MCPcopy
hub / github.com/perkeep/perkeep / handleGetViaSharing

Method handleGetViaSharing

pkg/server/share.go:165–277  ·  view source on GitHub ↗

for tests Unauthenticated user. Be paranoid.

(rw http.ResponseWriter, req *http.Request,
	blobRef blob.Ref)

Source from the content-addressed store, hash-verified

163
164// Unauthenticated user. Be paranoid.
165func (h *shareHandler) handleGetViaSharing(rw http.ResponseWriter, req *http.Request,
166 blobRef blob.Ref) error {
167 ctx := req.Context()
168 if !httputil.IsGet(req) {
169 return &shareError{code: invalidMethod, response: badRequest, message: "Invalid method"}
170 }
171
172 rw.Header().Set("Access-Control-Allow-Origin", "*")
173
174 viaPathOkay := false
175 startTime := time.Now()
176 defer func() {
177 if !viaPathOkay {
178 // Insert a delay, to hide timing attacks probing
179 // for the existence of blobs.
180 sleep := fetchFailureDelay - time.Since(startTime)
181 timeSleep(sleep)
182 }
183 }()
184 viaBlobs := make([]blob.Ref, 0)
185 if via := req.FormValue("via"); via != "" {
186 for _, vs := range strings.Split(via, ",") {
187 if br, ok := blob.Parse(vs); ok {
188 viaBlobs = append(viaBlobs, br)
189 } else {
190 return &shareError{code: invalidVia, response: badRequest, message: "Malformed blobref in via param"}
191 }
192 }
193 }
194
195 fetchChain := make([]blob.Ref, 0)
196 fetchChain = append(fetchChain, viaBlobs...)
197 fetchChain = append(fetchChain, blobRef)
198 isTransitive := false
199 for i, br := range fetchChain {
200 switch i {
201 case 0:
202 if h.idx != nil {
203 h.idx.RLock()
204 isDeleted := h.idx.IsDeleted(br)
205 h.idx.RUnlock()
206 if isDeleted {
207 return unauthorized(shareDeleted, "Share was deleted")
208 }
209 }
210 file, size, err := h.fetcher.Fetch(ctx, br)
211 if err != nil {
212 return unauthorized(shareFetchFailed, "Fetch chain 0 of %s failed: %v", br, err)
213 }
214 defer file.Close()
215 if size > schema.MaxSchemaBlobSize {
216 return unauthorized(shareBlobTooLarge, "Fetch chain 0 of %s too large", br)
217 }
218 blob, err := schema.BlobFromReader(br, file)
219 if err != nil {
220 return unauthorized(shareReadFailed, "Can't create a blob from %v: %v", br, err)
221 }
222 share, ok := blob.AsShare()

Callers 1

serveHTTPMethod · 0.95

Calls 15

ServeFileMethod · 0.95
IsGetFunction · 0.92
ParseFunction · 0.92
BlobFromReaderFunction · 0.92
ServeBlobRefFunction · 0.92
unauthorizedFunction · 0.85
bytesHaveSchemaLinkFunction · 0.85
ContextMethod · 0.80
AsShareMethod · 0.80
IsExpiredMethod · 0.80
IsTransitiveMethod · 0.80
ReadAllMethod · 0.80

Tested by

no test coverage detected