1 # Copyright (C) 2014-2021 all contributors <meta@public-inbox.org>
2 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
4 # Main web interface for mailing list archives
6 # We focus on the lowest common denominators here:
7 # - targeted at text-only console browsers (w3m, links, etc..)
8 # - Only basic HTML, CSS only for line-wrapping <pre> text content for GUIs
9 # and diff/syntax-highlighting (optional)
10 # - No JavaScript, graphics or icons allowed.
11 # - Must not rely on static content
12 # - UTF-8 is only for user-content, 7-bit US-ASCII for us
13 package PublicInbox::WWW;
16 use PublicInbox::Config;
17 use PublicInbox::Hval;
18 use URI::Escape qw(uri_unescape);
19 use PublicInbox::MID qw(mid_escape);
20 use PublicInbox::GitHTTPBackend;
21 use PublicInbox::UserContent;
22 use PublicInbox::WwwStatic qw(r path_info_raw);
25 # TODO: consider a routing tree now that we have more endpoints:
26 our $INBOX_RE = qr!\A/([\w\-][\w\.\-]*)!;
27 our $MID_RE = qr!([^/]+)!;
28 our $END_RE = qr!(T/|t/|t\.mbox(?:\.gz)?|t\.atom|raw|)!;
29 our $ATTACH_RE = qr!([0-9][0-9\.]*)-($PublicInbox::Hval::FN)!;
30 our $OID_RE = qr![a-f0-9]{7,}!;
33 my ($class, $pi_cfg) = @_;
34 bless { pi_cfg => $pi_cfg // PublicInbox::Config->new }, $class;
37 # backwards compatibility, do not use
39 my ($req, $method) = @_;
40 PublicInbox::WWW->new->call($req->env);
44 my ($self, $env) = @_;
45 my $ctx = { env => $env, www => $self };
47 # we don't care about multi-value
51 my ($k, $v) = split(/=/, $_, 2);
52 # none of the keys we care about will need escaping
53 ($k // '', uri_unescape($v // ''))
54 } split(/[&;]+/, $env->{QUERY_STRING});
56 my $path_info = path_info_raw($env);
57 my $method = $env->{REQUEST_METHOD};
59 if ($method eq 'POST') {
60 if ($path_info =~ m!$INBOX_RE/(?:(?:git/)?([0-9]+)(?:\.git)?/)?
61 (git-upload-pack)\z!x) {
62 my ($epoch, $path) = ($2, $3);
63 return invalid_inbox($ctx, $1) ||
64 serve_git($ctx, $epoch, $path);
65 } elsif ($path_info =~ m!$INBOX_RE/(\w+)\.sql\.gz\z!o) {
66 return get_altid_dump($ctx, $1, $2);
67 } elsif ($path_info =~ m!$INBOX_RE/!o) {
68 return invalid_inbox($ctx, $1) || mbox_results($ctx);
71 elsif ($method !~ /\A(?:GET|HEAD)\z/) {
75 # top-level indices and feeds
76 if ($path_info eq '/') {
77 require PublicInbox::WwwListing;
78 PublicInbox::WwwListing->response($ctx);
79 } elsif ($path_info eq '/manifest.js.gz') {
80 require PublicInbox::ManifestJsGz;
81 PublicInbox::ManifestJsGz->response($ctx);
82 } elsif ($path_info =~ m!$INBOX_RE\z!o) {
83 invalid_inbox($ctx, $1) || r301($ctx, $1);
84 } elsif ($path_info =~ m!$INBOX_RE(?:/|/index\.html)?\z!o) {
85 invalid_inbox($ctx, $1) || get_index($ctx);
86 } elsif ($path_info =~ m!$INBOX_RE/(?:atom\.xml|new\.atom)\z!o) {
87 invalid_inbox($ctx, $1) || get_atom($ctx);
88 } elsif ($path_info =~ m!$INBOX_RE/new\.html\z!o) {
89 invalid_inbox($ctx, $1) || get_new($ctx);
90 } elsif ($path_info =~ m!$INBOX_RE/description\z!o) {
91 get_description($ctx, $1);
92 } elsif ($path_info =~ m!$INBOX_RE/(?:(?:git/)?([0-9]+)(?:\.git)?/)?
93 ($PublicInbox::GitHTTPBackend::ANY)\z!ox) {
94 my ($epoch, $path) = ($2, $3);
95 invalid_inbox($ctx, $1) || serve_git($ctx, $epoch, $path);
96 } elsif ($path_info =~ m!$INBOX_RE/([a-zA-Z0-9_\-]+).mbox\.gz\z!o) {
97 serve_mbox_range($ctx, $1, $2);
98 } elsif ($path_info =~ m!$INBOX_RE/$MID_RE/$END_RE\z!o) {
99 msg_page($ctx, $1, $2, $3);
101 } elsif ($path_info =~ m!$INBOX_RE/$MID_RE/$ATTACH_RE\z!o) {
102 my ($idx, $fn) = ($3, $4);
103 invalid_inbox_mid($ctx, $1, $2) || get_attach($ctx, $idx, $fn);
104 # in case people leave off the trailing slash:
105 } elsif ($path_info =~ m!$INBOX_RE/$MID_RE/(T|t)\z!o) {
106 my ($inbox, $mid_ue, $suffix) = ($1, $2, $3);
107 $suffix .= $suffix =~ /\A[tT]\z/ ? '/#u' : '/';
108 r301($ctx, $inbox, $mid_ue, $suffix);
110 } elsif ($path_info =~ m!$INBOX_RE/$MID_RE/R/?\z!o) {
111 my ($inbox, $mid_ue) = ($1, $2);
112 r301($ctx, $inbox, $mid_ue, '#R');
114 } elsif ($path_info =~ m!$INBOX_RE/$MID_RE/f/?\z!o) {
116 } elsif ($path_info =~ m!$INBOX_RE/_/text(?:/(.*))?\z!o) {
117 get_text($ctx, $1, $2);
118 } elsif ($path_info =~ m!$INBOX_RE/([a-zA-Z0-9_\-\.]+)\.css\z!o) {
119 get_css($ctx, $1, $2);
120 } elsif ($path_info =~ m!$INBOX_RE/manifest\.js\.gz\z!o) {
121 get_inbox_manifest($ctx, $1, $2);
122 } elsif ($path_info =~ m!$INBOX_RE/($OID_RE)/s/\z!o) {
123 get_vcs_object($ctx, $1, $2);
124 } elsif ($path_info =~ m!$INBOX_RE/($OID_RE)/s/
125 ($PublicInbox::Hval::FN)\z!ox) {
126 get_vcs_object($ctx, $1, $2, $3);
127 } elsif ($path_info =~ m!$INBOX_RE/($OID_RE)/s\z!o) {
128 r301($ctx, $1, $2, 's/');
129 } elsif ($path_info =~ m!$INBOX_RE/(\w+)\.sql\.gz\z!o) {
130 get_altid_dump($ctx, $1, $2);
131 # convenience redirects order matters
132 } elsif ($path_info =~ m!$INBOX_RE/([^/]{2,})\z!o) {
134 } elsif ($path_info =~ m!\A/\+/([a-zA-Z0-9_\-\.]+)\.css\z!) {
135 get_css($ctx, undef, $1); # for WwwListing
137 legacy_redirects($ctx, $path_info);
141 # for CoW-friendliness, MOOOOO! Even for single-process setups,
142 # we want to get all immortal allocations done early to avoid heap
143 # fragmentation since common allocators favor a large contiguous heap.
147 # populate caches used by Encode internally, since emails
148 # may show up with any encoding.
150 Encode::find_encoding($_) for Encode->encodings(':all');
152 require PublicInbox::ExtMsg;
153 require PublicInbox::Feed;
154 require PublicInbox::View;
155 require PublicInbox::SearchThread;
156 require PublicInbox::Eml;
157 require PublicInbox::Mbox;
158 require PublicInbox::ViewVCS;
159 require PublicInbox::WwwText;
160 require PublicInbox::WwwAttach;
162 require PublicInbox::Search;
163 PublicInbox::Search::load_xapian();
165 for (qw(SearchView MboxGz WwwAltId)) {
166 eval "require PublicInbox::$_;";
169 my $pi_cfg = $self->{pi_cfg};
170 if (defined($pi_cfg->{'publicinbox.cgitrc'})) {
171 $pi_cfg->limiter('-cgit');
173 $pi_cfg->ALL and require PublicInbox::Isearch;
175 $self->stylesheets_prepare($_) for ('', '../', '../../');
180 # private functions below
184 if ($ctx && $ctx->{mid}) {
185 require PublicInbox::ExtMsg;
186 return PublicInbox::ExtMsg::ext_msg($ctx);
191 sub news_cgit_fallback ($) {
193 my $www = $ctx->{www};
194 my $env = $ctx->{env};
195 my $res = $www->news_www->call($env);
196 $res->[0] == 404 ? $www->cgit->call($env) : $res;
199 # returns undef if valid, array ref response if invalid
200 sub invalid_inbox ($$) {
201 my ($ctx, $inbox) = @_;
202 my $ibx = $ctx->{www}->{pi_cfg}->lookup_name($inbox) //
203 $ctx->{www}->{pi_cfg}->lookup_ei($inbox);
209 # sometimes linkifiers (not ours!) screw up automatic link
210 # generation and link things intended for nntp:// to https?://,
211 # so try to infer links and redirect them to the appropriate
213 news_cgit_fallback($ctx);
216 # returns undef if valid, array ref response if invalid
217 sub invalid_inbox_mid {
218 my ($ctx, $inbox, $mid_ue) = @_;
219 my $ret = invalid_inbox($ctx, $inbox);
222 my $mid = $ctx->{mid} = uri_unescape($mid_ue);
223 my $ibx = $ctx->{ibx};
224 if ($mid =~ m!\A([a-f0-9]{2})([a-f0-9]{38})\z!) {
225 my ($x2, $x38) = ($1, $2);
226 # this is horrifically wasteful for legacy URLs:
227 my $str = $ctx->{ibx}->msg_by_path("$x2/$x38") or return;
228 my $s = PublicInbox::Eml->new($str);
229 $mid = PublicInbox::MID::mid_clean($s->header_raw('Message-ID'));
230 return r301($ctx, $inbox, mid_escape($mid));
235 # /$INBOX/new.atom -> Atom feed, includes replies
238 require PublicInbox::Feed;
239 PublicInbox::Feed::generate($ctx);
242 # /$INBOX/new.html -> HTML only
245 require PublicInbox::Feed;
246 PublicInbox::Feed::new_html($ctx);
249 # /$INBOX/?r=$GIT_COMMIT -> HTML only
252 require PublicInbox::Feed;
253 if ($ctx->{env}->{QUERY_STRING} =~ /(?:\A|[&;])q=/) {
254 require PublicInbox::SearchView;
255 PublicInbox::SearchView::sres_top_html($ctx);
257 PublicInbox::Feed::generate_html_index($ctx);
261 # /$INBOX/$MESSAGE_ID/raw -> raw mbox
264 require PublicInbox::Mbox;
265 PublicInbox::Mbox::emit_raw($ctx) || r(404);
268 # /$INBOX/$MESSAGE_ID/ -> HTML content (short quotes)
271 require PublicInbox::View;
272 PublicInbox::View::msg_page($ctx) || r404($ctx);
275 # /$INBOX/$MESSAGE_ID/t/
277 my ($ctx, $flat) = @_;
278 $ctx->{ibx}->over or return need($ctx, 'Overview');
279 $ctx->{flat} = $flat;
280 require PublicInbox::View;
281 PublicInbox::View::thread_html($ctx);
284 # /$INBOX/_/text/$KEY/
285 # /$INBOX/_/text/$KEY/raw
286 # KEY may contain slashes
288 my ($ctx, $inbox, $key) = @_;
289 my $r404 = invalid_inbox($ctx, $inbox);
290 return $r404 if $r404;
292 require PublicInbox::WwwText;
293 PublicInbox::WwwText::get_text($ctx, $key);
296 # show git objects (blobs and commits)
297 # /$INBOX/$GIT_OBJECT_ID/s/
298 # /$INBOX/$GIT_OBJECT_ID/s/$FILENAME
299 sub get_vcs_object ($$$;$) {
300 my ($ctx, $inbox, $oid, $filename) = @_;
301 my $r404 = invalid_inbox($ctx, $inbox);
302 return $r404 if $r404 || !$ctx->{www}->{pi_cfg}->repo_objs($ctx->{ibx});
303 require PublicInbox::ViewVCS;
304 PublicInbox::ViewVCS::show($ctx, $oid, $filename);
308 my ($ctx, $inbox, $altid_pfx) =@_;
309 my $r404 = invalid_inbox($ctx, $inbox);
310 return $r404 if $r404;
311 eval { require PublicInbox::WwwAltId } or return need($ctx, 'sqlite3');
312 PublicInbox::WwwAltId::sqldump($ctx, $altid_pfx);
316 my ($ctx, $extra) = @_;
317 require PublicInbox::WwwStream;
318 PublicInbox::WwwStream::html_oneshot($ctx, 501, \<<EOF);
319 <pre>$extra is not available for this public-inbox
320 <a\nhref="../">Return to index</a></pre>
324 # /$INBOX/$MESSAGE_ID/t.mbox -> thread as mbox
325 # /$INBOX/$MESSAGE_ID/t.mbox.gz -> thread as gzipped mbox
326 # note: I'm not a big fan of other compression formats since they're
327 # significantly more expensive on CPU than gzip and less-widely available,
328 # especially on older systems. Stick to zlib since that's what git uses.
329 sub get_thread_mbox {
330 my ($ctx, $sfx) = @_;
331 my $over = $ctx->{ibx}->over or return need($ctx, 'Overview');
332 require PublicInbox::Mbox;
333 PublicInbox::Mbox::thread_mbox($ctx, $over, $sfx);
337 # /$INBOX/$MESSAGE_ID/t.atom -> thread as Atom feed
338 sub get_thread_atom {
340 $ctx->{ibx}->over or return need($ctx, 'Overview');
341 require PublicInbox::Feed;
342 PublicInbox::Feed::generate_thread_atom($ctx);
345 sub legacy_redirects {
346 my ($ctx, $path_info) = @_;
348 # single-message pages
349 if ($path_info =~ m!$INBOX_RE/m/(\S+)/\z!o) {
351 } elsif ($path_info =~ m!$INBOX_RE/m/(\S+)/raw\z!o) {
352 r301($ctx, $1, $2, 'raw');
354 } elsif ($path_info =~ m!$INBOX_RE/f/(\S+)/\z!o) {
358 } elsif ($path_info =~ m!$INBOX_RE/t/(\S+)/\z!o) {
359 r301($ctx, $1, $2, 't/#u');
361 } elsif ($path_info =~ m!$INBOX_RE/t/(\S+)/mbox(\.gz)?\z!o) {
362 r301($ctx, $1, $2, "t.mbox$3");
364 # even older legacy redirects
365 } elsif ($path_info =~ m!$INBOX_RE/m/(\S+)\.html\z!o) {
368 } elsif ($path_info =~ m!$INBOX_RE/t/(\S+)\.html\z!o) {
369 r301($ctx, $1, $2, 't/#u');
371 } elsif ($path_info =~ m!$INBOX_RE/f/(\S+)\.html\z!o) {
374 } elsif ($path_info =~ m!$INBOX_RE/(?:m|f)/(\S+)\.txt\z!o) {
375 r301($ctx, $1, $2, 'raw');
377 } elsif ($path_info =~ m!$INBOX_RE/t/(\S+)(\.mbox(?:\.gz)?)\z!o) {
378 r301($ctx, $1, $2, "t$3");
380 # legacy convenience redirects, order still matters
381 } elsif ($path_info =~ m!$INBOX_RE/m/(\S+)\z!o) {
383 } elsif ($path_info =~ m!$INBOX_RE/t/(\S+)\z!o) {
384 r301($ctx, $1, $2, 't/#u');
385 } elsif ($path_info =~ m!$INBOX_RE/f/(\S+)\z!o) {
388 # some Message-IDs have slashes in them and the HTTP server
389 # may try to be clever and unescape them :<
390 } elsif ($path_info =~ m!$INBOX_RE/(\S+/\S+)/$END_RE\z!o) {
391 msg_page($ctx, $1, $2, $3);
393 # in case people leave off the trailing slash:
394 } elsif ($path_info =~ m!$INBOX_RE/(\S+/\S+)/(T|t)\z!o) {
395 r301($ctx, $1, $2, $3 eq 't' ? 't/#u' : $3);
396 } elsif ($path_info =~ m!$INBOX_RE/(\S+/\S+)/f\z!o) {
399 news_cgit_fallback($ctx);
404 my ($ctx, $inbox, $mid_ue, $suffix) = @_;
405 my $ibx = $ctx->{ibx};
407 my $r404 = invalid_inbox($ctx, $inbox);
408 return $r404 if $r404;
411 my $url = $ibx->base_url($ctx->{env});
412 my $qs = $ctx->{env}->{QUERY_STRING};
413 if (defined $mid_ue) {
414 # common, and much nicer as '@' than '%40':
415 $mid_ue =~ s/%40/@/g;
416 $url .= $mid_ue . '/';
418 $url .= $suffix if (defined $suffix);
419 $url .= "?$qs" if $qs ne '';
422 [ Location => $url, 'Content-Type' => 'text/plain' ],
423 [ "Redirecting to $url\n" ] ]
427 my ($ctx, $inbox, $mid_ue, $e) = @_;
429 $ret = invalid_inbox_mid($ctx, $inbox, $mid_ue) and return $ret;
430 '' eq $e and return get_mid_html($ctx);
431 'T/' eq $e and return get_thread($ctx, 1);
432 't/' eq $e and return get_thread($ctx);
433 't.atom' eq $e and return get_thread_atom($ctx);
434 't.mbox' eq $e and return get_thread_mbox($ctx);
435 't.mbox.gz' eq $e and return get_thread_mbox($ctx, '.gz');
436 'raw' eq $e and return get_mid_txt($ctx);
438 # legacy, but no redirect for compatibility:
439 'f/' eq $e and return get_mid_html($ctx);
444 my ($ctx, $epoch, $path) = @_;
445 my $env = $ctx->{env};
446 my $ibx = $ctx->{ibx};
447 my $git = defined $epoch ? $ibx->git_epoch($epoch) : $ibx->git;
448 $git ? PublicInbox::GitHTTPBackend::serve($env, $git, $path) : r404();
453 if ($ctx->{env}->{QUERY_STRING} =~ /(?:\A|[&;])q=/) {
454 $ctx->{ibx}->isrch or return need($ctx, 'search');
455 require PublicInbox::SearchView;
456 return PublicInbox::SearchView::mbox_results($ctx);
461 sub serve_mbox_range {
462 my ($ctx, $inbox, $range) = @_;
463 invalid_inbox($ctx, $inbox) || eval {
464 require PublicInbox::Mbox;
465 PublicInbox::Mbox::emit_range($ctx, $range);
471 $self->{news_www} //= do {
472 require PublicInbox::NewsWWW;
473 PublicInbox::NewsWWW->new($self->{pi_cfg});
479 $self->{cgit} //= do {
480 my $pi_cfg = $self->{pi_cfg};
482 if (defined($pi_cfg->{'publicinbox.cgitrc'})) {
483 require PublicInbox::Cgit;
484 PublicInbox::Cgit->new($pi_cfg);
487 Plack::Util::inline_object(call => sub { r404() });
492 # GET $INBOX/manifest.js.gz
493 sub get_inbox_manifest ($$$) {
494 my ($ctx, $inbox, $key) = @_;
495 my $r404 = invalid_inbox($ctx, $inbox);
496 return $r404 if $r404;
497 require PublicInbox::ManifestJsGz;
498 PublicInbox::ManifestJsGz::per_inbox($ctx);
502 my ($ctx, $idx, $fn) = @_;
503 require PublicInbox::WwwAttach;
504 PublicInbox::WwwAttach::get_attach($ctx, $idx, $fn);
507 # User-generated content (UGC) may have excessively long lines
508 # and screw up rendering on some browsers, so we use pre-wrap.
510 # We also force everything to the same scaled font-size because GUI
511 # browsers (tested both Firefox and surf (webkit)) uses a larger font
512 # for the Search <form> element than the rest of the page. Font size
513 # uniformity is important to people who rely on gigantic fonts.
514 # Finally, we use monospace to ensure the Search field and button
515 # has the same size and spacing as everything else which is
516 # <pre>-formatted anyways.
517 our $STYLE = 'pre{white-space:pre-wrap}*{font-size:100%;font-family:monospace}';
519 sub stylesheets_prepare ($$) {
520 my ($self, $upfx) = @_;
522 require CSS::Minifier;
523 sub { CSS::Minifier::minify(input => $_[0]) };
525 require CSS::Minifier::XS;
526 sub { CSS::Minifier::XS::minify($_[0]) };
530 my $stylesheets = $self->{pi_cfg}->{css} || [];
534 foreach my $s (@$stylesheets) {
537 foreach my $k (qw(media title href)) {
538 if (s/\s*$k='([^']+)'// || s/\s*$k=(\S+)//) {
543 if (defined $attr->{href}) {
547 my ($key) = (m!([^/]+?)(?:\.css)?\z!i);
548 if ($key !~ /\A[a-zA-Z0-9_\-\.]+\z/) {
549 warn "ignoring $fn, non-ASCII word character\n";
552 open(my $fh, '<', $fn) or do {
553 warn "failed to open $fn: $!\n";
557 my $local = do { local $/; <$fh> };
558 if ($local =~ /\S/) {
559 $ctime = sprintf('%x',(stat($fh))[10]);
560 $local = $mini->($local);
563 # do not let BOFHs override userContent.css:
564 if ($local =~ /!\s*important\b/i) {
565 warn "ignoring $fn since it uses `!important'\n";
569 $css_map->{$key} = $local;
570 $attr->{href} = "$upfx$key.css?$ctime";
571 if (defined($attr->{title})) {
573 } elsif (($attr->{media}||'screen') eq 'screen') {
574 $attr->{-inline} = $local;
580 my $buf = "<style>$STYLE";
582 my @ext; # for media=print and whatnot
583 foreach my $attr (@$links) {
584 if (defined(my $str = delete $attr->{-inline})) {
595 foreach my $attr (@$links) {
596 delete $attr->{-inline};
597 $buf .= "<link\ntype=text/css\nrel=stylesheet";
598 while (my ($k, $v) = each %$attr) {
599 $v = qq{"$v"} if $v =~ /[\s=]/;
604 $self->{"-style-$upfx"} = $buf;
606 $self->{-style_inline} = $buf;
608 $self->{-css_map} = $css_map;
611 # returns an HTML fragment with <style> or <link> tags in them
612 # Called by WwwStream by nearly every HTML page
614 my ($self, $upfx) = @_;
615 $self->{-style_inline} || $self->{"-style-$upfx"} || do {
616 stylesheets_prepare($self, $upfx);
617 $self->{-style_inline} || $self->{"-style-$upfx"}
621 # /$INBOX/$KEY.css and /+/$KEY.css endpoints
622 # CSS is configured globally for all inboxes, but we access them on
623 # a per-inbox basis. This allows administrators to setup per-inbox
624 # static routes to intercept the request before it hits PSGI
625 # inbox == undef => top-level WwwListing
627 my ($ctx, $inbox, $key) = @_;
628 my $r404 = defined($inbox) ? invalid_inbox($ctx, $inbox) : undef;
629 return $r404 if $r404;
630 my $self = $ctx->{www};
631 my $css_map = $self->{-css_map} ||
632 stylesheets_prepare($self, defined($inbox) ? '' : '+/');
633 my $css = $css_map->{$key};
634 if (!defined($css) && defined($inbox) && $key eq 'userContent') {
635 my $env = $ctx->{env};
636 $css = PublicInbox::UserContent::sample($ctx->{ibx}, $env);
638 defined $css or return r404();
639 my $h = [ 'Content-Length', length($css), 'Content-Type', 'text/css' ];
640 PublicInbox::GitHTTPBackend::cache_one_year($h);
641 [ 200, $h, [ $css ] ];
644 sub get_description {
645 my ($ctx, $inbox) = @_;
646 invalid_inbox($ctx, $inbox) || do {
647 my $d = $ctx->{ibx}->description . "\n";
649 [ 200, [ 'Content-Length', length($d),
650 'Content-Type', 'text/plain' ], [ $d ] ];
654 sub event_step { # called via requeue
656 # gzf = PublicInbox::GzipFilter == $ctx
657 my $gzf = shift(@{$self->{-low_prio_q}}) // return;
658 PublicInbox::DS::requeue($self) if scalar(@{$self->{-low_prio_q}});
659 my $http = $gzf->{env}->{'psgix.io'}; # PublicInbox::HTTP
660 $http->next_step($gzf->can('async_next'));