Fix some errors in Readme.md and some performance optimization (#646)

I like this project very much, it's great, but there are some errors in readme.md
And the following about performance optimization
Optimize token generation with strings. Builder
Replace inefficient string concatenation with strings. Builder for token generation.
This improves performance by reducing memory allocations during string creation.
Using WriteByte also avoids unnecessary type conversions from character to string.

Co-authored-by: guocheng <cheng.guo@quantix.ae>

README.md

@@ -24,7 +24,7 @@ $ curl -v --upload-file ./hello.txt https://transfer.sh/hello.txt
 ### Encrypt & Upload:
 ```bash
 $ gpg --armor --symmetric --output - /tmp/hello.txt | curl --upload-file - https://transfer.sh/test.txt
-````
+```
 
 ### Download & Decrypt:
 ```bash
@@ -56,13 +56,13 @@ $ curl --upload-file ./hello.txt https://transfer.sh/hello.txt -H "Max-Days: 1"
 ### X-Encrypt-Password
 #### Beware, use this feature only on your self-hosted server: trusting a third-party service for server side encryption is at your own risk
 ```bash
-$ curl --upload-file ./hello.txt https://your-transfersh-instance.tld/hello.txt -H "X-Encrypt-Password: test" # Encrypt the content sever side with AES265 using "test" as password
+$ curl --upload-file ./hello.txt https://your-transfersh-instance.tld/hello.txt -H "X-Encrypt-Password: test" # Encrypt the content server side with AES256 using "test" as password
 ```
 
 ### X-Decrypt-Password
 #### Beware, use this feature only on your self-hosted server: trusting a third-party service for server side encryption is at your own risk
 ```bash
-$ curl https://your-transfersh-instance.tld/BAYh0/hello.txt -H "X-Decrypt-Password: test" # Decrypt the content sever side with AES265 using "test" as password
+$ curl https://your-transfersh-instance.tld/BAYh0/hello.txt -H "X-Decrypt-Password: test" # Decrypt the content server side with AES256 using "test" as password
 ```
 
 ## Response Headers
@@ -128,7 +128,7 @@ basedir | path storage for local/gdrive provider
 gdrive-client-json-filepath | path to oauth client json config for gdrive provider                                        |                              | GDRIVE_CLIENT_JSON_FILEPATH |
 gdrive-local-config-path | path to store local transfer.sh config cache for gdrive provider                            |                              | GDRIVE_LOCAL_CONFIG_PATH    |
 gdrive-chunk-size | chunk size for gdrive upload in megabytes, must be lower than available memory (8 MB)       |                              | GDRIVE_CHUNK_SIZE           |
-lets-encrypt-hosts | hosts to use for lets encrypt certificates (comma seperated)                                |                              | HOSTS                       |
+lets-encrypt-hosts | hosts to use for lets encrypt certificates (comma separated)                                |                              | HOSTS                       |
 log | path to log file                                                                            |                              | LOG                         |
 cors-domains | comma separated list of domains for CORS, setting it enable CORS                            |                              | CORS_DOMAINS                |
 clamav-host | host for clamav feature                                                                     |                              | CLAMAV_HOST                 |

server/server.go

@@ -144,7 +144,7 @@ func ProfileListener(s string) OptionFn {
 func WebPath(s string) OptionFn {
 	return func(srvr *Server) {
 		if s[len(s)-1:] != "/" {
-			s = s + string(filepath.Separator)
+			s = filepath.Join(s, "")
 		}
 
 		srvr.webPath = s
@@ -155,7 +155,7 @@ func WebPath(s string) OptionFn {
 func ProxyPath(s string) OptionFn {
 	return func(srvr *Server) {
 		if s[len(s)-1:] != "/" {
-			s = s + string(filepath.Separator)
+			s = filepath.Join(s, "")
 		}
 
 		srvr.proxyPath = s
@@ -173,7 +173,7 @@ func ProxyPort(s string) OptionFn {
 func TempPath(s string) OptionFn {
 	return func(srvr *Server) {
 		if s[len(s)-1:] != "/" {
-			s = s + string(filepath.Separator)
+			s = filepath.Join(s, "")
 		}
 
 		srvr.tempPath = s
@@ -436,8 +436,8 @@ func (s *Server) Run() {
 
 		fs = http.Dir(s.webPath)
 
-		htmlTemplates, _ = htmlTemplates.ParseGlob(s.webPath + "*.html")
-		textTemplates, _ = textTemplates.ParseGlob(s.webPath + "*.txt")
+		htmlTemplates, _ = htmlTemplates.ParseGlob(filepath.Join(s.webPath, "*.html"))
+		textTemplates, _ = textTemplates.ParseGlob(filepath.Join(s.webPath, "*.txt"))
 	} else {
 		fs = &assetfs.AssetFS{
 			Asset:    web.Asset,

server/token.go

@@ -24,6 +24,10 @@ THE SOFTWARE.
 
 package server
 
+import (
+	"strings"
+)
+
 const (
 	// SYMBOLS characters used for short-urls
 	SYMBOLS = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
@@ -31,11 +35,13 @@ const (
 
 // generate a token
 func token(length int) string {
-	result := ""
+	var builder strings.Builder
+	builder.Grow(length)
+	
 	for i := 0; i < length; i++ {
 		x := theRand.Intn(len(SYMBOLS) - 1)
-		result = string(SYMBOLS[x]) + result
+		builder.WriteByte(SYMBOLS[x])
 	}
 
-	return result
+	return builder.String()
 }