http.scm
| 1 | ;;; SPDX-FileCopyrightText: 2021 Li Ian-Xue (b4283) <b4283@pm.me> |
| 2 | ;;; SPDX-FileCopyrightText: 2025 Evgeny Pisemsky <mail@pisemsky.site> |
| 3 | ;;; |
| 4 | ;;; SPDX-License-Identifier: GPL-3.0-only |
| 5 | |
| 6 | (define-module (pastebin http)) |
| 7 | |
| 8 | (use-modules (web request) |
| 9 | (web response) |
| 10 | (web uri) |
| 11 | (sxml simple) |
| 12 | (pastebin data) |
| 13 | (rnrs bytevectors) |
| 14 | (ice-9 textual-ports) |
| 15 | (ice-9 binary-ports) |
| 16 | (ice-9 regex) |
| 17 | (ice-9 match) |
| 18 | (srfi srfi-1)) |
| 19 | |
| 20 | (export make-pastebin-handler) |
| 21 | |
| 22 | (define (read-parts reqbody boundary) |
| 23 | (define b2 (string-append "(\r\n)?--" boundary)) |
| 24 | (let A ((start 0) (parts '())) |
| 25 | (let ((sm (string-match b2 reqbody start))) |
| 26 | (if sm |
| 27 | ;; +2 => CRLF |
| 28 | (A (+ 2 (match:end sm 0)) |
| 29 | (cons (substring reqbody start (match:start sm 0)) parts)) |
| 30 | (cdr (reverse parts)))))) |
| 31 | |
| 32 | (define (get-new-pin str pin) |
| 33 | (let ((crlfi (string-contains str "\r\n" pin))) |
| 34 | (if crlfi crlfi (string-length str)))) |
| 35 | |
| 36 | (define (parse-part partstr) |
| 37 | (let A ((headers '()) (pin 0)) |
| 38 | (let* ((newpin (get-new-pin partstr pin)) |
| 39 | (line (substring partstr pin newpin))) |
| 40 | (if (string-null? line) |
| 41 | (cons (reverse headers) (substring partstr (+ 2 newpin))) |
| 42 | (A (cons line headers) (+ 2 newpin)))))) |
| 43 | |
| 44 | (define (get-content-dispo-name-from-headers headers) |
| 45 | (let ((fl (find (lambda (line) (string-prefix-ci? "content-disposition: " line)) headers))) |
| 46 | (if fl |
| 47 | (let ((sm (string-match "name=(.*)" fl))) |
| 48 | (if sm (string-trim-both (match:substring sm 1) #\") "")) |
| 49 | ""))) |
| 50 | |
| 51 | (define (read-multipart-form-data reqbody boundary) |
| 52 | (define parts (read-parts reqbody boundary)) |
| 53 | (map |
| 54 | (lambda (part) |
| 55 | (let ((pp (parse-part part))) |
| 56 | (cons (get-content-dispo-name-from-headers (car pp)) (cdr pp)))) |
| 57 | parts)) |
| 58 | |
| 59 | (define (not-found) |
| 60 | (values (build-response #:code 404) |
| 61 | (lambda (port) 1))) |
| 62 | |
| 63 | (define (templatize title body css-url) |
| 64 | `(html (@ (lang "en")) |
| 65 | (head |
| 66 | (title ,title) |
| 67 | (meta (@ (charset "utf-8"))) |
| 68 | (meta (@ (name "viewport") (content "width=device-width, initial-scale=1.0"))) |
| 69 | ,(if css-url |
| 70 | `(link (@ (rel "stylesheet") (href ,css-url))) |
| 71 | '())) |
| 72 | (body ,@body))) |
| 73 | |
| 74 | (define (list-handler pb-data-path css-url) |
| 75 | (values (build-response |
| 76 | #:code 200 |
| 77 | #:headers '((content-type . (text/html)))) |
| 78 | (lambda (port) |
| 79 | (let* ((top5 (call-with-dir-as-pb-data |
| 80 | pb-data-path |
| 81 | (lambda (pb-data) |
| 82 | (pb-data-get-top pb-data 5)))) |
| 83 | (sxml (templatize |
| 84 | "Pastebin" |
| 85 | `((header (h1 "Pastebin")) |
| 86 | (main (section (h2 "Recent") |
| 87 | ,(map (lambda (entry) |
| 88 | `(article (h3 (a (@ (href ,(format #f "/raw/~a" (pb-entry-id entry))) |
| 89 | (target "_blank")) |
| 90 | ,(pb-entry-id entry))) |
| 91 | (pre ,(pb-entry-text entry)))) |
| 92 | top5)) |
| 93 | (section (h2 "New") |
| 94 | (form (@ (method "post") |
| 95 | (enctype "multipart/form-data") |
| 96 | (action "/post")) |
| 97 | (fieldset (div (label (@ (for "form-text")) |
| 98 | "Paste content")) |
| 99 | (div (textarea (@ (id "form-text") |
| 100 | (name "text")) "")) |
| 101 | (div (label (@ (for "form-showurl")) |
| 102 | (input (@ (type "checkbox") |
| 103 | (id "form-showurl") |
| 104 | (name "showUrl") |
| 105 | (value "1"))) |
| 106 | "Show raw URL after paste")) |
| 107 | (div (input (@ (type "submit") |
| 108 | (value "Submit")))))))) |
| 109 | (footer (p (a (@ (href "https://repo.pisemsky.site/guile-pastebin") |
| 110 | (target "_blank")) |
| 111 | "Source")))) |
| 112 | css-url))) |
| 113 | (display "<!DOCTYPE html>\n" port) |
| 114 | (sxml->xml sxml port))))) |
| 115 | |
| 116 | (define (post-handler request request-body pb-data-path) |
| 117 | (if (eq? (request-method request) 'POST) |
| 118 | (let* ((headers (request-headers request)) |
| 119 | (content-type-all (assq-ref headers 'content-type)) |
| 120 | (content-type (if content-type-all |
| 121 | (car content-type-all) |
| 122 | #f)) |
| 123 | (boundary (if (eq? content-type 'multipart/form-data) |
| 124 | (assq-ref (cdr content-type-all) 'boundary) |
| 125 | #f)) |
| 126 | (reqbody-string (utf8->string request-body)) |
| 127 | (form-data (if boundary |
| 128 | (read-multipart-form-data reqbody-string boundary) |
| 129 | #f)) |
| 130 | (new-pb-data (if form-data |
| 131 | (call-with-dir-as-pb-data |
| 132 | pb-data-path |
| 133 | (lambda (pb-data) |
| 134 | (pb-data-new-entry pb-data |
| 135 | (assoc-ref form-data "text")))) |
| 136 | #f))) |
| 137 | |
| 138 | ;; determine what to respond |
| 139 | (if (and new-pb-data |
| 140 | (assoc-ref form-data "showUrl")) |
| 141 | |
| 142 | ;; show url after paste |
| 143 | (values (build-response |
| 144 | #:code 200 |
| 145 | #:headers '((content-type . (text/plain)))) |
| 146 | (lambda (port) |
| 147 | (let* ((hostp (assq-ref headers 'host)) |
| 148 | (proto (assq-ref headers 'x-forwarded-proto))) |
| 149 | (put-string |
| 150 | port |
| 151 | (uri->string |
| 152 | (build-uri (if (equal? proto "https") 'https 'http) |
| 153 | #:host (car hostp) |
| 154 | #:port (cdr hostp) |
| 155 | #:path (format #f "/raw/~a\r\n" |
| 156 | (pb-entry-id new-pb-data)))))))) |
| 157 | |
| 158 | ;; respond with 303 See Other |
| 159 | (values (build-response |
| 160 | #:code 303 |
| 161 | #:headers `((location . ,(build-uri-reference #:path "/")))) |
| 162 | (lambda (port) 1)))) |
| 163 | |
| 164 | ;; INVALID request: access /post without HTTP POST |
| 165 | (values (build-response #:code 400) |
| 166 | (lambda (port) 1)))) |
| 167 | |
| 168 | (define (raw-handler pb-data-path pb-id) |
| 169 | (if (pb-entry-id-valid? pb-id) |
| 170 | (values (build-response |
| 171 | #:code 200 |
| 172 | #:headers '((content-type . (text/plain)))) |
| 173 | (lambda (port) |
| 174 | (call-with-input-file |
| 175 | ;; the file name |
| 176 | (call-with-dir-as-pb-data |
| 177 | pb-data-path |
| 178 | (lambda (p) (pb-get-file-path p pb-id))) |
| 179 | ;; the input port |
| 180 | (lambda (inport) |
| 181 | (let A ((inport' inport)) |
| 182 | (let ((bv (get-bytevector-n inport' 4096))) |
| 183 | (if (not (eof-object? bv)) |
| 184 | (begin |
| 185 | (put-bytevector port bv) |
| 186 | (A inport'))))))))) |
| 187 | (not-found))) |
| 188 | |
| 189 | (define* (make-pastebin-handler data-path #:key css-url) |
| 190 | (lambda (request request-body) |
| 191 | (match (split-and-decode-uri-path (uri-path (request-uri request))) |
| 192 | (() |
| 193 | (list-handler data-path css-url)) |
| 194 | (("post") |
| 195 | (post-handler request request-body data-path)) |
| 196 | (("raw" pb-id) |
| 197 | (raw-handler data-path pb-id)) |
| 198 | (_ |
| 199 | (not-found))))) |
| 200 |