diff --git a/documentation/manuals/server.1.man b/documentation/manuals/server.1.man index d5d7782..a0cf2d9 100644 --- a/documentation/manuals/server.1.man +++ b/documentation/manuals/server.1.man @@ -74,6 +74,8 @@ kawipiko -- blazingly fast static HTTP server \- kawipiko-server \-\-index\-data\-meta \-\-index\-data\-content +\-\-hosts\-disable (ignore \(gaHost\(ga header) + \-\-security\-headers\-tls \-\-security\-headers\-disable @@ -208,6 +210,13 @@ it is recommended to use either \fB\-\-archive\-mmap\fP or \fB\-\-archive\-inme .UNINDENT .UNINDENT .sp +\fB\-\-hosts\-disable\fP +.INDENT 0.0 +.INDENT 3.5 +Disables the virtual\-hosts feature by ignoring the \fIHost\fP header. +.UNINDENT +.UNINDENT +.sp \fB\-\-security\-headers\-tls\fP .INDENT 0.0 .INDENT 3.5 diff --git a/documentation/manuals/server.rst b/documentation/manuals/server.rst index ab885d1..6ed9488 100644 --- a/documentation/manuals/server.rst +++ b/documentation/manuals/server.rst @@ -45,6 +45,8 @@ kawipiko -- blazingly fast static HTTP server --index-data-meta --index-data-content + --hosts-disable (ignore `Host` header) + --security-headers-tls --security-headers-disable @@ -144,6 +146,10 @@ Flags * it is recommended to use either ``--archive-mmap`` or ``--archive-inmem``, else (especially if data is indexed) the resulting effect is that of loading everything in RAM; +``--hosts-disable`` + + Disables the virtual-hosts feature by ignoring the `Host` header. + ``--security-headers-tls`` Enables adding the following TLS related headers to the response: :: diff --git a/documentation/manuals/server.txt b/documentation/manuals/server.txt index 4212cce..cca989c 100644 --- a/documentation/manuals/server.txt +++ b/documentation/manuals/server.txt @@ -36,6 +36,8 @@ NAME --index-data-meta --index-data-content + --hosts-disable (ignore `Host` header) + --security-headers-tls --security-headers-disable @@ -175,6 +177,9 @@ FLAGS --archive-inmem, else (especially if data is indexed) the resulting effect is that of loading everything in RAM; + --hosts-disable + Disables the virtual-hosts feature by ignoring the Host header. + --security-headers-tls Enables adding the following TLS related headers to the response: diff --git a/sources/cmd/server/manual.txt b/sources/cmd/server/manual.txt index 4212cce..cca989c 100644 --- a/sources/cmd/server/manual.txt +++ b/sources/cmd/server/manual.txt @@ -36,6 +36,8 @@ NAME --index-data-meta --index-data-content + --hosts-disable (ignore `Host` header) + --security-headers-tls --security-headers-disable @@ -175,6 +177,9 @@ FLAGS --archive-inmem, else (especially if data is indexed) the resulting effect is that of loading everything in RAM; + --hosts-disable + Disables the virtual-hosts feature by ignoring the Host header. + --security-headers-tls Enables adding the following TLS related headers to the response: diff --git a/sources/cmd/server/server.go b/sources/cmd/server/server.go index ae4ab22..b74d4f4 100644 --- a/sources/cmd/server/server.go +++ b/sources/cmd/server/server.go @@ -52,6 +52,7 @@ type server struct { cachedReferences map[string][2]uint64 cachedDataMeta map[uint64][]byte cachedDataContent map[uint64][]byte + hostsDisabled bool securityHeadersEnabled bool securityHeadersTls bool http1Disabled bool @@ -89,6 +90,7 @@ func (_server *server) ServeUnwrapped (_context *fasthttp.RequestCtx) () { _responseHeaders := (*fasthttp.ResponseHeader) (NoEscape (unsafe.Pointer (&_response.Header))) _requestMethod := _requestHeaders.Method () + _requestHost := _requestHeaders.Host () _requestUri := _requestHeaders.RequestURI () _requestUriString_0 := BytesToString (_requestUri) _requestUriString := NoEscapeString (&_requestUriString_0) @@ -168,50 +170,70 @@ func (_server *server) ServeUnwrapped (_context *fasthttp.RequestCtx) () { } if !_referencesFound { - for _namespaceAndPathSuffixIndex := range _namespaceAndPathSuffixes { - _namespaceAndPathSuffix := _namespaceAndPathSuffixes[_namespaceAndPathSuffixIndex] - _namespace := _namespaceAndPathSuffix[0] - _pathSuffix := _namespaceAndPathSuffix[1] + + for _hostIdx := 0; _hostIdx < 2; _hostIdx += 1 { - if !_pathIsRoot && !_pathHasSlash { - // NOP - } else if _pathSuffix == "" { - // NOP - } else if (_pathSuffix[0] == '/') && (_pathIsRoot || _pathHasSlash) { - _pathSuffix = _pathSuffix[1:] + if (_hostIdx == 0) && (_server.hostsDisabled) { + continue } - if _server.cachedReferences != nil { - _key := _keyBufferLarge[:0] - _key = append (_key, KeyNamespacePrefix (_namespace), ':') - _key = append (_key, _path ...) - _key = append (_key, _pathSuffix ...) - _referencesValues, _referencesFound = _server.cachedReferences[BytesToString (*NoEscapeBytes (&_key))] - } else { - _key := _keyBufferLarge[:0] - _key = append (_key, KeyNamespacePrefix (_namespace), ':') - _key = append (_key, _path ...) - _key = append (_key, _pathSuffix ...) - if _value, _error := _server.cdbReader.GetWithCdbHash (_key); _error == nil { - _referencesBuffer = _value - _referencesFound = _value != nil + for _namespaceAndPathSuffixIndex := range _namespaceAndPathSuffixes { + _namespaceAndPathSuffix := _namespaceAndPathSuffixes[_namespaceAndPathSuffixIndex] + _namespace := _namespaceAndPathSuffix[0] + _pathSuffix := _namespaceAndPathSuffix[1] + + if !_pathIsRoot && !_pathHasSlash { + // NOP + } else if _pathSuffix == "" { + // NOP + } else if (_pathSuffix[0] == '/') && (_pathIsRoot || _pathHasSlash) { + _pathSuffix = _pathSuffix[1:] + } + + if _server.cachedReferences != nil { + _key := _keyBufferLarge[:0] + _key = append (_key, KeyNamespacePrefix (_namespace), ':') + if _hostIdx == 0 { + _key = append (_key, "://" ...) + _key = append (_key, _requestHost ...) + } + _key = append (_key, _path ...) + _key = append (_key, _pathSuffix ...) + _referencesValues, _referencesFound = _server.cachedReferences[BytesToString (*NoEscapeBytes (&_key))] } else { - _server.ServeError (_context, http.StatusInternalServerError, _error, false) - return + _key := _keyBufferLarge[:0] + _key = append (_key, KeyNamespacePrefix (_namespace), ':') + if _hostIdx == 0 { + _key = append (_key, "://" ...) + _key = append (_key, _requestHost ...) + } + _key = append (_key, _path ...) + _key = append (_key, _pathSuffix ...) + if _value, _error := _server.cdbReader.GetWithCdbHash (_key); _error == nil { + _referencesBuffer = _value + _referencesFound = _value != nil + } else { + _server.ServeError (_context, http.StatusInternalServerError, _error, false) + return + } + } + + if _referencesFound { + if _pathSuffix == "/*" { + _pathSuffix = "/" + } else if _pathSuffix == "*" { + _pathSuffix = "" + } + if _pathSuffix != "" { + _path = append (_path, _pathSuffix ...) + _server.ServeRedirect (_context, http.StatusTemporaryRedirect, _path, true) + return + } + break } } if _referencesFound { - if _pathSuffix == "/*" { - _pathSuffix = "/" - } else if _pathSuffix == "*" { - _pathSuffix = "" - } - if _pathSuffix != "" { - _path = append (_path, _pathSuffix ...) - _server.ServeRedirect (_context, http.StatusTemporaryRedirect, _path, true) - return - } break } } @@ -225,30 +247,50 @@ func (_server *server) ServeUnwrapped (_context *fasthttp.RequestCtx) () { } if !_referencesFound { - for - _pathLimit := bytes.LastIndexByte (_path, '/'); - _pathLimit >= 0; - _pathLimit = bytes.LastIndexByte (_path[: _pathLimit], '/') { + + for _hostIdx := 0; _hostIdx < 2; _hostIdx += 1 { - for _, _namespace := range []string { NamespaceFilesContent, NamespaceRedirectsContent } { + if (_hostIdx == 0) && (_server.hostsDisabled) { + continue + } + + for + _pathLimit := bytes.LastIndexByte (_path, '/'); + _pathLimit >= 0; + _pathLimit = bytes.LastIndexByte (_path[: _pathLimit], '/') { - if _server.cachedReferences != nil { - _key := _keyBufferLarge[:0] - _key = append (_key, KeyNamespacePrefix (_namespace), ':') - _key = append (_key, _path[: _pathLimit] ...) - _key = append (_key, "/*" ...) - _referencesValues, _referencesFound = _server.cachedReferences[BytesToString (*NoEscapeBytes (&_key))] - } else { - _key := _keyBufferLarge[:0] - _key = append (_key, KeyNamespacePrefix (_namespace), ':') - _key = append (_key, _path[: _pathLimit] ...) - _key = append (_key, "/*" ...) - if _value, _error := _server.cdbReader.GetWithCdbHash (_key); _error == nil { - _referencesBuffer = _value - _referencesFound = _value != nil + for _, _namespace := range []string { NamespaceFilesContent, NamespaceRedirectsContent } { + + if _server.cachedReferences != nil { + _key := _keyBufferLarge[:0] + _key = append (_key, KeyNamespacePrefix (_namespace), ':') + if _hostIdx == 0 { + _key = append (_key, "://" ...) + _key = append (_key, _requestHost ...) + } + _key = append (_key, _path[: _pathLimit] ...) + _key = append (_key, "/*" ...) + _referencesValues, _referencesFound = _server.cachedReferences[BytesToString (*NoEscapeBytes (&_key))] } else { - _server.ServeError (_context, http.StatusInternalServerError, _error, false) - return + _key := _keyBufferLarge[:0] + _key = append (_key, KeyNamespacePrefix (_namespace), ':') + if _hostIdx == 0 { + _key = append (_key, "://" ...) + _key = append (_key, _requestHost ...) + } + _key = append (_key, _path[: _pathLimit] ...) + _key = append (_key, "/*" ...) + if _value, _error := _server.cdbReader.GetWithCdbHash (_key); _error == nil { + _referencesBuffer = _value + _referencesFound = _value != nil + } else { + _server.ServeError (_context, http.StatusInternalServerError, _error, false) + return + } + } + + if _referencesFound { + break } } @@ -689,6 +731,7 @@ func main_0 () (error) { var _indexPaths bool var _indexDataMeta bool var _indexDataContent bool + var _hostsDisabled bool var _securityHeadersEnabled bool var _securityHeadersTls bool var _timeoutDisabled bool @@ -733,6 +776,7 @@ func main_0 () (error) { _indexDataMeta_0 := _flags.Bool ("index-data-meta", false, "") _indexDataContent_0 := _flags.Bool ("index-data-content", false, "") _timeoutDisabled_0 := _flags.Bool ("timeout-disable", false, "") + _hostsDisabled_0 := _flags.Bool ("hosts-disable", false, "") _securityHeadersTls_0 := _flags.Bool ("security-headers-tls", false, "") _securityHeadersDisabled_0 := _flags.Bool ("security-headers-disable", false, "") _tlsPrivate_0 := _flags.String ("tls-private", "", "") @@ -771,6 +815,7 @@ func main_0 () (error) { _indexPaths = _indexAll || *_indexPaths_0 _indexDataMeta = _indexAll || *_indexDataMeta_0 _indexDataContent = _indexAll || *_indexDataContent_0 + _hostsDisabled = *_hostsDisabled_0 _securityHeadersTls = *_securityHeadersTls_0 _securityHeadersEnabled = ! *_securityHeadersDisabled_0 _timeoutDisabled = *_timeoutDisabled_0 @@ -997,6 +1042,9 @@ func main_0 () (error) { if _indexDataContent { _processArguments = append (_processArguments, "--index-data-content") } + if _hostsDisabled { + _processArguments = append (_processArguments, "--hosts-disabled") + } if _securityHeadersTls { _processArguments = append (_processArguments, "--security-headers-tls") } @@ -1476,6 +1524,7 @@ func main_0 () (error) { cachedReferences : _cachedReferences, cachedDataMeta : _cachedDataMeta, cachedDataContent : _cachedDataContent, + hostsDisabled : _hostsDisabled, securityHeadersTls : _securityHeadersTls, securityHeadersEnabled : _securityHeadersEnabled, http1Disabled : _http1Disabled, diff --git a/sources/cmd/server/usage.txt b/sources/cmd/server/usage.txt index 0107e86..a69c6a5 100644 --- a/sources/cmd/server/usage.txt +++ b/sources/cmd/server/usage.txt @@ -30,6 +30,8 @@ --index-data-meta --index-data-content + --hosts-disable (ignore `Host` header) + --security-headers-tls --security-headers-disable