alist/server/common/proxy.go

package common

import (
	"fmt"
	"io"
	"net/http"
	"net/url"
	"os"
	"strconv"
	"strings"
	"sync"

	"github.com/alist-org/alist/v3/drivers/base"
	"github.com/alist-org/alist/v3/internal/conf"
	"github.com/alist-org/alist/v3/internal/model"
	"github.com/alist-org/alist/v3/pkg/utils"
	"github.com/pkg/errors"
	log "github.com/sirupsen/logrus"
)

func HttpClient() *http.Client {
	once.Do(func() {
		httpClient = base.NewHttpClient()
		httpClient.CheckRedirect = func(req *http.Request, via []*http.Request) error {
			if len(via) >= 10 {
				return errors.New("stopped after 10 redirects")
			}
			req.Header.Del("Referer")
			return nil
		}
	})
	return httpClient
}

var once sync.Once
var httpClient *http.Client

func Proxy(w http.ResponseWriter, r *http.Request, link *model.Link, file model.Obj) error {
	// read data with native
	var err error
	if link.Data != nil {
		defer func() {
			_ = link.Data.Close()
		}()
		filename := file.GetName()
		w.Header().Set("Content-Type", "application/octet-stream")
		w.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, filename, url.PathEscape(filename)))
		w.Header().Set("Content-Length", strconv.FormatInt(file.GetSize(), 10))
		if link.Header != nil {
			// TODO clean header with blacklist or whitelist
			link.Header.Del("set-cookie")
			for h, val := range link.Header {
				w.Header()[h] = val
			}
		}
		if link.Status == 0 {
			w.WriteHeader(http.StatusOK)
		} else {
			w.WriteHeader(link.Status)
		}
		_, err = io.Copy(w, link.Data)
		if err != nil {
			return err
		}
		return nil
	}
	// local file
	if link.FilePath != nil && *link.FilePath != "" {
		f, err := os.Open(*link.FilePath)
		if err != nil {
			return err
		}
		defer func() {
			_ = f.Close()
		}()
		fileStat, err := os.Stat(*link.FilePath)
		if err != nil {
			return err
		}
		filename := file.GetName()
		w.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, filename, url.PathEscape(filename)))
		http.ServeContent(w, r, file.GetName(), fileStat.ModTime(), f)
		return nil
	} else if link.Writer != nil {
		if link.Header != nil {
			for h, v := range link.Header {
				w.Header()[h] = v
			}
		}
		if cd := w.Header().Get("Content-Disposition"); cd == "" {
			w.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, file.GetName(), url.PathEscape(file.GetName())))
		}
		if link.Status == 0 {
			w.WriteHeader(http.StatusOK)
		} else {
			w.WriteHeader(link.Status)
		}
		return link.Writer(w)
	} else {
		req, err := http.NewRequest(r.Method, link.URL, nil)
		if err != nil {
			return err
		}
		// client header
		for h, val := range r.Header {
			if utils.SliceContains(conf.SlicesMap[conf.ProxyIgnoreHeaders], strings.ToLower(h)) {
				continue
			}
			req.Header[h] = val
		}
		// needed header
		for h, val := range link.Header {
			req.Header[h] = val
		}
		res, err := HttpClient().Do(req)
		if err != nil {
			return err
		}
		defer func() {
			_ = res.Body.Close()
		}()
		log.Debugf("proxy status: %d", res.StatusCode)
		// TODO clean header with blacklist or whitelist
		res.Header.Del("set-cookie")
		for h, v := range res.Header {
			w.Header()[h] = v
		}
		w.WriteHeader(res.StatusCode)
		if res.StatusCode >= 400 {
			all, _ := io.ReadAll(res.Body)
			msg := string(all)
			log.Debugln(msg)
			return errors.New(msg)
		}
		_, err = io.Copy(w, res.Body)
		if err != nil {
			return err
		}
		return nil
	}
}
feat: file down handle 2022-06-28 10:00:11 +00:00			`package common`

			`import (`
			`"fmt"`
			`"io"`
			`"net/http"`
			`"net/url"`
			`"os"`
			`"strconv"`
			`"strings"`
fix: make `TlsInsecureSkipVerify` enable for all request (#4386) 2023-05-14 09:05:47 +00:00			`"sync"`
chore: go fmt 2022-08-03 06:26:59 +00:00
fix: make `TlsInsecureSkipVerify` enable for all request (#4386) 2023-05-14 09:05:47 +00:00			`"github.com/alist-org/alist/v3/drivers/base"`
feat: customize proxy ignore headers (close #2763 pr #2766) * clean referer when use proxy * feat: customize proxy ignore headers Co-authored-by: Noah Hsu <i@nn.ci> 2022-12-20 08:08:32 +00:00			`"github.com/alist-org/alist/v3/internal/conf"`
chore: go fmt 2022-08-03 06:26:59 +00:00			`"github.com/alist-org/alist/v3/internal/model"`
feat: customize proxy ignore headers (close #2763 pr #2766) * clean referer when use proxy * feat: customize proxy ignore headers Co-authored-by: Noah Hsu <i@nn.ci> 2022-12-20 08:08:32 +00:00			`"github.com/alist-org/alist/v3/pkg/utils"`
chore: go fmt 2022-08-03 06:26:59 +00:00			`"github.com/pkg/errors"`
			`log "github.com/sirupsen/logrus"`
feat: file down handle 2022-06-28 10:00:11 +00:00			`)`

fix: make `TlsInsecureSkipVerify` enable for all request (#4386) 2023-05-14 09:05:47 +00:00			`func HttpClient() *http.Client {`
			`once.Do(func() {`
			`httpClient = base.NewHttpClient()`
			`httpClient.CheckRedirect = func(req http.Request, via []http.Request) error {`
			`if len(via) >= 10 {`
			`return errors.New("stopped after 10 redirects")`
			`}`
			`req.Header.Del("Referer")`
			`return nil`
fix(proxy): ignore `Referer` if got redirect (close #3996) 2023-03-31 12:29:55 +00:00			`}`
fix: make `TlsInsecureSkipVerify` enable for all request (#4386) 2023-05-14 09:05:47 +00:00			`})`
			`return httpClient`
fix(proxy): ignore `Referer` if got redirect (close #3996) 2023-03-31 12:29:55 +00:00			`}`
feat: file down handle 2022-06-28 10:00:11 +00:00
fix: make `TlsInsecureSkipVerify` enable for all request (#4386) 2023-05-14 09:05:47 +00:00			`var once sync.Once`
			`var httpClient *http.Client`

feat: file down handle 2022-06-28 10:00:11 +00:00			`func Proxy(w http.ResponseWriter, r http.Request, link model.Link, file model.Obj) error {`
			`// read data with native`
			`var err error`
			`if link.Data != nil {`
			`defer func() {`
			`_ = link.Data.Close()`
			`}()`
fix: spaces in filename will be replaced with plus sign (#3841) Co-authored-by: XZB <i@1248.ink> 2023-03-14 04:27:42 +00:00			`filename := file.GetName()`
feat: file down handle 2022-06-28 10:00:11 +00:00			`w.Header().Set("Content-Type", "application/octet-stream")`
fix: spaces in filename will be replaced with plus sign (#3841) Co-authored-by: XZB <i@1248.ink> 2023-03-14 04:27:42 +00:00			w.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, filename, url.PathEscape(filename)))
feat: file down handle 2022-06-28 10:00:11 +00:00			`w.Header().Set("Content-Length", strconv.FormatInt(file.GetSize(), 10))`
			`if link.Header != nil {`
feat(webdav): delete privacy header and optimize 302 (#2534) * fix: delete set-cookie from sharepoint webdav response header * fix: avoid two redirects when using webdav * fix: return the correct Content-Type instead of just `application/octet-stream` * feat: webdav backend localOnly -> proxyOnly 2022-11-30 12:52:33 +00:00			`// TODO clean header with blacklist or whitelist`
			`link.Header.Del("set-cookie")`
feat: file down handle 2022-06-28 10:00:11 +00:00			`for h, val := range link.Header {`
			`w.Header()[h] = val`
			`}`
			`}`
			`if link.Status == 0 {`
			`w.WriteHeader(http.StatusOK)`
			`} else {`
			`w.WriteHeader(link.Status)`
			`}`
			`_, err = io.Copy(w, link.Data)`
			`if err != nil {`
			`return err`
			`}`
			`return nil`
			`}`
			`// local file`
			`if link.FilePath != nil && *link.FilePath != "" {`
			`f, err := os.Open(*link.FilePath)`
			`if err != nil {`
			`return err`
			`}`
			`defer func() {`
			`_ = f.Close()`
			`}()`
			`fileStat, err := os.Stat(*link.FilePath)`
			`if err != nil {`
			`return err`
			`}`
fix(local): filename with whitespace issue (#3928) * fix(local): filename whitespace problem * fix(deps): remove deprecated package io/ioutil --------- Co-authored-by: XZB <i@1248.ink> 2023-03-23 07:18:37 +00:00			`filename := file.GetName()`
			w.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, filename, url.PathEscape(filename)))
feat: file down handle 2022-06-28 10:00:11 +00:00			`http.ServeContent(w, r, file.GetName(), fileStat.ModTime(), f)`
			`return nil`
fix(copy): copy from driver that return `writer` (close #4291) 2023-05-26 13:54:57 +00:00			`} else if link.Writer != nil {`
			`if link.Header != nil {`
			`for h, v := range link.Header {`
			`w.Header()[h] = v`
			`}`
			`}`
			`if cd := w.Header().Get("Content-Disposition"); cd == "" {`
			w.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, file.GetName(), url.PathEscape(file.GetName())))
			`}`
			`if link.Status == 0 {`
			`w.WriteHeader(http.StatusOK)`
			`} else {`
			`w.WriteHeader(link.Status)`
			`}`
			`return link.Writer(w)`
feat: file down handle 2022-06-28 10:00:11 +00:00			`} else {`
			`req, err := http.NewRequest(r.Method, link.URL, nil)`
			`if err != nil {`
			`return err`
			`}`
feat(quark): add preset range header (close #4166) 2023-04-16 11:26:03 +00:00			`// client header`
feat: file down handle 2022-06-28 10:00:11 +00:00			`for h, val := range r.Header {`
feat: customize proxy ignore headers (close #2763 pr #2766) * clean referer when use proxy * feat: customize proxy ignore headers Co-authored-by: Noah Hsu <i@nn.ci> 2022-12-20 08:08:32 +00:00			`if utils.SliceContains(conf.SlicesMap[conf.ProxyIgnoreHeaders], strings.ToLower(h)) {`
feat: file down handle 2022-06-28 10:00:11 +00:00			`continue`
			`}`
			`req.Header[h] = val`
			`}`
feat(quark): add preset range header (close #4166) 2023-04-16 11:26:03 +00:00			`// needed header`
feat: file down handle 2022-06-28 10:00:11 +00:00			`for h, val := range link.Header {`
			`req.Header[h] = val`
			`}`
fix: make `TlsInsecureSkipVerify` enable for all request (#4386) 2023-05-14 09:05:47 +00:00			`res, err := HttpClient().Do(req)`
feat: file down handle 2022-06-28 10:00:11 +00:00			`if err != nil {`
			`return err`
			`}`
			`defer func() {`
			`_ = res.Body.Close()`
			`}()`
			`log.Debugf("proxy status: %d", res.StatusCode)`
feat(webdav): delete privacy header and optimize 302 (#2534) * fix: delete set-cookie from sharepoint webdav response header * fix: avoid two redirects when using webdav * fix: return the correct Content-Type instead of just `application/octet-stream` * feat: webdav backend localOnly -> proxyOnly 2022-11-30 12:52:33 +00:00			`// TODO clean header with blacklist or whitelist`
			`res.Header.Del("set-cookie")`
feat: file down handle 2022-06-28 10:00:11 +00:00			`for h, v := range res.Header {`
			`w.Header()[h] = v`
			`}`
			`w.WriteHeader(res.StatusCode)`
			`if res.StatusCode >= 400 {`
fix(local): filename with whitespace issue (#3928) * fix(local): filename whitespace problem * fix(deps): remove deprecated package io/ioutil --------- Co-authored-by: XZB <i@1248.ink> 2023-03-23 07:18:37 +00:00			`all, _ := io.ReadAll(res.Body)`
feat: file down handle 2022-06-28 10:00:11 +00:00			`msg := string(all)`
			`log.Debugln(msg)`
			`return errors.New(msg)`
			`}`
			`_, err = io.Copy(w, res.Body)`
			`if err != nil {`
			`return err`
			`}`
			`return nil`
			`}`
			`}`