This repository has been archived by the owner on Dec 27, 2022. It is now read-only.
/
hyper.js
381 lines (340 loc) · 10.9 KB
/
hyper.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
import { parseDriveUrl } from '../../lib/urls'
import { PassThrough, Transform } from 'stream'
import parseRange from 'range-parser'
import once from 'once'
import pump from 'pump'
import * as logLib from '../logger'
const logger = logLib.child({category: 'hyper', subcategory: 'hyper-scheme'})
import markdown from '../../lib/markdown'
import * as drives from '../hyper/drives'
import * as filesystem from '../filesystem/index'
import * as capabilities from '../hyper/capabilities'
import datServeResolvePath from '@beaker/dat-serve-resolve-path'
import errorPage from '../lib/error-page'
import * as mime from '../lib/mime'
import * as auditLog from '../dbs/audit-log'
const md = markdown({
allowHTML: true,
useHeadingIds: true,
useHeadingAnchors: false,
hrefMassager: undefined,
highlight: undefined
})
class WhackAMoleStream {
constructor (stream) {
this.onreadable = noop
this.ended = false
this.stream = stream
this.needsDeferredReadable = false
stream.on('end', () => {
this.ended = true
})
stream.on('readable', () => {
if (this.needsDeferredReadable) {
setImmediate(this.onreadable)
this.needsDeferredReadable = false
return
}
this.onreadable()
})
}
read (...args) {
const buf = this.stream.read(...args)
this.needsDeferredReadable = buf === null
return buf
}
on (name, fn) {
if (name === 'readable') {
this.onreadable = fn
return this.stream.on('readable', noop) // readable has sideeffects
}
return this.stream.on(name, fn)
}
destroy () {
this.stream.on('error', noop)
this.stream.destroy()
}
removeListener (name, fn) {
this.stream.removeListener(name, fn)
if (name === 'readable') {
this.onreadable = noop
this.stream.removeListener('readable', noop)
}
if (name === 'end' && !this.ended) {
this.destroy()
}
}
}
function noop () {}
// exported api
// =
export function register (protocol) {
protocol.registerStreamProtocol('hyper', protocolHandler)
}
export const protocolHandler = async function (request, respond) {
respond = once(respond)
const respondRedirect = (url) => {
respond({
statusCode: 200,
headers: {'Content-Type': 'text/html', 'Allow-CSP-From': '*'},
data: intoStream(`<!doctype html><meta http-equiv="refresh" content="0; url=${url}">`)
})
}
const respondError = (code, status, errorPageInfo) => {
if (errorPageInfo) {
errorPageInfo.validatedURL = request.url
errorPageInfo.errorCode = code
}
var accept = request.headers.Accept || ''
if (accept.includes('text/html')) {
respond({
statusCode: code,
headers: {
'Content-Type': 'text/html',
'Content-Security-Policy': "default-src 'unsafe-inline' beaker:;",
'Access-Control-Allow-Origin': '*',
'Allow-CSP-From': '*'
},
data: intoStream(errorPage(errorPageInfo || (code + ' ' + status)))
})
} else {
respond({statusCode: code})
}
}
var drive
var cspHeader = undefined
// validate request
var urlp = parseDriveUrl(request.url, true)
if (!urlp.host) {
return respondError(404, 'Drive Not Found', {
title: 'Site Not Found',
errorDescription: 'Invalid URL',
errorInfo: `${request.url} is an invalid hyper:// URL`
})
}
if (request.method !== 'GET' && request.method !== 'HEAD') {
return respondError(405, 'Method Not Supported')
}
// resolve the name
var driveKey
var driveVersion
if (urlp.host.endsWith('.cap')) {
let cap = capabilities.lookupCap(urlp.host)
if (!cap) {
return respondError(404, 'No record found for ' + urlp.host, {
errorDescription: 'Invalid capability record',
errorInfo: `No record found for hyper://${urlp.host}`
})
}
driveKey = cap.target.key
driveVersion = cap.target.version
} else {
try {
driveKey = await drives.fromURLToKey(urlp.host, true)
driveVersion = urlp.version
} catch (err) {
return respondError(404, 'No DNS record found for ' + urlp.host, {
errorDescription: 'No DNS record found',
errorInfo: `No DNS record found for hyper://${urlp.host}`
})
}
}
// protect the system drive
if (filesystem.isRootUrl(`hyper://${driveKey}/`)) {
// HACK
// electron's CORS protection doesnt seem to be working
// so we're going to handle all system-drive requests by redirecting
// to the files explorer
// -prf
return respondRedirect(`beaker://explorer/${urlp.host}${urlp.version ? ('+' + urlp.version) : ''}${urlp.pathname || ''}`)
}
auditLog.record('-browser', 'serve', {url: urlp.origin, path: urlp.pathname}, undefined, async () => {
try {
// start searching the network
drive = await drives.getOrLoadDrive(driveKey)
} catch (err) {
logger.warn(`Failed to open drive ${driveKey}`, {err})
return respondError(500, 'Failed')
}
// parse path
var filepath = decodeURIComponent(urlp.path)
if (!filepath) filepath = '/'
if (filepath.indexOf('?') !== -1) filepath = filepath.slice(0, filepath.indexOf('?')) // strip off any query params
var hasTrailingSlash = filepath.endsWith('/')
// checkout version if needed
try {
var {checkoutFS} = await drives.getDriveCheckout(drive, driveVersion)
} catch (err) {
logger.warn(`Failed to open drive checkout ${driveKey}`, {err})
return respondError(500, 'Failed')
}
// read the manifest (it's needed in a couple places)
var manifest
try { manifest = await checkoutFS.pda.readManifest() } catch (e) { manifest = null }
// check to see if we actually have data from the drive
var version = await checkoutFS.session.drive.version()
if (version === 0) {
return respondError(404, 'Hyperdrive not found', {
title: 'Hyperdrive Not Found',
errorDescription: 'No peers hosting this drive were found',
errorInfo: 'You may still be connecting to peers - try reloading the page.'
})
}
// read manifest CSP
if (manifest && manifest.csp && typeof manifest.csp === 'string') {
cspHeader = manifest.csp
}
// check for the presence of a frontend
var frontend = false
if (await checkoutFS.pda.stat('/.ui/ui.html').catch(e => false)) {
frontend = true
}
const serveFrontendHTML = async () => {
return respond({
statusCode: 200,
headers: {
'Content-Type': 'text/html',
'Access-Control-Allow-Origin': '*',
'Allow-CSP-From': '*',
'Content-Security-Policy': cspHeader
},
data: intoStream(await checkoutFS.pda.readFile('/.ui/ui.html')) // TODO use stream
})
}
// lookup entry
var statusCode = 200
var headers = {}
var entry = await datServeResolvePath(checkoutFS.pda, manifest, urlp, request.headers.Accept)
var canExecuteHTML = true
if (entry && !frontend) {
// dont execute HTML if in a mount and no frontend is running
let pathParts = entry.path.split('/').filter(Boolean)
pathParts.pop() // skip target, just need to check parent dirs
while (pathParts.length) {
let path = '/' + pathParts.join('/')
let stat = await checkoutFS.pda.stat(path).catch(e => undefined)
if (stat && stat.mount) {
canExecuteHTML = false
break
}
pathParts.pop()
}
}
// handle folder
if (entry && entry.isDirectory()) {
// make sure there's a trailing slash
if (!hasTrailingSlash) {
return respondRedirect(`hyper://${urlp.host}${urlp.version ? ('+' + urlp.version) : ''}${urlp.pathname || ''}/${urlp.search || ''}`)
}
// frontend
if (frontend) {
return serveFrontendHTML()
}
// directory listing
return respond({
statusCode: 200,
headers: {
'Content-Type': 'text/html',
'Access-Control-Allow-Origin': '*',
'Allow-CSP-From': '*',
'Cache-Control': 'no-cache',
'Content-Security-Policy': `default-src 'self' beaker:`
},
data: intoStream(`<!doctype html>
<html>
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="beaker://app-stdlib/css/fontawesome.css">
<script type="module" src="beaker://drive-view/index.js"></script>
</head>
</html>`)
})
}
// frontend
if (mime.acceptHeaderWantsHTML(request.headers.Accept) && frontend) {
return serveFrontendHTML()
}
// handle not found
if (!entry) {
// error page
return respondError(404, 'File Not Found', {
errorDescription: 'File Not Found',
errorInfo: `Beaker could not find the file ${urlp.path}`,
title: 'File Not Found'
})
}
// handle .goto redirects
if (entry.path.endsWith('.goto') && entry.metadata.href) {
try {
let u = new URL(entry.metadata.href) // make sure it's a valid url
return respondRedirect(entry.metadata.href)
} catch (e) {
// pass through
}
}
// handle range
headers['Accept-Ranges'] = 'bytes'
var length
var range = request.headers.Range || request.headers.range
if (range) range = parseRange(entry.size, range)
if (range && range.type === 'bytes') {
range = range[0] // only handle first range given
statusCode = 206
length = (range.end - range.start + 1)
headers['Content-Length'] = '' + length
headers['Content-Range'] = 'bytes ' + range.start + '-' + range.end + '/' + entry.size
} else {
if (entry.size) {
length = entry.size
headers['Content-Length'] = '' + length
}
}
Object.assign(headers, {
'Content-Security-Policy': cspHeader,
'Access-Control-Allow-Origin': '*',
'Allow-CSP-From': '*',
'Cache-Control': 'no-cache'
})
// markdown rendering
if (!range && entry.path.endsWith('.md') && mime.acceptHeaderWantsHTML(request.headers.Accept)) {
let content = await checkoutFS.pda.readFile(entry.path, 'utf8')
let contentType = canExecuteHTML ? 'text/html' : 'text/plain'
content = canExecuteHTML
? `<!doctype html>
<html>
<head>
<meta charset="utf8">
</head>
<body>
${md.render(content)}
</body>
</html>`
: content
return respond({
statusCode: 200,
headers: Object.assign(headers, {'Content-Type': contentType}),
data: intoStream(content)
})
}
var mimeType = mime.identify(entry.path)
if (!canExecuteHTML && mimeType.includes('text/html')) {
mimeType = 'text/plain'
}
headers['Content-Type'] = mimeType
if (request.method === 'HEAD') {
respond({statusCode: 204, headers, data: intoStream('')})
} else {
respond({
statusCode,
headers,
data: new WhackAMoleStream(checkoutFS.session.drive.createReadStream(entry.path, range))
})
}
})
}
function intoStream (text) {
const rv = new PassThrough()
rv.push(text)
rv.push(null)
return rv
}