|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610 |
- /*
- The MIT License (MIT)
-
- Copyright (c) 2014 DutchCoders [https://github.com/dutchcoders/]
-
- Permission is hereby granted, free of charge, to any person obtaining a copy
- of this software and associated documentation files (the "Software"), to deal
- in the Software without restriction, including without limitation the rights
- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- copies of the Software, and to permit persons to whom the Software is
- furnished to do so, subject to the following conditions:
-
- The above copyright notice and this permission notice shall be included in
- all copies or substantial portions of the Software.
-
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- THE SOFTWARE.
- */
-
- package main
-
- import (
- // _ "transfer.sh/app/handlers"
- // _ "transfer.sh/app/utils"
-
- "archive/tar"
- "archive/zip"
- "bytes"
- "compress/gzip"
- "errors"
- "fmt"
- "github.com/dutchcoders/go-clamd"
- "github.com/gorilla/mux"
- "github.com/kennygrant/sanitize"
- "github.com/russross/blackfriday"
- html_template "html/template"
- "io"
- "io/ioutil"
- "log"
- "math/rand"
- "mime"
- "net/http"
- "os"
- "path/filepath"
- "strconv"
- "strings"
- text_template "text/template"
- "time"
- )
-
- func healthHandler(w http.ResponseWriter, r *http.Request) {
- fmt.Fprintf(w, "Approaching Neutral Zone, all systems normal and functioning.")
- }
-
- /* The preview handler will show a preview of the content for browsers (accept type text/html), and referer is not transfer.sh */
- func previewHandler(w http.ResponseWriter, r *http.Request) {
-
- vars := mux.Vars(r)
-
- token := vars["token"]
- filename := vars["filename"]
-
- contentType, contentLength, err := storage.Head(token, filename)
- if err != nil {
- http.Error(w, http.StatusText(404), 404)
- return
- }
-
- var templatePath string
- var content html_template.HTML
-
- switch {
- case strings.HasPrefix(contentType, "image/"):
- templatePath = "download.image.html"
- case strings.HasPrefix(contentType, "text/"):
- templatePath = "download.md.html"
-
- var reader io.ReadCloser
- if reader, _, _, err = storage.Get(token, filename); err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- var data []byte
- if data, err = ioutil.ReadAll(reader); err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- if strings.HasPrefix(contentType, "text/x-markdown") || strings.HasPrefix(contentType, "text/markdown") {
- output := blackfriday.MarkdownCommon(data)
- content = html_template.HTML(output)
- } else if strings.HasPrefix(contentType, "text/plain") {
- content = html_template.HTML(fmt.Sprintf("<pre>%s</pre>", data))
- } else {
- content = html_template.HTML(data)
- }
-
- templatePath = "download.md.html"
- default:
- templatePath = "download.html"
- }
-
- tmpl, err := html_template.New(templatePath).Funcs(html_template.FuncMap{"format": formatNumber}).ParseFiles("static/" + templatePath)
-
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- data := struct {
- ContentType string
- Content html_template.HTML
- Filename string
- Url string
- ContentLength uint64
- }{
- contentType,
- content,
- filename,
- r.URL.String(),
- contentLength,
- }
-
- if err := tmpl.ExecuteTemplate(w, templatePath, data); err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- }
-
- // this handler will output html or text, depending on the
- // support of the client (Accept header).
-
- func viewHandler(w http.ResponseWriter, r *http.Request) {
- // vars := mux.Vars(r)
-
- if acceptsHtml(r.Header) {
- tmpl, err := html_template.ParseFiles("static/index.html")
-
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- if err := tmpl.Execute(w, nil); err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
- } else {
- tmpl, err := text_template.ParseFiles("static/index.txt")
-
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- if err := tmpl.Execute(w, nil); err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
- }
- }
-
- func notFoundHandler(w http.ResponseWriter, r *http.Request) {
- http.Error(w, http.StatusText(404), 404)
- }
-
- func postHandler(w http.ResponseWriter, r *http.Request) {
- if err := r.ParseMultipartForm(_24K); nil != err {
- log.Printf("%s", err.Error())
- http.Error(w, "Error occured copying to output stream", 500)
- return
- }
-
- token := Encode(10000000 + int64(rand.Intn(1000000000)))
-
- w.Header().Set("Content-Type", "text/plain")
-
- for _, fheaders := range r.MultipartForm.File {
- for _, fheader := range fheaders {
- filename := sanitize.Path(filepath.Base(fheader.Filename))
- contentType := fheader.Header.Get("Content-Type")
-
- if contentType == "" {
- contentType = mime.TypeByExtension(filepath.Ext(fheader.Filename))
- }
-
- var f io.Reader
- var err error
-
- if f, err = fheader.Open(); err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, err.Error(), 500)
- return
- }
-
- var b bytes.Buffer
-
- n, err := io.CopyN(&b, f, _24K+1)
- if err != nil && err != io.EOF {
- log.Printf("%s", err.Error())
- http.Error(w, err.Error(), 500)
- return
- }
-
- var reader io.Reader
-
- if n > _24K {
- file, err := ioutil.TempFile(config.Temp, "transfer-")
- if err != nil {
- log.Fatal(err)
- }
- defer file.Close()
-
- n, err = io.Copy(file, io.MultiReader(&b, f))
- if err != nil {
- os.Remove(file.Name())
-
- log.Printf("%s", err.Error())
- http.Error(w, err.Error(), 500)
- return
- }
-
- reader, err = os.Open(file.Name())
- } else {
- reader = bytes.NewReader(b.Bytes())
- }
-
- contentLength := n
-
- log.Printf("Uploading %s %s %d %s", token, filename, contentLength, contentType)
-
- if err = storage.Put(token, filename, reader, contentType, uint64(contentLength)); err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, err.Error(), 500)
- return
-
- }
-
- fmt.Fprintf(w, "https://%s/%s/%s\n", ipAddrFromRemoteAddr(r.Host), token, filename)
- }
- }
- }
-
- func scanHandler(w http.ResponseWriter, r *http.Request) {
- vars := mux.Vars(r)
-
- filename := sanitize.Path(filepath.Base(vars["filename"]))
-
- contentLength := r.ContentLength
- contentType := r.Header.Get("Content-Type")
-
- log.Printf("Scanning %s %d %s", filename, contentLength, contentType)
-
- var reader io.Reader
-
- reader = r.Body
-
- c := clamd.NewClamd(config.CLAMAV_DAEMON_HOST)
-
- response, err := c.ScanStream(reader)
- if err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, err.Error(), 500)
- return
- }
-
- var b string
-
- for s := range response {
- b += s
-
- if !strings.HasPrefix(s, "stream: ") {
- continue
- }
-
- w.Write([]byte(fmt.Sprintf("%v\n", s[8:])))
- }
- }
-
- func putHandler(w http.ResponseWriter, r *http.Request) {
- vars := mux.Vars(r)
-
- filename := sanitize.Path(filepath.Base(vars["filename"]))
-
- contentLength := r.ContentLength
-
- var reader io.Reader
-
- reader = r.Body
-
- if contentLength == -1 {
- // queue file to disk, because s3 needs content length
- var err error
- var f io.Reader
-
- f = reader
-
- var b bytes.Buffer
-
- n, err := io.CopyN(&b, f, _24K+1)
- if err != nil && err != io.EOF {
- log.Printf("%s", err.Error())
- http.Error(w, err.Error(), 500)
- return
- }
-
- if n > _24K {
- file, err := ioutil.TempFile(config.Temp, "transfer-")
- if err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, err.Error(), 500)
- return
- }
-
- defer file.Close()
-
- n, err = io.Copy(file, io.MultiReader(&b, f))
- if err != nil {
- os.Remove(file.Name())
- log.Printf("%s", err.Error())
- http.Error(w, err.Error(), 500)
- return
- }
-
- reader, err = os.Open(file.Name())
- } else {
- reader = bytes.NewReader(b.Bytes())
- }
-
- contentLength = n
- }
-
- contentType := r.Header.Get("Content-Type")
-
- if contentType == "" {
- contentType = mime.TypeByExtension(filepath.Ext(vars["filename"]))
- }
-
- token := Encode(10000000 + int64(rand.Intn(1000000000)))
-
- log.Printf("Uploading %s %d %s", token, filename, contentLength, contentType)
-
- var err error
-
- if err = storage.Put(token, filename, reader, contentType, uint64(contentLength)); err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, errors.New("Could not save file").Error(), 500)
- return
- }
-
- // w.Statuscode = 200
-
- w.Header().Set("Content-Type", "text/plain")
-
- fmt.Fprintf(w, "https://%s/%s/%s\n", ipAddrFromRemoteAddr(r.Host), token, filename)
- }
-
- func zipHandler(w http.ResponseWriter, r *http.Request) {
- vars := mux.Vars(r)
-
- files := vars["files"]
-
- zipfilename := fmt.Sprintf("transfersh-%d.zip", uint16(time.Now().UnixNano()))
-
- w.Header().Set("Content-Type", "application/zip")
- w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"%s\"", zipfilename))
- w.Header().Set("Connection", "close")
-
- zw := zip.NewWriter(w)
-
- for _, key := range strings.Split(files, ",") {
- if strings.HasPrefix(key, "/") {
- key = key[1:]
- }
-
- key = strings.Replace(key, "\\", "/", -1)
-
- token := strings.Split(key, "/")[0]
- filename := sanitize.Path(strings.Split(key, "/")[1])
-
- reader, _, _, err := storage.Get(token, filename)
-
- if err != nil {
- if err.Error() == "The specified key does not exist." {
- http.Error(w, "File not found", 404)
- return
- } else {
- log.Printf("%s", err.Error())
- http.Error(w, "Could not retrieve file.", 500)
- return
- }
- }
-
- defer reader.Close()
-
- header := &zip.FileHeader{
- Name: strings.Split(key, "/")[1],
- Method: zip.Store,
- ModifiedTime: uint16(time.Now().UnixNano()),
- ModifiedDate: uint16(time.Now().UnixNano()),
- }
-
- fw, err := zw.CreateHeader(header)
-
- if err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, "Internal server error.", 500)
- return
- }
-
- if _, err = io.Copy(fw, reader); err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, "Internal server error.", 500)
- return
- }
- }
-
- if err := zw.Close(); err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, "Internal server error.", 500)
- return
- }
- }
-
- func tarGzHandler(w http.ResponseWriter, r *http.Request) {
- vars := mux.Vars(r)
-
- files := vars["files"]
-
- tarfilename := fmt.Sprintf("transfersh-%d.tar.gz", uint16(time.Now().UnixNano()))
-
- w.Header().Set("Content-Type", "application/x-gzip")
- w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"%s\"", tarfilename))
- w.Header().Set("Connection", "close")
-
- os := gzip.NewWriter(w)
- defer os.Close()
-
- zw := tar.NewWriter(os)
- defer zw.Close()
-
- for _, key := range strings.Split(files, ",") {
- if strings.HasPrefix(key, "/") {
- key = key[1:]
- }
-
- key = strings.Replace(key, "\\", "/", -1)
-
- token := strings.Split(key, "/")[0]
- filename := sanitize.Path(strings.Split(key, "/")[1])
-
- reader, _, contentLength, err := storage.Get(token, filename)
- if err != nil {
- if err.Error() == "The specified key does not exist." {
- http.Error(w, "File not found", 404)
- return
- } else {
- log.Printf("%s", err.Error())
- http.Error(w, "Could not retrieve file.", 500)
- return
- }
- }
-
- defer reader.Close()
-
- header := &tar.Header{
- Name: strings.Split(key, "/")[1],
- Size: int64(contentLength),
- }
-
- err = zw.WriteHeader(header)
- if err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, "Internal server error.", 500)
- return
- }
-
- if _, err = io.Copy(zw, reader); err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, "Internal server error.", 500)
- return
- }
- }
- }
-
- func tarHandler(w http.ResponseWriter, r *http.Request) {
- vars := mux.Vars(r)
-
- files := vars["files"]
-
- tarfilename := fmt.Sprintf("transfersh-%d.tar", uint16(time.Now().UnixNano()))
-
- w.Header().Set("Content-Type", "application/x-tar")
- w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"%s\"", tarfilename))
- w.Header().Set("Connection", "close")
-
- zw := tar.NewWriter(w)
- defer zw.Close()
-
- for _, key := range strings.Split(files, ",") {
- token := strings.Split(key, "/")[0]
- filename := strings.Split(key, "/")[1]
-
- reader, _, contentLength, err := storage.Get(token, filename)
- if err != nil {
- if err.Error() == "The specified key does not exist." {
- http.Error(w, "File not found", 404)
- return
- } else {
- log.Printf("%s", err.Error())
- http.Error(w, "Could not retrieve file.", 500)
- return
- }
- }
-
- defer reader.Close()
-
- header := &tar.Header{
- Name: strings.Split(key, "/")[1],
- Size: int64(contentLength),
- }
-
- err = zw.WriteHeader(header)
- if err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, "Internal server error.", 500)
- return
- }
-
- if _, err = io.Copy(zw, reader); err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, "Internal server error.", 500)
- return
- }
- }
- }
-
- func getHandler(w http.ResponseWriter, r *http.Request) {
- vars := mux.Vars(r)
-
- token := vars["token"]
- filename := vars["filename"]
-
- reader, contentType, contentLength, err := storage.Get(token, filename)
- if err != nil {
- if err.Error() == "The specified key does not exist." {
- http.Error(w, "File not found", 404)
- return
- } else {
- log.Printf("%s", err.Error())
- http.Error(w, "Could not retrieve file.", 500)
- return
- }
- }
-
- defer reader.Close()
-
- w.Header().Set("Content-Type", contentType)
- w.Header().Set("Content-Length", strconv.FormatUint(contentLength, 10))
- w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"%s\"", filename))
- w.Header().Set("Connection", "close")
-
- if _, err = io.Copy(w, reader); err != nil {
- log.Printf("%s", err.Error())
- http.Error(w, "Error occured copying to output stream", 500)
- return
- }
- }
-
- func RedirectHandler(h http.Handler) http.HandlerFunc {
- return func(w http.ResponseWriter, r *http.Request) {
- if r.URL.Path == "/health.html" {
- } else if ipAddrFromRemoteAddr(r.Host) == "127.0.0.1" {
- } else if ipAddrFromRemoteAddr(r.Host) == "transfersh.elasticbeanstalk.com" {
- } else if ipAddrFromRemoteAddr(r.Host) == "jxm5d6emw5rknovg.onion" {
- if r.Header.Get("X-Forwarded-Proto") != "https" && r.Method == "GET" {
-
- http.Redirect(w, r, "https://jxm5d6emw5rknovg.onion"+r.RequestURI, 301)
- return
- }
- } else if ipAddrFromRemoteAddr(r.Host) == "transfer.sh" {
- if r.Header.Get("X-Forwarded-Proto") != "https" && r.Method == "GET" {
- http.Redirect(w, r, "https://transfer.sh"+r.RequestURI, 301)
- return
- }
- } else if ipAddrFromRemoteAddr(r.Host) != "transfer.sh" {
- http.Redirect(w, r, "https://transfer.sh"+r.RequestURI, 301)
- return
- }
-
- h.ServeHTTP(w, r)
- }
- }
-
- // Create a log handler for every request it receives.
- func LoveHandler(h http.Handler) http.HandlerFunc {
- return func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("x-made-with", "<3 by DutchCoders")
- w.Header().Set("x-served-by", "Proudly served by DutchCoders")
- w.Header().Set("Server", "Transfer.sh HTTP Server 1.0")
- h.ServeHTTP(w, r)
- }
- }
|