Hugging Face's logo

Spaces:
QSLY
/
ghp
Configuration error

App Files Community
ghp / main.go
QSLY's picture
QSLY
Upload 10 files
c3a1b3c verified
raw
history blame contribute delete
6.31 kB
 package main
import (
"embed"
"encoding/json"
"fmt"
"github.com/gin-gonic/gin"
"io"
"io/fs"
"net"
"net/http"
"os"
"regexp"
"strconv"
"strings"
"sync"
"time"
)
const (
sizeLimit int64 = 1024 * 1024 * 1024 * 10 // 允许的文件大小,默认10GB
host = "0.0.0.0" // 监听地址
port = 8080 // 监听端口
)
//go:embed public/*
var public embed.FS
var (
exps = []*regexp.Regexp{
regexp.MustCompile(`^(?:https?://)?github\.com/([^/]+)/([^/]+)/(?:releases|archive)/.*$`),
regexp.MustCompile(`^(?:https?://)?github\.com/([^/]+)/([^/]+)/(?:blob|raw)/.*$`),
regexp.MustCompile(`^(?:https?://)?github\.com/([^/]+)/([^/]+)/(?:info|git-).*$`),
regexp.MustCompile(`^(?:https?://)?raw\.github(?:usercontent|)\.com/([^/]+)/([^/]+)/.+?/.+$`),
regexp.MustCompile(`^(?:https?://)?gist\.github\.com/([^/]+)/.+?/.+$`),
}
httpClient *http.Client
config *Config
configLock sync.RWMutex
)
type Config struct {
Host string `json:"host"`
Port int64 `json:"port"`
SizeLimit int64 `json:"sizeLimit"`
WhiteList []string `json:"whiteList"`
BlackList []string `json:"blackList"`
AllowProxyAll bool `json:"allowProxyAll"` // 是否允许代理非github的其他地址
OtherWhiteList []string `json:"otherWhiteList"`
OtherBlackList []string `json:"otherBlackList"`
}
func main() {
gin.SetMode(gin.ReleaseMode)
router := gin.Default()
httpClient = &http.Client{
Transport: &http.Transport{
DialContext: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}).DialContext,
MaxIdleConns: 1000,
MaxIdleConnsPerHost: 1000,
IdleConnTimeout: 90 * time.Second,
TLSHandshakeTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second,
ResponseHeaderTimeout: 300 * time.Second,
},
}
loadConfig()
go func() {
for {
time.Sleep(10 * time.Minute)
loadConfig()
}
}()
// if config.Host==""{
// config.Host=host
// }
if config.Port == 0 {
config.Port = port
}
if config.SizeLimit <= 0 {
config.SizeLimit = sizeLimit
}
// 修改静态文件服务方式
subFS, err := fs.Sub(public, "public")
if err != nil {
panic(fmt.Sprintf("无法创建子文件系统: %v", err))
}
// 使用 StaticFS 提供静态文件
router.StaticFS("/", http.FS(subFS))
// router.StaticFile("/", "./public/index.html")
// router.StaticFile("/favicon.ico", "./public/favicon.ico")
// router.StaticFile("/logo.png", "./public/logo.png")
router.NoRoute(handler)
fmt.Printf("starting http server on %s:%d \n", config.Host, config.Port)
err = router.Run(fmt.Sprintf("%s:%d", config.Host, config.Port))
if err != nil {
fmt.Printf("Error starting server: %v\n", err)
}
}
func handler(c *gin.Context) {
rawPath := strings.TrimPrefix(c.Request.URL.RequestURI(), "/")
for strings.HasPrefix(rawPath, "/") {
rawPath = strings.TrimPrefix(rawPath, "/")
}
if !strings.HasPrefix(rawPath, "http") {
// c.String(http.StatusForbidden, "Invalid input.")
// return
rawPath = fmt.Sprintf("https://%s", rawPath)
}
matches := checkURL(rawPath)
if matches != nil {
if len(config.WhiteList) > 0 && !checkList(matches, config.WhiteList) {
c.String(http.StatusForbidden, "Forbidden by white list.")
return
}
if len(config.BlackList) > 0 && checkList(matches, config.BlackList) {
c.String(http.StatusForbidden, "Forbidden by black list.")
return
}
} else {
if !config.AllowProxyAll {
c.String(http.StatusForbidden, "Invalid input.")
return
}
if len(config.OtherWhiteList) > 0 && !checkOhterList(rawPath, config.OtherWhiteList) {
c.String(http.StatusForbidden, "Forbidden by white list.")
return
}
if len(config.OtherBlackList) > 0 && checkOhterList(rawPath, config.OtherBlackList) {
c.String(http.StatusForbidden, "Forbidden by black list.")
return
}
}
if exps[1].MatchString(rawPath) {
rawPath = strings.Replace(rawPath, "/blob/", "/raw/", 1)
}
proxy(c, rawPath)
}
func proxy(c *gin.Context, u string) {
req, err := http.NewRequest(c.Request.Method, u, c.Request.Body)
if err != nil {
c.String(http.StatusInternalServerError, fmt.Sprintf("server error %v", err))
return
}
for key, values := range c.Request.Header {
for _, value := range values {
req.Header.Add(key, value)
}
}
req.Header.Del("Host")
resp, err := httpClient.Do(req)
if err != nil {
c.String(http.StatusInternalServerError, fmt.Sprintf("server error %v", err))
return
}
defer func(Body io.ReadCloser) {
err := Body.Close()
if err != nil {
}
}(resp.Body)
if contentLength, ok := resp.Header["Content-Length"]; ok {
if size, err := strconv.ParseInt(contentLength[0], 10, 64); err == nil && size > config.SizeLimit {
c.String(http.StatusRequestEntityTooLarge, "File too large.")
return
}
}
resp.Header.Del("Content-Security-Policy")
resp.Header.Del("Referrer-Policy")
resp.Header.Del("Strict-Transport-Security")
for key, values := range resp.Header {
for _, value := range values {
c.Header(key, value)
}
}
if location := resp.Header.Get("Location"); location != "" {
if checkURL(location) != nil {
c.Header("Location", "/"+location)
} else {
proxy(c, location)
return
}
}
c.Status(resp.StatusCode)
if _, err := io.Copy(c.Writer, resp.Body); err != nil {
return
}
}
func loadConfig() {
file, err := os.Open("config.json")
if err != nil {
fmt.Printf("Error loading config: %v\n", err)
return
}
defer func(file *os.File) {
err := file.Close()
if err != nil {
}
}(file)
var newConfig Config
decoder := json.NewDecoder(file)
if err := decoder.Decode(&newConfig); err != nil {
fmt.Printf("Error decoding config: %v\n", err)
return
}
configLock.Lock()
config = &newConfig
configLock.Unlock()
}
func checkURL(u string) []string {
for _, exp := range exps {
if matches := exp.FindStringSubmatch(u); matches != nil {
return matches[1:]
}
}
return nil
}
func checkList(matches, list []string) bool {
for _, item := range list {
if strings.HasPrefix(matches[0], item) {
return true
}
}
return false
}
func checkOhterList(url string, list []string) bool {
for _, item := range list {
if strings.Contains(url, item) {
return true
}
}
return false
}