Added upload type checking, default name/type, optional metrics, browser auth prompt
This commit is contained in:
parent
3408bdc812
commit
3c44eeebf3
67
src/index.js
67
src/index.js
|
@ -1,5 +1,17 @@
|
||||||
// vim: tabstop=4 shiftwidth=4 expandtab
|
// vim: tabstop=4 shiftwidth=4 expandtab
|
||||||
|
|
||||||
|
async function isAsciiFile(buf) {
|
||||||
|
var isAscii = true;
|
||||||
|
const view = new Uint8Array(buf)
|
||||||
|
for (var i=0, len=view.byteLength; i<len; i++) {
|
||||||
|
if (view[i] > 127) {
|
||||||
|
isAscii=false
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return isAscii
|
||||||
|
}
|
||||||
|
|
||||||
function makeid(length) {
|
function makeid(length) {
|
||||||
let result = '';
|
let result = '';
|
||||||
const characters = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
const characters = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
||||||
|
@ -15,6 +27,7 @@ function makeid(length) {
|
||||||
async function checkAuth(request) {
|
async function checkAuth(request) {
|
||||||
const auth = request.headers.get("Authorization");
|
const auth = request.headers.get("Authorization");
|
||||||
const auth_check = await AUTH.get(auth)
|
const auth_check = await AUTH.get(auth)
|
||||||
|
console.log(auth, auth_check)
|
||||||
return Boolean(auth_check);
|
return Boolean(auth_check);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -23,27 +36,35 @@ function getHost(request) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function create_response(request, body, metadata) {
|
function create_response(request, body, metadata) {
|
||||||
METRICS.writeDataPoint({
|
try {
|
||||||
indexes: [
|
METRICS.writeDataPoint({
|
||||||
metadata.status
|
indexes: [
|
||||||
],
|
metadata.status
|
||||||
blobs: [
|
],
|
||||||
request.method,
|
blobs: [
|
||||||
request.cf.country,
|
request.method,
|
||||||
request.cf.asn,
|
request.cf.country,
|
||||||
request.cf.timezone,
|
request.cf.asn,
|
||||||
new Date().toISOString(),
|
request.cf.timezone,
|
||||||
request.headers.get("cf-connecting-ip"),
|
new Date().toISOString(),
|
||||||
request.headers.get("referer")
|
request.headers.get("cf-connecting-ip"),
|
||||||
]
|
request.headers.get("referer")
|
||||||
})
|
]
|
||||||
|
})
|
||||||
|
} catch (e) {
|
||||||
|
// Metrics disabled
|
||||||
|
if (!(e instanceof ReferenceError)) {
|
||||||
|
throw e
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return new Response(body, metadata)
|
return new Response(body, metadata)
|
||||||
}
|
}
|
||||||
|
|
||||||
async function add(request,host,path) {
|
async function add(request,host,path) {
|
||||||
const auth = await checkAuth(request)
|
const auth = await checkAuth(request)
|
||||||
if (!auth)
|
if (!auth)
|
||||||
return create_response(request, "Only GET requests allowed to unauthed users", {status:403});
|
return create_response(request, "Auth required", {status:401,headers:{"www-authenticate":"Basic"}});
|
||||||
if (!request.headers.get("content-type"))
|
if (!request.headers.get("content-type"))
|
||||||
return create_response(request, "No data provided", {status:400})
|
return create_response(request, "No data provided", {status:400})
|
||||||
if (!path) return create_response(request, "No path provided",{status:400})
|
if (!path) return create_response(request, "No path provided",{status:400})
|
||||||
|
@ -59,7 +80,7 @@ async function add(request,host,path) {
|
||||||
}
|
}
|
||||||
path = path.toLowerCase()
|
path = path.toLowerCase()
|
||||||
|
|
||||||
// URL shortening
|
const req_clone = request.clone()
|
||||||
const data = await request.formData()
|
const data = await request.formData()
|
||||||
const dest = data.get("u")
|
const dest = data.get("u")
|
||||||
try {
|
try {
|
||||||
|
@ -74,10 +95,18 @@ async function add(request,host,path) {
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
if (e instanceof TypeError) {
|
if (e instanceof TypeError) {
|
||||||
if (!dest) return create_response(request, "No file provided", {status:400})
|
if (!dest) return create_response(request, "No file provided", {status:400})
|
||||||
|
const buf = await req_clone.arrayBuffer()
|
||||||
|
var name = dest.name
|
||||||
|
var type = dest.type
|
||||||
|
if (!name || !type) {
|
||||||
|
const is_ascii = await isAsciiFile(buf)
|
||||||
|
if (!name) name = is_ascii ? "paste.txt" : "paste.bin"
|
||||||
|
if (!type) type = is_ascii ? "text/plain" : "application/octet-stream"
|
||||||
|
}
|
||||||
await FILES.put(path, dest, {
|
await FILES.put(path, dest, {
|
||||||
httpMetadata: {
|
httpMetadata: {
|
||||||
contentType: dest.type,
|
contentType: type,
|
||||||
contentDisposition: `inline; filename="${dest.name}"`
|
contentDisposition: `inline; filename="${name}"`
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
await KV.delete(path)
|
await KV.delete(path)
|
||||||
|
@ -92,7 +121,7 @@ async function add(request,host,path) {
|
||||||
async function remove(request,host,path) {
|
async function remove(request,host,path) {
|
||||||
const auth = await checkAuth(request)
|
const auth = await checkAuth(request)
|
||||||
if (!auth)
|
if (!auth)
|
||||||
return create_response(request, "Only GET requests allowed to unauthed users", {status:403});
|
return create_response(request, "Auth required", {status:401,headers:{"www-authenticate":"Basic"}});
|
||||||
if (!path) return create_response(request, "No path provided",{status:400})
|
if (!path) return create_response(request, "No path provided",{status:400})
|
||||||
path = path.toLowerCase()
|
path = path.toLowerCase()
|
||||||
await KV.delete(path)
|
await KV.delete(path)
|
||||||
|
|
7
test.py
7
test.py
|
@ -22,17 +22,12 @@ try:
|
||||||
|
|
||||||
# unauth requests to auth methods
|
# unauth requests to auth methods
|
||||||
reqs = put(host),post(host),delete(host)
|
reqs = put(host),post(host),delete(host)
|
||||||
assert all(req.status_code == 403 for req in reqs) # unauth requests to auth methods
|
assert all(req.status_code == 401 for req in reqs) # unauth requests to auth methods
|
||||||
|
|
||||||
# auth put wo data
|
# auth put wo data
|
||||||
req = put(host + "/devtestpath",data={},headers=auth)
|
req = put(host + "/devtestpath",data={},headers=auth)
|
||||||
assert req.status_code == 400 # auth put wo data
|
assert req.status_code == 400 # auth put wo data
|
||||||
|
|
||||||
# # auth put invalid url
|
|
||||||
# req = put(host + "/devtestpath",data={"u": "golf sale"},headers=auth)
|
|
||||||
# assert req.status_code == 400 # auth put invalid url
|
|
||||||
# # invalid urls would now be stored as files instead
|
|
||||||
|
|
||||||
# auth put wo path
|
# auth put wo path
|
||||||
req = put(host,data={"u": "http://www.example.com"},headers=auth)
|
req = put(host,data={"u": "http://www.example.com"},headers=auth)
|
||||||
assert req.status_code == 400 # auth put wo path
|
assert req.status_code == 400 # auth put wo path
|
||||||
|
|
Loading…
Reference in a new issue