| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185 |
- package server
- import (
- "context"
- "errors"
- "fmt"
- "io"
- "mime"
- "net/http"
- "net/netip"
- "regexp"
- "strings"
- "heckel.io/ntfy/v2/util"
- )
- var (
- mimeDecoder mime.WordDecoder
- priorityHeaderIgnoreRegex = regexp.MustCompile(`^u=\d,\s*(i|\d)$|^u=\d$`)
- )
- func readBoolParam(r *http.Request, defaultValue bool, names ...string) bool {
- value := strings.ToLower(readParam(r, names...))
- if value == "" {
- return defaultValue
- }
- return toBool(value)
- }
- func isBoolValue(value string) bool {
- return value == "1" || value == "yes" || value == "true" || value == "0" || value == "no" || value == "false"
- }
- func toBool(value string) bool {
- return value == "1" || value == "yes" || value == "true"
- }
- func readCommaSeparatedParam(r *http.Request, names ...string) (params []string) {
- paramStr := readParam(r, names...)
- if paramStr != "" {
- params = make([]string, 0)
- for _, s := range util.SplitNoEmpty(paramStr, ",") {
- params = append(params, strings.TrimSpace(s))
- }
- }
- return params
- }
- func readParam(r *http.Request, names ...string) string {
- value := readHeaderParam(r, names...)
- if value != "" {
- return value
- }
- return readQueryParam(r, names...)
- }
- func readHeaderParam(r *http.Request, names ...string) string {
- for _, name := range names {
- value := strings.TrimSpace(maybeDecodeHeader(name, r.Header.Get(name)))
- if value != "" {
- return value
- }
- }
- return ""
- }
- func readQueryParam(r *http.Request, names ...string) string {
- for _, name := range names {
- value := r.URL.Query().Get(strings.ToLower(name))
- if value != "" {
- return strings.TrimSpace(value)
- }
- }
- return ""
- }
- func extractIPAddress(r *http.Request, behindProxy bool, proxyClientIPHeader string) netip.Addr {
- logr(r).Debug("Starting IP extraction")
- remoteAddr := r.RemoteAddr
- logr(r).Debug("RemoteAddr: %s", remoteAddr)
- addrPort, err := netip.ParseAddrPort(remoteAddr)
- ip := addrPort.Addr()
- if err != nil {
- logr(r).Warn("Failed to parse RemoteAddr as AddrPort: %v", err)
- ip, err = netip.ParseAddr(remoteAddr)
- if err != nil {
- ip = netip.IPv4Unspecified()
- logr(r).Error("Failed to parse RemoteAddr as IP: %v, defaulting to 0.0.0.0", err)
- }
- }
- // Log initial IP before further processing
- logr(r).Debug("Initial IP after RemoteAddr parsing: %s", ip)
- if proxyClientIPHeader != "" {
- logr(r).Debug("Using ProxyClientIPHeader: %s", proxyClientIPHeader)
- if customHeaderIP := r.Header.Get(proxyClientIPHeader); customHeaderIP != "" {
- logr(r).Debug("Custom header %s value: %s", proxyClientIPHeader, customHeaderIP)
- realIP, err := netip.ParseAddr(customHeaderIP)
- if err != nil {
- logr(r).Error("Invalid IP in %s header: %s, error: %v", proxyClientIPHeader, customHeaderIP, err)
- } else {
- logr(r).Debug("Successfully parsed IP from custom header: %s", realIP)
- ip = realIP
- }
- } else {
- logr(r).Warn("Custom header %s is empty or missing", proxyClientIPHeader)
- }
- } else if behindProxy {
- logr(r).Debug("No ProxyClientIPHeader set, checking X-Forwarded-For")
- if xff := r.Header.Get("X-Forwarded-For"); xff != "" {
- logr(r).Debug("X-Forwarded-For value: %s", xff)
- ips := util.SplitNoEmpty(xff, ",")
- realIP, err := netip.ParseAddr(strings.TrimSpace(util.LastString(ips, remoteAddr)))
- if err != nil {
- logr(r).Error("Invalid IP in X-Forwarded-For header: %s, error: %v", xff, err)
- } else {
- logr(r).Debug("Successfully parsed IP from X-Forwarded-For: %s", realIP)
- ip = realIP
- }
- } else {
- logr(r).Debug("X-Forwarded-For header is empty or missing")
- }
- } else {
- logr(r).Debug("Behind proxy is false, skipping proxy headers")
- }
- // Final resolved IP
- logr(r).Debug("Final resolved IP: %s", ip)
- return ip
- }
- func readJSONWithLimit[T any](r io.ReadCloser, limit int, allowEmpty bool) (*T, error) {
- obj, err := util.UnmarshalJSONWithLimit[T](r, limit, allowEmpty)
- if errors.Is(err, util.ErrUnmarshalJSON) {
- return nil, errHTTPBadRequestJSONInvalid
- } else if errors.Is(err, util.ErrTooLargeJSON) {
- return nil, errHTTPEntityTooLargeJSONBody
- } else if err != nil {
- return nil, err
- }
- return obj, nil
- }
- func withContext(r *http.Request, ctx map[contextKey]any) *http.Request {
- c := r.Context()
- for k, v := range ctx {
- c = context.WithValue(c, k, v)
- }
- return r.WithContext(c)
- }
- func fromContext[T any](r *http.Request, key contextKey) (T, error) {
- t, ok := r.Context().Value(key).(T)
- if !ok {
- return t, fmt.Errorf("cannot find key %v in request context", key)
- }
- return t, nil
- }
- // maybeDecodeHeader decodes the given header value if it is MIME encoded, e.g. "=?utf-8?q?Hello_World?=",
- // or returns the original header value if it is not MIME encoded. It also calls maybeIgnoreSpecialHeader
- // to ignore new HTTP "Priority" header.
- func maybeDecodeHeader(name, value string) string {
- decoded, err := mimeDecoder.DecodeHeader(value)
- if err != nil {
- return maybeIgnoreSpecialHeader(name, value)
- }
- return maybeIgnoreSpecialHeader(name, decoded)
- }
- // maybeIgnoreSpecialHeader ignores new HTTP "Priority" header (see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-priority)
- //
- // Cloudflare (and potentially other providers) add this to requests when forwarding to the backend (ntfy),
- // so we just ignore it. If the "Priority" header is set to "u=*, i" or "u=*" (by Cloudflare), the header will be ignored.
- // Returning an empty string will allow the rest of the logic to continue searching for another header (x-priority, prio, p),
- // or in the Query parameters.
- func maybeIgnoreSpecialHeader(name, value string) string {
- if strings.ToLower(name) == "priority" && priorityHeaderIgnoreRegex.MatchString(strings.TrimSpace(value)) {
- return ""
- }
- return value
- }
|