25 +01:00
return
}
2018-02-03 23:37:05 +01:00
2023-04-12 12:16:45 +02:00
if handleRequest ( resp , req , assetFS , subPath ) {
2022-01-20 12:41:25 +01:00
return
}
2021-05-30 12:25:11 +02:00
2022-01-20 12:41:25 +01:00
resp . WriteHeader ( http . StatusNotFound )
2018-02-03 23:37:05 +01:00
}
}
2020-12-24 05:25:17 +01:00
// parseAcceptEncoding parse Accept-Encoding: deflate, gzip;q=1.0, *;q=0.5 as compress methods
2022-10-12 07:18:26 +02:00
func parseAcceptEncoding ( val string ) container . Set [ string ] {
2020-12-24 05:25:17 +01:00
parts := strings . Split ( val , ";" )
2022-10-12 07:18:26 +02:00
types := make ( container . Set [ string ] )
2020-12-24 05:25:17 +01:00
for _ , v := range strings . Split ( parts [ 0 ] , "," ) {
2022-10-12 07:18:26 +02:00
types . Add ( strings . TrimSpace ( v ) )
2020-12-24 05:25:17 +01:00
}
return types
}
2022-01-23 13:19:49 +01:00
// setWellKnownContentType will set the Content-Type if the file is a well-known type.
// See the comments of detectWellKnownMimeType
func setWellKnownContentType ( w http . ResponseWriter , file string ) {
2023-04-12 12:16:45 +02:00
mimeType := detectWellKnownMimeType ( path . Ext ( file ) )
2022-01-23 13:19:49 +01:00
if mimeType != "" {
w . Header ( ) . Set ( "Content-Type" , mimeType )
}
}
2023-04-12 12:16:45 +02:00
func handleRequest ( w http . ResponseWriter , req * http . Request , fs http . FileSystem , file string ) bool {
2023-03-21 21:02:49 +01:00
// actually, fs (http.FileSystem) is designed to be a safe interface, relative paths won't bypass its parent directory, it's also fine to do a clean here
f , err := fs . Open ( util . PathJoinRelX ( file ) )
2018-02-03 23:37:05 +01:00
if err != nil {
2021-05-30 12:25:11 +02:00
if os . IsNotExist ( err ) {
return false
2020-04-18 23:01:06 +02:00
}
2021-05-30 12:25:11 +02:00
w . WriteHeader ( http . StatusInternalServerError )
log . Error ( "[Static] Open %q failed: %v" , file , err )
return true
2018-02-03 23:37:05 +01:00
}
defer f . Close ( )
fi , err := f . Stat ( )
if err != nil {
2021-05-30 12:25:11 +02:00
w . WriteHeader ( http . StatusInternalServerError )
log . Error ( "[Static] %q exists, but fails to open: %v" , file , err )
2018-02-03 23:37:05 +01:00
return true
}
// Try to serve index file
if fi . IsDir ( ) {
2021-05-30 12:25:11 +02:00
w . WriteHeader ( http . StatusNotFound )
return true
2018-02-03 23:37:05 +01:00
}
2021-04-12 16:49:26 +02:00
if httpcache . HandleFileETagCache ( req , w , fi ) {
2020-11-17 23:44:52 +01:00
return true
2018-02-03 23:37:05 +01:00
}
2021-05-30 12:25:11 +02:00
serveContent ( w , req , fi , fi . ModTime ( ) , f )
2018-02-03 23:37:05 +01:00
return true
}
2023-04-12 12:16:45 +02:00
type GzipBytesProvider interface {
GzipBytes ( ) [ ] byte
}
// serveContent serve http content
func serveContent ( w http . ResponseWriter , req * http . Request , fi os . FileInfo , modtime time . Time , content io . ReadSeeker ) {
setWellKnownContentType ( w , fi . Name ( ) )
encodings := parseAcceptEncoding ( req . Header . Get ( "Accept-Encoding" ) )
if encodings . Contains ( "gzip" ) {
// try to provide gzip content directly from bindata (provided by vfsgen۰ CompressedFileInfo)
if compressed , ok := fi . ( GzipBytesProvider ) ; ok {
rdGzip := bytes . NewReader ( compressed . GzipBytes ( ) )
// all gzipped static files (from bindata) are managed by Gitea, so we can make sure every file has the correct ext name
// then we can get the correct Content-Type, we do not need to do http.DetectContentType on the decompressed data
if w . Header ( ) . Get ( "Content-Type" ) == "" {
w . Header ( ) . Set ( "Content-Type" , "application/octet-stream" )
}
w . Header ( ) . Set ( "Content-Encoding" , "gzip" )
http . ServeContent ( w , req , fi . Name ( ) , modtime , rdGzip )
return
}
}
http . ServeContent ( w , req , fi . Name ( ) , modtime , content )
return
}