Slendi/slenpaste
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
slenpaste/main.go
Slendi 4909845c61 Yea 
Signed-off-by: Slendi <slendi@socopon.com>
2025-10-08 15:21:05 +03:00

475 lines
14 KiB
Go
Raw Permalink Blame History

package main
import (
"embed"
"encoding/json"
"flag"
"fmt"
"golang.org/x/time/rate"
"io"
"math/rand"
"mime"
"net/http"
"os"
"path/filepath"
"strconv"
"strings"
"sync"
"time"
)
var (
domain string
listenAddr string
staticDir string
expireDur time.Duration
expireOnView bool
limiters = make(map[string]*rate.Limiter)
limMu sync.Mutex
useHTTPS bool
)
//go:embed android-chrome-192x192.png android-chrome-512x512.png apple-touch-icon.png favicon-16x16.png favicon-32x32.png favicon.ico site.webmanifest
var assetsFS embed.FS
type meta struct {
Expiry time.Time `json:"expiry"`
ExpireOnView bool `json:"expire_on_view"`
FileName string `json:"file_name,omitempty"`
}
func init() {
_ = mime.AddExtensionType(".webmanifest", "application/manifest+json")
}
func getLimiter(ip string) *rate.Limiter {
limMu.Lock()
defer limMu.Unlock()
lim, ok := limiters[ip]
if !ok {
lim = rate.NewLimiter(rate.Every(5*time.Second), 1)
limiters[ip] = lim
}
return lim
}
func rateLimitMiddleware(next http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
ip := r.RemoteAddr
if i := strings.LastIndex(ip, ":"); i != -1 {
ip = ip[:i]
}
lim := getLimiter(ip)
if !lim.Allow() {
http.Error(w, "Rate limit exceeded", http.StatusTooManyRequests)
return
}
next(w, r)
}
}
func randomID(n int) string {
letters := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
b := make([]rune, n)
for i := range b {
b[i] = letters[rand.Intn(len(letters))]
}
return string(b)
}
func indexHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Add("Content-Type", "text/html; charset=utf-8")
scheme := "http"
if useHTTPS {
scheme = "https"
}
d := fmt.Sprintf("%s://%s", scheme, domain)
fmt.Fprintf(w, `<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>slenpaste</title>
<link rel="apple-touch-icon" href="/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
<link rel="icon" href="/favicon.ico">
<link rel="manifest" href="/site.webmanifest">
<meta name="theme-color" content="#ffffff">
<style>
body { font-family: system-ui, sans-serif; max-width: 800px; margin: 2rem auto; padding: 0 1rem; }
pre { background: #f6f6f6; padding: .75rem 1rem; border-radius: .5rem; overflow: auto; }
fieldset { border: 1px solid #ddd; border-radius: .5rem; padding: .5rem .75rem; }
#dropzone {
border: 2px dashed #bbb; border-radius: .75rem; padding: 1.25rem; text-align: center;
user-select: none;
}
#dropzone.dragover { border-color: #333; background: #fafafa; }
#result { margin-top: .75rem; }
#result a { font-weight: 600; }
.controls { display: flex; gap: .5rem; align-items: center; flex-wrap: wrap; }
.inline { display: inline-flex; gap: .5rem; align-items: center; }
textarea { width: 100%%; height: 180px; font-family: ui-monospace, SFMono-Regular, Menlo, monospace; }
.small { color: #666; font-size: .9rem; }
</style>
</head>
<body>
<h1>slenpaste</h1>
<pre>Welcome!
Upload a file:
curl -F 'file=@yourfile.txt' -F 'expiry=1h' %s/
Upload from stdin (no file param, expire after 5m):
curl --data-binary @- %s/?expiry=5m < yourfile.txt
Upload from stdin and expire on first view:
cat yourfile.txt | curl --data-binary @- "%s/?expiry=view"
</pre>
<a href="https://git.slendi.dev/Slendi/slenpaste.koplugin">Download the new KOReader plugin!</a>
<form id="form" enctype="multipart/form-data" method="post" style="margin-top: 13px;">
<input type="file" name="file" id="fileInput">
<div class="controls" style="margin-top: .75rem">
<fieldset>
<legend>Expiry</legend>
<label><input type="radio" name="expiry" value="0" checked> Never</label>
<label><input type="radio" name="expiry" value="5m"> 5 minutes</label>
<label><input type="radio" name="expiry" value="1h"> 1 hour</label>
<label><input type="radio" name="expiry" value="24h"> 1 day</label>
<label><input type="radio" name="expiry" value="view"> Expire on first view</label>
</fieldset>
<div class="inline">
<label for="fname">Filename (optional):</label>
<input type="text" id="fname" placeholder="example.txt">
</div>
<input type="submit" value="Upload file">
</div>
</form>
<h2 style="margin-top:1.5rem">No file? Type your text in here!</h2>
<p class="small">Type or paste text and upload as a .txt.</p>
<textarea id="textArea" placeholder="Type or paste here..."></textarea>
<div class="controls" style="margin-top:.5rem">
<button id="uploadTextBtn" type="button">Upload text</button>
<label class="inline small"><input type="checkbox" id="textAsMd"> Save as .md</label>
</div>
<h2 style="margin-top:1.5rem">Paste or drop images</h2>
<div id="dropzone" tabindex="0">
Paste an image (Ctrl/Cmd+V) or drag &amp; drop files here
<div class="small">Images are uploaded as files. Other files dropped here work too.</div>
</div>
<div id="result"></div>
<script>
(function() {
"use strict";
const form = document.getElementById("form");
const fileInput = document.getElementById("fileInput");
const fname = document.getElementById("fname");
const textArea = document.getElementById("textArea");
const uploadTextBtn = document.getElementById("uploadTextBtn");
const textAsMd = document.getElementById("textAsMd");
const dropzone = document.getElementById("dropzone");
const result = document.getElementById("result");
function getExpiry() {
const checked = form.querySelector('input[name="expiry"]:checked');
return checked ? checked.value : "0";
}
function setBusy(b) {
if (b) {
result.textContent = "Uploading...";
}
}
function showLink(url) {
result.innerHTML = 'URL: <a href="' + url + '" target="_blank" rel="noopener">' + url + '</a>';
try {
navigator.clipboard.writeText(url);
result.innerHTML += ' <span class="small">(copied)</span>';
} catch(e) {}
}
async function uploadFormData(fd, expiry) {
setBusy(true);
const res = await fetch("/?expiry=" + encodeURIComponent(expiry), {
method: "POST",
body: fd
});
if (!res.ok) {
const t = await res.text();
result.textContent = "Error: " + t;
return;
}
const url = (await res.text()).trim();
showLink(url);
}
async function uploadBlobAsFile(blob, filename, expiry) {
const fd = new FormData();
const file = new File([blob], filename, { type: blob.type || "application/octet-stream" });
fd.append("file", file);
return uploadFormData(fd, expiry);
}
form.addEventListener("submit", async (e) => {
e.preventDefault();
if (!fileInput.files || fileInput.files.length === 0) {
result.textContent = "Choose a file first.";
return;
}
const expiry = getExpiry();
let file = fileInput.files[0];
if (fname.value.trim()) {
file = new File([file], fname.value.trim(), { type: file.type });
}
const fd = new FormData();
fd.append("file", file);
await uploadFormData(fd, expiry);
fileInput.value = "";
fname.value = "";
});
uploadTextBtn.addEventListener("click", async () => {
const text = textArea.value;
if (!text) {
result.textContent = "Nothing to upload.";
return;
}
const expiry = getExpiry();
const name = (fname.value.trim() || (textAsMd.checked ? "text.md" : "text.txt"));
await uploadBlobAsFile(new Blob([text], { type: "text/plain" }), name, expiry);
fname.value = "";
});
;["dragenter","dragover"].forEach(ev => {
dropzone.addEventListener(ev, (e) => {
e.preventDefault(); e.stopPropagation();
dropzone.classList.add("dragover");
});
});
;["dragleave","drop"].forEach(ev => {
dropzone.addEventListener(ev, (e) => {
e.preventDefault(); e.stopPropagation();
dropzone.classList.remove("dragover");
});
});
dropzone.addEventListener("drop", async (e) => {
const expiry = getExpiry();
const files = Array.from(e.dataTransfer.files || []);
if (files.length === 0) return;
const fd = new FormData();
for (const f of files) {
fd.set("file", f);
await uploadFormData(fd, expiry);
}
});
window.addEventListener("paste", async (e) => {
const items = e.clipboardData && e.clipboardData.items ? Array.from(e.clipboardData.items) : [];
if (!items.length) return;
const expiry = getExpiry();
let handled = false;
for (const it of items) {
if (it.kind === "file") {
const blob = it.getAsFile();
if (!blob) continue;
const ext = (blob.type && blob.type.startsWith("image/")) ? blob.type.split("/")[1] : "bin";
const name = fname.value.trim() || ("pasted." + ext);
await uploadBlobAsFile(blob, name, expiry);
handled = true;
}
}
if (handled) e.preventDefault();
});
})();
</script>
</body>
</html>`, d, d, d)
}
func uploadHandler(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Only POST allowed", http.StatusMethodNotAllowed)
return
}
var reader io.Reader
var ext string
var fileName string
contentType := r.Header.Get("Content-Type")
if strings.HasPrefix(contentType, "multipart/form-data") {
if err := r.ParseMultipartForm(10 << 20); err == nil {
if file, header, err := r.FormFile("file"); err == nil {
defer file.Close()
reader = file
ext = filepath.Ext(header.Filename)
fileName = filepath.Base(header.Filename)
}
}
}
if reader == nil {
reader = r.Body
defer r.Body.Close()
}
if ext == "" {
ext = ".txt"
}
id := randomID(6)
filename := id + ext
if err := os.MkdirAll(staticDir, 0755); err != nil {
http.Error(w, "Server error", http.StatusInternalServerError)
return
}
path := filepath.Join(staticDir, filename)
out, err := os.Create(path)
if err != nil {
http.Error(w, "Save error", http.StatusInternalServerError)
return
}
defer out.Close()
n, err := io.Copy(out, reader)
if err != nil {
http.Error(w, "Write error", http.StatusInternalServerError)
return
}
if n == 0 {
_ = os.Remove(path)
http.Error(w, "Empty upload", http.StatusBadRequest)
return
}
expVal := r.URL.Query().Get("expiry")
var m meta
switch expVal {
case "view":
m.ExpireOnView = true
case "0":
// no expiry
default:
if d, err := time.ParseDuration(expVal); err == nil {
m.Expiry = time.Now().Add(d)
}
}
if fileName != "" {
m.FileName = fileName
}
if !m.Expiry.IsZero() || m.ExpireOnView || m.FileName != "" {
metaBytes, _ := json.Marshal(m)
_ = os.WriteFile(path+".json", metaBytes, 0644)
}
scheme := "http"
if useHTTPS {
scheme = "https"
}
fmt.Fprintf(w, "%s://%s/%s\n", scheme, domain, filename)
}
func contentDispositionInlineFilename(name string) string {
q := strconv.QuoteToASCII(name)
var b strings.Builder
for i := 0; i < len(name); i++ {
c := name[i]
if (c >= '0' && c <= '9') || (c >= 'A' && c <= 'Z') || (c >= 'a' && c <= 'z') || c == '.' || c == '-' || c == '_' {
b.WriteByte(c)
} else {
fmt.Fprintf(&b, "%%%02X", c)
}
}
return fmt.Sprintf(`inline; filename=%s; filename*=UTF-8''%s`, q, b.String())
}
func viewHandler(w http.ResponseWriter, r *http.Request) {
id := strings.TrimPrefix(r.URL.Path, "/")
if id == "" {
indexHandler(w, r)
return
}
path := filepath.Join(staticDir, id)
metaPath := path + ".json"
if data, err := os.ReadFile(metaPath); err == nil {
var m meta
if err := json.Unmarshal(data, &m); err == nil {
if !m.Expiry.IsZero() && time.Now().After(m.Expiry) {
_ = os.Remove(path)
_ = os.Remove(metaPath)
http.NotFound(w, r)
return
}
if m.ExpireOnView {
defer os.Remove(path)
defer os.Remove(metaPath)
}
if m.FileName != "" {
w.Header().Set("Content-Disposition", contentDispositionInlineFilename(m.FileName))
}
}
}
f, err := os.Open(path)
if err != nil {
http.NotFound(w, r)
return
}
defer f.Close()
ext := filepath.Ext(id)
mimeType := mime.TypeByExtension(ext)
if mimeType == "" {
mimeType = "application/octet-stream"
}
w.Header().Set("Content-Type", mimeType)
_, _ = io.Copy(w, f)
}
func serveEmbedded(embeddedName, contentType string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
b, err := assetsFS.ReadFile(embeddedName)
if err != nil {
http.NotFound(w, r)
return
}
if contentType == "" {
if ct := mime.TypeByExtension(filepath.Ext(embeddedName)); ct != "" {
contentType = ct
}
}
if contentType != "" {
w.Header().Set("Content-Type", contentType)
}
http.ServeContent(w, r, embeddedName, time.Time{}, strings.NewReader(string(b)))
}
}
func main() {
flag.StringVar(&domain, "domain", "localhost:8080", "domain name for URLs")
flag.StringVar(&listenAddr, "listen", "0.0.0.0:8080", "listen address")
flag.StringVar(&staticDir, "static", "static", "directory to save pastes")
flag.DurationVar(&expireDur, "expire", 0, "time after which paste expires (e.g. 5m, 1h)")
flag.BoolVar(&expireOnView, "expire-on-view", false, "delete paste after it's viewed once")
flag.BoolVar(&useHTTPS, "https", false, "use https:// in generated URLs")
flag.Parse()
// Uploads + index
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
if r.Method == http.MethodPost {
rateLimitMiddleware(uploadHandler)(w, r)
} else {
viewHandler(w, r)
}
})
// Embedded favicon/PWA assets
http.HandleFunc("/favicon.ico", serveEmbedded("favicon.ico", "image/x-icon"))
http.HandleFunc("/apple-touch-icon.png", serveEmbedded("apple-touch-icon.png", "image/png"))
http.HandleFunc("/favicon-16x16.png", serveEmbedded("favicon-16x16.png", "image/png"))
http.HandleFunc("/favicon-32x32.png", serveEmbedded("favicon-32x32.png", "image/png"))
http.HandleFunc("/android-chrome-192x192.png", serveEmbedded("android-chrome-192x192.png", "image/png"))
http.HandleFunc("/android-chrome-512x512.png", serveEmbedded("android-chrome-512x512.png", "image/png"))
http.HandleFunc("/site.webmanifest", serveEmbedded("site.webmanifest", "application/manifest+json"))
fmt.Printf("slenpaste running at http://%s, storing in %s\n", listenAddr, staticDir)
_ = http.ListenAndServe(listenAddr, nil)
}
Reference in New Issue View Git Blame Copy Permalink