hamrpassValidate is the single source of truth for whether a key is acceptable and what the UI says about it. Shared by the inline /hamrpass handler and the arg popover hint. ok=false with an empty trimmed key is the "show status block" signal. Non-printable/non-ASCII runes are rejected up front: h
(raw string)
| 239 | // Non-printable/non-ASCII runes are rejected up front: http.Header.Set accepts |
| 240 | // the bytes but http.Client.Do then errors with `invalid header field value |
| 241 | // for "Authorization"` on the wire, after the key has already been persisted |
| 242 | // to config.yaml. Real keys are ASCII-printable; reject anything else early. |
| 243 | func hamrpassValidate(raw string) (key, hint string, ok bool) { |
| 244 | key = strings.TrimSpace(raw) |
| 245 | switch { |
| 246 | case key == "": |
| 247 | return "", "paste your hamrpass key, or Enter for status", false |
| 248 | case strings.ContainsAny(key, " \t\r\n"): |
| 249 | return key, "no whitespace allowed", false |
| 250 | } |
| 251 | for _, r := range key { |
| 252 | if r < 0x21 || r > 0x7e { |
| 253 | return key, "key must be printable ASCII (no control chars)", false |
| 254 | } |
| 255 | } |
| 256 | if len(key) < hamrpassMinKeyLen { |
| 257 | return key, fmt.Sprintf("%d/%d chars · keep typing", len(key), hamrpassMinKeyLen), false |
| 258 | } |
| 259 | return key, "Enter to activate", true |
| 260 | } |
| 261 |
no outgoing calls