mirror of
https://github.com/binwiederhier/ntfy.git
synced 2024-06-26 18:10:41 +12:00
30a913c05c
With these changes, If the web request contains the new Priority header (RFC 9218), The server will ignore it and continue searching for other headers or query parameters.
155 lines
4.4 KiB
Go
155 lines
4.4 KiB
Go
package server
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"heckel.io/ntfy/util"
|
|
"io"
|
|
"mime"
|
|
"net/http"
|
|
"net/netip"
|
|
"strings"
|
|
/*"regexp"*/
|
|
)
|
|
|
|
var mimeDecoder mime.WordDecoder
|
|
|
|
func readBoolParam(r *http.Request, defaultValue bool, names ...string) bool {
|
|
value := strings.ToLower(readParam(r, names...))
|
|
if value == "" {
|
|
return defaultValue
|
|
}
|
|
return toBool(value)
|
|
}
|
|
|
|
func isBoolValue(value string) bool {
|
|
return value == "1" || value == "yes" || value == "true" || value == "0" || value == "no" || value == "false"
|
|
}
|
|
|
|
func toBool(value string) bool {
|
|
return value == "1" || value == "yes" || value == "true"
|
|
}
|
|
|
|
func readCommaSeparatedParam(r *http.Request, names ...string) (params []string) {
|
|
paramStr := readParam(r, names...)
|
|
if paramStr != "" {
|
|
params = make([]string, 0)
|
|
for _, s := range util.SplitNoEmpty(paramStr, ",") {
|
|
params = append(params, strings.TrimSpace(s))
|
|
}
|
|
}
|
|
return params
|
|
}
|
|
|
|
func readParam(r *http.Request, names ...string) string {
|
|
value := readHeaderParam(r, names...)
|
|
if value != "" {
|
|
return value
|
|
}
|
|
return readQueryParam(r, names...)
|
|
}
|
|
|
|
func readHeaderParam(r *http.Request, names ...string) string {
|
|
for _, name := range names {
|
|
value := maybeDecodeHeader(r.Header.Get(name))
|
|
if value != "" {
|
|
return strings.TrimSpace(value)
|
|
}
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func readQueryParam(r *http.Request, names ...string) string {
|
|
for _, name := range names {
|
|
value := r.URL.Query().Get(strings.ToLower(name))
|
|
if value != "" {
|
|
return strings.TrimSpace(value)
|
|
}
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func extractIPAddress(r *http.Request, behindProxy bool) netip.Addr {
|
|
remoteAddr := r.RemoteAddr
|
|
addrPort, err := netip.ParseAddrPort(remoteAddr)
|
|
ip := addrPort.Addr()
|
|
if err != nil {
|
|
// This should not happen in real life; only in tests. So, using falling back to 0.0.0.0 if address unspecified
|
|
ip, err = netip.ParseAddr(remoteAddr)
|
|
if err != nil {
|
|
ip = netip.IPv4Unspecified()
|
|
if remoteAddr != "@" || !behindProxy { // RemoteAddr is @ when unix socket is used
|
|
logr(r).Err(err).Warn("unable to parse IP (%s), new visitor with unspecified IP (0.0.0.0) created", remoteAddr)
|
|
}
|
|
}
|
|
}
|
|
if behindProxy && strings.TrimSpace(r.Header.Get("X-Forwarded-For")) != "" {
|
|
// X-Forwarded-For can contain multiple addresses (see #328). If we are behind a proxy,
|
|
// only the right-most address can be trusted (as this is the one added by our proxy server).
|
|
// See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For for details.
|
|
ips := util.SplitNoEmpty(r.Header.Get("X-Forwarded-For"), ",")
|
|
realIP, err := netip.ParseAddr(strings.TrimSpace(util.LastString(ips, remoteAddr)))
|
|
if err != nil {
|
|
logr(r).Err(err).Error("invalid IP address %s received in X-Forwarded-For header", ip)
|
|
// Fall back to regular remote address if X-Forwarded-For is damaged
|
|
} else {
|
|
ip = realIP
|
|
}
|
|
}
|
|
return ip
|
|
}
|
|
|
|
func readJSONWithLimit[T any](r io.ReadCloser, limit int, allowEmpty bool) (*T, error) {
|
|
obj, err := util.UnmarshalJSONWithLimit[T](r, limit, allowEmpty)
|
|
if err == util.ErrUnmarshalJSON {
|
|
return nil, errHTTPBadRequestJSONInvalid
|
|
} else if err == util.ErrTooLargeJSON {
|
|
return nil, errHTTPEntityTooLargeJSONBody
|
|
} else if err != nil {
|
|
return nil, err
|
|
}
|
|
return obj, nil
|
|
}
|
|
|
|
func withContext(r *http.Request, ctx map[contextKey]any) *http.Request {
|
|
c := r.Context()
|
|
for k, v := range ctx {
|
|
c = context.WithValue(c, k, v)
|
|
}
|
|
return r.WithContext(c)
|
|
}
|
|
|
|
func fromContext[T any](r *http.Request, key contextKey) (T, error) {
|
|
t, ok := r.Context().Value(key).(T)
|
|
if !ok {
|
|
return t, fmt.Errorf("cannot find key %v in request context", key)
|
|
}
|
|
return t, nil
|
|
}
|
|
|
|
func maybeDecodeHeader(header string) string {
|
|
decoded, err := mimeDecoder.DecodeHeader(header)
|
|
if err != nil {
|
|
return cloudflarePriorityIgnore(header)
|
|
}
|
|
return cloudflarePriorityIgnore(decoded)
|
|
}
|
|
|
|
// Ignore new HTTP Priority header (see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-priority)
|
|
// Cloudflare adds this to requests when forwarding to the backend (ntfy), so we just ignore it.
|
|
// If the Priority header is set to "u=*, i" or "u=*" (by cloudflare), the header will be ignored.
|
|
// And continue searching for another header (x-priority, prio, p) or in the Query parameters.
|
|
func cloudflarePriorityIgnore(value string) string {
|
|
if strings.HasPrefix(value, "u=") {
|
|
return ""
|
|
}
|
|
|
|
// The same but with regex
|
|
/* pattern := `^u=\d+\s*,\s*i|u=\d+$`
|
|
regex := regexp.MustCompile(pattern)
|
|
if regex.MatchString(value) {
|
|
return ""
|
|
} */
|
|
return value
|
|
}
|