ntfy/server/util.go

package server

import (
	"context"
	"errors"
	"fmt"
	"heckel.io/ntfy/v2/util"
	"io"
	"mime"
	"net/http"
	"net/netip"
	"regexp"
	"strings"
)

var (
	mimeDecoder               mime.WordDecoder
	priorityHeaderIgnoreRegex = regexp.MustCompile(`^u=\d,\s*(i|\d)$|^u=\d$`)
)

func readBoolParam(r *http.Request, defaultValue bool, names ...string) bool {
	value := strings.ToLower(readParam(r, names...))
	if value == "" {
		return defaultValue
	}
	return toBool(value)
}

func isBoolValue(value string) bool {
	return value == "1" || value == "yes" || value == "true" || value == "0" || value == "no" || value == "false"
}

func toBool(value string) bool {
	return value == "1" || value == "yes" || value == "true"
}

func readCommaSeparatedParam(r *http.Request, names ...string) (params []string) {
	paramStr := readParam(r, names...)
	if paramStr != "" {
		params = make([]string, 0)
		for _, s := range util.SplitNoEmpty(paramStr, ",") {
			params = append(params, strings.TrimSpace(s))
		}
	}
	return params
}

func readParam(r *http.Request, names ...string) string {
	value := readHeaderParam(r, names...)
	if value != "" {
		return value
	}
	return readQueryParam(r, names...)
}

func readHeaderParam(r *http.Request, names ...string) string {
	for _, name := range names {
		value := strings.TrimSpace(maybeDecodeHeader(name, r.Header.Get(name)))
		if value != "" {
			return value
		}
	}
	return ""
}

func readQueryParam(r *http.Request, names ...string) string {
	for _, name := range names {
		value := r.URL.Query().Get(strings.ToLower(name))
		if value != "" {
			return strings.TrimSpace(value)
		}
	}
	return ""
}

func extractIPAddress(r *http.Request, behindProxy bool) netip.Addr {
	remoteAddr := r.RemoteAddr
	addrPort, err := netip.ParseAddrPort(remoteAddr)
	ip := addrPort.Addr()
	if err != nil {
		// This should not happen in real life; only in tests. So, using falling back to 0.0.0.0 if address unspecified
		ip, err = netip.ParseAddr(remoteAddr)
		if err != nil {
			ip = netip.IPv4Unspecified()
			if remoteAddr != "@" || !behindProxy { // RemoteAddr is @ when unix socket is used
				logr(r).Err(err).Warn("unable to parse IP (%s), new visitor with unspecified IP (0.0.0.0) created", remoteAddr)
			}
		}
	}
	if behindProxy && strings.TrimSpace(r.Header.Get("X-Forwarded-For")) != "" {
		// X-Forwarded-For can contain multiple addresses (see #328). If we are behind a proxy,
		// only the right-most address can be trusted (as this is the one added by our proxy server).
		// See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For for details.
		ips := util.SplitNoEmpty(r.Header.Get("X-Forwarded-For"), ",")
		realIP, err := netip.ParseAddr(strings.TrimSpace(util.LastString(ips, remoteAddr)))
		if err != nil {
			logr(r).Err(err).Error("invalid IP address %s received in X-Forwarded-For header", ip)
			// Fall back to regular remote address if X-Forwarded-For is damaged
		} else {
			ip = realIP
		}
	}
	return ip
}

func readJSONWithLimit[T any](r io.ReadCloser, limit int, allowEmpty bool) (*T, error) {
	obj, err := util.UnmarshalJSONWithLimit[T](r, limit, allowEmpty)
	if errors.Is(err, util.ErrUnmarshalJSON) {
		return nil, errHTTPBadRequestJSONInvalid
	} else if errors.Is(err, util.ErrTooLargeJSON) {
		return nil, errHTTPEntityTooLargeJSONBody
	} else if err != nil {
		return nil, err
	}
	return obj, nil
}

func withContext(r *http.Request, ctx map[contextKey]any) *http.Request {
	c := r.Context()
	for k, v := range ctx {
		c = context.WithValue(c, k, v)
	}
	return r.WithContext(c)
}

func fromContext[T any](r *http.Request, key contextKey) (T, error) {
	t, ok := r.Context().Value(key).(T)
	if !ok {
		return t, fmt.Errorf("cannot find key %v in request context", key)
	}
	return t, nil
}

// maybeDecodeHeader decodes the given header value if it is MIME encoded, e.g. "=?utf-8?q?Hello_World?=",
// or returns the original header value if it is not MIME encoded. It also calls maybeIgnoreSpecialHeader
// to ignore new HTTP "Priority" header.
func maybeDecodeHeader(name, value string) string {
	decoded, err := mimeDecoder.DecodeHeader(value)
	if err != nil {
		return maybeIgnoreSpecialHeader(name, value)
	}
	return maybeIgnoreSpecialHeader(name, decoded)
}

// maybeIgnoreSpecialHeader ignores new HTTP "Priority" header (see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-priority)
//
// Cloudflare (and potentially other providers) add this to requests when forwarding to the backend (ntfy),
// so we just ignore it. If the "Priority" header is set to "u=*, i" or "u=*" (by Cloudflare), the header will be ignored.
// Returning an empty string will allow the rest of the logic to continue searching for another header (x-priority, prio, p),
// or in the Query parameters.
func maybeIgnoreSpecialHeader(name, value string) string {
	if strings.ToLower(name) == "priority" && priorityHeaderIgnoreRegex.MatchString(strings.TrimSpace(value)) {
		return ""
	}
	return value
}
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`package server`

			`import (`
Polish a little 2023-02-23 04:26:43 +01:00			`"context"`
Simplify(?) templating cases 2024-03-21 02:33:54 +01:00			`"errors"`
Polishing 2023-02-24 02:46:53 +01:00			`"fmt"`
Change mod path 2023-11-17 02:54:58 +01:00			`"heckel.io/ntfy/v2/util"`
Tests 2022-12-29 15:57:42 +01:00			`"io"`
UTF-8 headers 2023-04-22 00:45:27 +02:00			`"mime"`
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`"net/http"`
stuff 2022-12-22 03:55:39 +01:00			`"net/netip"`
Fix cloudflarePriorityIgnore - Now, only if the header being processed is the "priority" header, the cloudflarePriorityIgnore function is called, solving problems with that header injected by CF - we make the check with regex now. 2023-09-04 02:55:57 +02:00			`"regexp"`
Refine logic 2023-09-24 23:59:23 +02:00			`"strings"`
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`)`

Refine logic 2023-09-24 23:59:23 +02:00			`var (`
			`mimeDecoder mime.WordDecoder`
			priorityHeaderIgnoreRegex = regexp.MustCompile(`^u=\d,\s*(i\|\d)$\|^u=\d$`)
			`)`
UTF-8 headers 2023-04-22 00:45:27 +02:00
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`func readBoolParam(r *http.Request, defaultValue bool, names ...string) bool {`
			`value := strings.ToLower(readParam(r, names...))`
			`if value == "" {`
			`return defaultValue`
			`}`
WIP twilio 2023-05-13 18:26:14 +02:00			`return toBool(value)`
			`}`

			`func isBoolValue(value string) bool {`
			`return value == "1" \|\| value == "yes" \|\| value == "true" \|\| value == "0" \|\| value == "no" \|\| value == "false"`
			`}`

			`func toBool(value string) bool {`
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`return value == "1" \|\| value == "yes" \|\| value == "true"`
			`}`

Working test 2023-02-23 03:33:18 +01:00			`func readCommaSeparatedParam(r *http.Request, names ...string) (params []string) {`
rate limiting impl 2.0? 2023-02-22 03:04:56 +01:00			`paramStr := readParam(r, names...)`
			`if paramStr != "" {`
			`params = make([]string, 0)`
			`for _, s := range util.SplitNoEmpty(paramStr, ",") {`
			`params = append(params, strings.TrimSpace(s))`
			`}`
			`}`
			`return params`
			`}`

Combine things, move stuff 2022-01-16 05:17:46 +01:00			`func readParam(r *http.Request, names ...string) string {`
Fully support auth in Web UI; persist users in localStorage (for now); add ugly ?auth=... param 2022-02-26 05:25:04 +01:00			`value := readHeaderParam(r, names...)`
			`if value != "" {`
			`return value`
			`}`
			`return readQueryParam(r, names...)`
			`}`

			`func readHeaderParam(r *http.Request, names ...string) string {`
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`for _, name := range names {`
Refine logic 2023-09-24 23:59:23 +02:00			`value := strings.TrimSpace(maybeDecodeHeader(name, r.Header.Get(name)))`
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`if value != "" {`
Refine logic 2023-09-24 23:59:23 +02:00			`return value`
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`}`
			`}`
Fully support auth in Web UI; persist users in localStorage (for now); add ugly ?auth=... param 2022-02-26 05:25:04 +01:00			`return ""`
			`}`

			`func readQueryParam(r *http.Request, names ...string) string {`
Combine things, move stuff 2022-01-16 05:17:46 +01:00			`for _, name := range names {`
			`value := r.URL.Query().Get(strings.ToLower(name))`
			`if value != "" {`
			`return strings.TrimSpace(value)`
			`}`
			`}`
			`return ""`
			`}`
So much logging 2022-06-02 05:24:44 +02:00
stuff 2022-12-22 03:55:39 +01:00			`func extractIPAddress(r *http.Request, behindProxy bool) netip.Addr {`
			`remoteAddr := r.RemoteAddr`
			`addrPort, err := netip.ParseAddrPort(remoteAddr)`
			`ip := addrPort.Addr()`
			`if err != nil {`
			`// This should not happen in real life; only in tests. So, using falling back to 0.0.0.0 if address unspecified`
			`ip, err = netip.ParseAddr(remoteAddr)`
			`if err != nil {`
			`ip = netip.IPv4Unspecified()`
Merge branch 'main' into user-account 2022-12-23 15:37:47 +01:00			`if remoteAddr != "@" \|\| !behindProxy { // RemoteAddr is @ when unix socket is used`
Minor tweaks 2023-02-15 16:55:01 +01:00			`logr(r).Err(err).Warn("unable to parse IP (%s), new visitor with unspecified IP (0.0.0.0) created", remoteAddr)`
Merge branch 'main' into user-account 2022-12-23 15:37:47 +01:00			`}`
stuff 2022-12-22 03:55:39 +01:00			`}`
			`}`
			`if behindProxy && strings.TrimSpace(r.Header.Get("X-Forwarded-For")) != "" {`
			`// X-Forwarded-For can contain multiple addresses (see #328). If we are behind a proxy,`
			`// only the right-most address can be trusted (as this is the one added by our proxy server).`
			`// See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For for details.`
			`ips := util.SplitNoEmpty(r.Header.Get("X-Forwarded-For"), ",")`
			`realIP, err := netip.ParseAddr(strings.TrimSpace(util.LastString(ips, remoteAddr)))`
			`if err != nil {`
Minor tweaks 2023-02-15 16:55:01 +01:00			`logr(r).Err(err).Error("invalid IP address %s received in X-Forwarded-For header", ip)`
stuff 2022-12-22 03:55:39 +01:00			`// Fall back to regular remote address if X-Forwarded-For is damaged`
			`} else {`
			`ip = realIP`
			`}`
			`}`
			`return ip`
			`}`
Tests 2022-12-29 15:57:42 +01:00
Add Access Tokens UI 2023-01-28 05:10:59 +01:00			`func readJSONWithLimit[T any](r io.ReadCloser, limit int, allowEmpty bool) (*T, error) {`
			`obj, err := util.UnmarshalJSONWithLimit[T](r, limit, allowEmpty)`
Simplify(?) templating cases 2024-03-21 02:33:54 +01:00			`if errors.Is(err, util.ErrUnmarshalJSON) {`
Tests 2022-12-29 15:57:42 +01:00			`return nil, errHTTPBadRequestJSONInvalid`
Simplify(?) templating cases 2024-03-21 02:33:54 +01:00			`} else if errors.Is(err, util.ErrTooLargeJSON) {`
Tests 2022-12-29 15:57:42 +01:00			`return nil, errHTTPEntityTooLargeJSONBody`
			`} else if err != nil {`
			`return nil, err`
			`}`
			`return obj, nil`
			`}`
Polish a little 2023-02-23 04:26:43 +01:00
			`func withContext(r http.Request, ctx map[contextKey]any) http.Request {`
			`c := r.Context()`
			`for k, v := range ctx {`
			`c = context.WithValue(c, k, v)`
			`}`
			`return r.WithContext(c)`
			`}`
Polishing 2023-02-24 02:46:53 +01:00
More metrics 2023-03-14 15:19:15 +01:00			`func fromContext[T any](r *http.Request, key contextKey) (T, error) {`
Works 2023-03-04 04:22:07 +01:00			`t, ok := r.Context().Value(key).(T)`
Polishing 2023-02-24 02:46:53 +01:00			`if !ok {`
More metrics 2023-03-14 15:19:15 +01:00			`return t, fmt.Errorf("cannot find key %v in request context", key)`
Polishing 2023-02-24 02:46:53 +01:00			`}`
More metrics 2023-03-14 15:19:15 +01:00			`return t, nil`
Polishing 2023-02-24 02:46:53 +01:00			`}`
Simplify 2023-04-22 03:07:07 +02:00
Refine logic 2023-09-24 23:59:23 +02:00			`// maybeDecodeHeader decodes the given header value if it is MIME encoded, e.g. "=?utf-8?q?Hello_World?=",`
			`// or returns the original header value if it is not MIME encoded. It also calls maybeIgnoreSpecialHeader`
			`// to ignore new HTTP "Priority" header.`
			`func maybeDecodeHeader(name, value string) string {`
			`decoded, err := mimeDecoder.DecodeHeader(value)`
Simplify 2023-04-22 03:07:07 +02:00			`if err != nil {`
Refine logic 2023-09-24 23:59:23 +02:00			`return maybeIgnoreSpecialHeader(name, value)`
Simplify 2023-04-22 03:07:07 +02:00			`}`
Refine logic 2023-09-24 23:59:23 +02:00			`return maybeIgnoreSpecialHeader(name, decoded)`
Ignore Cloudflare Priority header With these changes, If the web request contains the new Priority header (RFC 9218), The server will ignore it and continue searching for other headers or query parameters. 2023-08-29 07:20:04 +02:00			`}`

Refine logic 2023-09-24 23:59:23 +02:00			`// maybeIgnoreSpecialHeader ignores new HTTP "Priority" header (see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-priority)`
			`//`
			`// Cloudflare (and potentially other providers) add this to requests when forwarding to the backend (ntfy),`
			`// so we just ignore it. If the "Priority" header is set to "u=, i" or "u=" (by Cloudflare), the header will be ignored.`
			`// Returning an empty string will allow the rest of the logic to continue searching for another header (x-priority, prio, p),`
			`// or in the Query parameters.`
			`func maybeIgnoreSpecialHeader(name, value string) string {`
			`if strings.ToLower(name) == "priority" && priorityHeaderIgnoreRegex.MatchString(strings.TrimSpace(value)) {`
Ignore Cloudflare Priority header With these changes, If the web request contains the new Priority header (RFC 9218), The server will ignore it and continue searching for other headers or query parameters. 2023-08-29 07:20:04 +02:00			`return ""`
Fix cloudflarePriorityIgnore - Now, only if the header being processed is the "priority" header, the cloudflarePriorityIgnore function is called, solving problems with that header injected by CF - we make the check with regex now. 2023-09-04 02:55:57 +02:00			`}`
Ignore Cloudflare Priority header With these changes, If the web request contains the new Priority header (RFC 9218), The server will ignore it and continue searching for other headers or query parameters. 2023-08-29 07:20:04 +02:00			`return value`
Simplify 2023-04-22 03:07:07 +02:00			`}`