Adding upstream version 9.0.0.upstream/9.0.0upstreamdebian

Signed-off-by: Daniel Baumann <daniel@debian.org>

1 files changed, 237 insertions, 0 deletions

diff --git a/modules/httplib/serve.go b/modules/httplib/serve.go
new file mode 100644
index 0000000..2e3e6a7
--- /dev/null
+++ b/modules/httplib/serve.go
@@ -0,0 +1,237 @@
+// Copyright 2023 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package httplib
+
+import (
+	"bytes"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"path"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"time"
+
+	charsetModule "code.gitea.io/gitea/modules/charset"
+	"code.gitea.io/gitea/modules/container"
+	"code.gitea.io/gitea/modules/httpcache"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/typesniffer"
+	"code.gitea.io/gitea/modules/util"
+
+	"github.com/klauspost/compress/gzhttp"
+)
+
+type ServeHeaderOptions struct {
+	ContentType        string // defaults to "application/octet-stream"
+	ContentTypeCharset string
+	ContentLength      *int64
+	Disposition        string // defaults to "attachment"
+	Filename           string
+	CacheDuration      time.Duration // defaults to 5 minutes
+	LastModified       time.Time
+}
+
+// ServeSetHeaders sets necessary content serve headers
+func ServeSetHeaders(w http.ResponseWriter, opts *ServeHeaderOptions) {
+	header := w.Header()
+
+	skipCompressionExts := container.SetOf(".gz", ".bz2", ".zip", ".xz", ".zst", ".deb", ".apk", ".jar", ".png", ".jpg", ".webp")
+	if skipCompressionExts.Contains(strings.ToLower(path.Ext(opts.Filename))) {
+		w.Header().Add(gzhttp.HeaderNoCompression, "1")
+	}
+
+	contentType := typesniffer.ApplicationOctetStream
+	if opts.ContentType != "" {
+		if opts.ContentTypeCharset != "" {
+			contentType = opts.ContentType + "; charset=" + strings.ToLower(opts.ContentTypeCharset)
+		} else {
+			contentType = opts.ContentType
+		}
+	}
+	header.Set("Content-Type", contentType)
+	header.Set("X-Content-Type-Options", "nosniff")
+
+	if opts.ContentLength != nil {
+		header.Set("Content-Length", strconv.FormatInt(*opts.ContentLength, 10))
+	}
+
+	if opts.Filename != "" {
+		disposition := opts.Disposition
+		if disposition == "" {
+			disposition = "attachment"
+		}
+
+		backslashEscapedName := strings.ReplaceAll(strings.ReplaceAll(opts.Filename, `\`, `\\`), `"`, `\"`) // \ -> \\, " -> \"
+		header.Set("Content-Disposition", fmt.Sprintf(`%s; filename="%s"; filename*=UTF-8''%s`, disposition, backslashEscapedName, url.PathEscape(opts.Filename)))
+		header.Set("Access-Control-Expose-Headers", "Content-Disposition")
+	}
+
+	duration := opts.CacheDuration
+	if duration == 0 {
+		duration = 5 * time.Minute
+	}
+	httpcache.SetCacheControlInHeader(header, duration)
+
+	if !opts.LastModified.IsZero() {
+		// http.TimeFormat required a UTC time, refer to https://pkg.go.dev/net/http#TimeFormat
+		header.Set("Last-Modified", opts.LastModified.UTC().Format(http.TimeFormat))
+	}
+}
+
+// ServeData download file from io.Reader
+func setServeHeadersByFile(r *http.Request, w http.ResponseWriter, filePath string, mineBuf []byte) {
+	// do not set "Content-Length", because the length could only be set by callers, and it needs to support range requests
+	opts := &ServeHeaderOptions{
+		Filename: path.Base(filePath),
+	}
+
+	sniffedType := typesniffer.DetectContentType(mineBuf)
+
+	// the "render" parameter came from year 2016: 638dd24c, it doesn't have clear meaning, so I think it could be removed later
+	isPlain := sniffedType.IsText() || r.FormValue("render") != ""
+
+	if setting.MimeTypeMap.Enabled {
+		fileExtension := strings.ToLower(filepath.Ext(filePath))
+		opts.ContentType = setting.MimeTypeMap.Map[fileExtension]
+	}
+
+	if opts.ContentType == "" {
+		if sniffedType.IsBrowsableBinaryType() {
+			opts.ContentType = sniffedType.GetMimeType()
+		} else if isPlain {
+			opts.ContentType = "text/plain"
+		} else {
+			opts.ContentType = typesniffer.ApplicationOctetStream
+		}
+	}
+
+	if isPlain {
+		charset, err := charsetModule.DetectEncoding(mineBuf)
+		if err != nil {
+			log.Error("Detect raw file %s charset failed: %v, using by default utf-8", filePath, err)
+			charset = "utf-8"
+		}
+		opts.ContentTypeCharset = strings.ToLower(charset)
+	}
+
+	isSVG := sniffedType.IsSvgImage()
+
+	// serve types that can present a security risk with CSP
+	if isSVG {
+		w.Header().Set("Content-Security-Policy", "default-src 'none'; style-src 'unsafe-inline'; sandbox")
+	} else if sniffedType.IsPDF() {
+		// no sandbox attribute for pdf as it breaks rendering in at least safari. this
+		// should generally be safe as scripts inside PDF can not escape the PDF document
+		// see https://bugs.chromium.org/p/chromium/issues/detail?id=413851 for more discussion
+		w.Header().Set("Content-Security-Policy", "default-src 'none'; style-src 'unsafe-inline'")
+	}
+
+	opts.Disposition = "inline"
+	if isSVG && !setting.UI.SVG.Enabled {
+		opts.Disposition = "attachment"
+	}
+
+	ServeSetHeaders(w, opts)
+}
+
+const mimeDetectionBufferLen = 1024
+
+func ServeContentByReader(r *http.Request, w http.ResponseWriter, filePath string, size int64, reader io.Reader) {
+	buf := make([]byte, mimeDetectionBufferLen)
+	n, err := util.ReadAtMost(reader, buf)
+	if err != nil {
+		http.Error(w, "serve content: unable to pre-read", http.StatusRequestedRangeNotSatisfiable)
+		return
+	}
+	if n >= 0 {
+		buf = buf[:n]
+	}
+	setServeHeadersByFile(r, w, filePath, buf)
+
+	// reset the reader to the beginning
+	reader = io.MultiReader(bytes.NewReader(buf), reader)
+
+	rangeHeader := r.Header.Get("Range")
+
+	// if no size or no supported range, serve as 200 (complete response)
+	if size <= 0 || !strings.HasPrefix(rangeHeader, "bytes=") {
+		if size >= 0 {
+			w.Header().Set("Content-Length", strconv.FormatInt(size, 10))
+		}
+		_, _ = io.Copy(w, reader) // just like http.ServeContent, not necessary to handle the error
+		return
+	}
+
+	// do our best to support the minimal "Range" request (no support for multiple range: "Range: bytes=0-50, 100-150")
+	//
+	// GET /...
+	// Range: bytes=0-1023
+	//
+	// HTTP/1.1 206 Partial Content
+	// Content-Range: bytes 0-1023/146515
+	// Content-Length: 1024
+
+	_, rangeParts, _ := strings.Cut(rangeHeader, "=")
+	rangeBytesStart, rangeBytesEnd, found := strings.Cut(rangeParts, "-")
+	start, err := strconv.ParseInt(rangeBytesStart, 10, 64)
+	if start < 0 || start >= size {
+		err = errors.New("invalid start range")
+	}
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusRequestedRangeNotSatisfiable)
+		return
+	}
+	end, err := strconv.ParseInt(rangeBytesEnd, 10, 64)
+	if rangeBytesEnd == "" && found {
+		err = nil
+		end = size - 1
+	}
+	if end >= size {
+		end = size - 1
+	}
+	if end < start {
+		err = errors.New("invalid end range")
+	}
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	partialLength := end - start + 1
+	w.Header().Set("Content-Range", fmt.Sprintf("bytes %d-%d/%d", start, end, size))
+	w.Header().Set("Content-Length", strconv.FormatInt(partialLength, 10))
+	if _, err = io.CopyN(io.Discard, reader, start); err != nil {
+		http.Error(w, "serve content: unable to skip", http.StatusInternalServerError)
+		return
+	}
+
+	w.WriteHeader(http.StatusPartialContent)
+	_, _ = io.CopyN(w, reader, partialLength) // just like http.ServeContent, not necessary to handle the error
+}
+
+func ServeContentByReadSeeker(r *http.Request, w http.ResponseWriter, filePath string, modTime *time.Time, reader io.ReadSeeker) {
+	buf := make([]byte, mimeDetectionBufferLen)
+	n, err := util.ReadAtMost(reader, buf)
+	if err != nil {
+		http.Error(w, "serve content: unable to read", http.StatusInternalServerError)
+		return
+	}
+	if _, err = reader.Seek(0, io.SeekStart); err != nil {
+		http.Error(w, "serve content: unable to seek", http.StatusInternalServerError)
+		return
+	}
+	if n >= 0 {
+		buf = buf[:n]
+	}
+	setServeHeadersByFile(r, w, filePath, buf)
+	if modTime == nil {
+		modTime = &time.Time{}
+	}
+	http.ServeContent(w, r, path.Base(filePath), *modTime, reader)
+}