local string = require "string"
local coroutine = require "coroutine"
local table = require "table"
+local lhttp = require "lucihttp"
local ipairs, pairs, next, type, tostring, error =
ipairs, pairs, next, type, tostring, error
---- LuCI Web Framework high-level HTTP functions.
module "luci.http"
context = util.threadlocal()
end
function Request.getcookie(self, name)
- local c = string.gsub(";" .. (self:getenv("HTTP_COOKIE") or "") .. ";", "%s*;%s*", ";")
- local p = ";" .. name .. "=(.-);"
- local i, j, value = c:find(p)
- return value and urldecode(value)
+ return lhttp.header_attribute("cookie; " .. (self:getenv("HTTP_COOKIE") or ""), name)
end
function Request.getenv(self, name)
function Request.setfilehandler(self, callback)
self.filehandler = callback
+
+ if not self.parsed_input then
+ return
+ end
+
+ -- If input has already been parsed then uploads are stored as unlinked
+ -- temporary files pointed to by open file handles in the parameter
+ -- value table. Loop all params, and invoke the file callback for any
+ -- param with an open file handle.
+ local name, value
+ for name, value in pairs(self.message.params) do
+ if type(value) == "table" then
+ while value.fd do
+ local data = value.fd:read(1024)
+ local eof = (not data or data == "")
+
+ callback(value, data, eof)
+
+ if eof then
+ value.fd:close()
+ value.fd = nil
+ end
+ end
+ end
+ end
end
function Request._parse_input(self)
self.parsed_input = true
end
---- Close the HTTP-Connection.
function close()
if not context.eoh then
context.eoh = true
end
end
---- Return the request content if the request was of unknown type.
--- @return HTTP request body
--- @return HTTP request body length
function content()
return context.request:content()
end
---- Get a certain HTTP input value or a table of all input values.
--- @param name Name of the GET or POST variable to fetch
--- @param noparse Don't parse POST data before getting the value
--- @return HTTP input value or table of all input value
function formvalue(name, noparse)
return context.request:formvalue(name, noparse)
end
---- Get a table of all HTTP input values with a certain prefix.
--- @param prefix Prefix
--- @return Table of all HTTP input values with given prefix
function formvaluetable(prefix)
return context.request:formvaluetable(prefix)
end
---- Get the value of a certain HTTP-Cookie.
--- @param name Cookie Name
--- @return String containing cookie data
function getcookie(name)
return context.request:getcookie(name)
end
---- Get the value of a certain HTTP environment variable
-- or the environment table itself.
--- @param name Environment variable
--- @return HTTP environment value or environment table
function getenv(name)
return context.request:getenv(name)
end
---- Set a handler function for incoming user file uploads.
--- @param callback Handler function
function setfilehandler(callback)
return context.request:setfilehandler(callback)
end
---- Send a HTTP-Header.
--- @param key Header key
--- @param value Header value
function header(key, value)
if not context.headers then
context.headers = {}
coroutine.yield(2, key, value)
end
---- Set the mime type of following content data.
--- @param mime Mimetype of following content
function prepare_content(mime)
if not context.headers or not context.headers["content-type"] then
if mime == "application/xhtml+xml" then
end
end
---- Get the RAW HTTP input source
--- @return HTTP LTN12 source
function source()
return context.request.input
end
---- Set the HTTP status code and status message.
--- @param code Status code
--- @param message Status message
function status(code, message)
code = code or 200
message = message or "OK"
coroutine.yield(1, code, message)
end
---- Send a chunk of content data to the client.
-- This function is as a valid LTN12 sink.
-- If the content chunk is nil this function will automatically invoke close.
--- @param content Content chunk
--- @param src_err Error object from source (optional)
--- @see close
function write(content, src_err)
if not content then
if src_err then
header("Cache-Control", "no-cache")
header("Expires", "0")
end
-
+ if not context.headers["x-frame-options"] then
+ header("X-Frame-Options", "SAMEORIGIN")
+ end
+ if not context.headers["x-xss-protection"] then
+ header("X-XSS-Protection", "1; mode=block")
+ end
+ if not context.headers["x-content-type-options"] then
+ header("X-Content-Type-Options", "nosniff")
+ end
context.eoh = true
coroutine.yield(3)
end
end
---- Splice data from a filedescriptor to the client.
--- @param fp File descriptor
--- @param size Bytes to splice (optional)
function splice(fd, size)
coroutine.yield(6, fd, size)
end
---- Redirects the client to a new URL and closes the connection.
--- @param url Target URL
function redirect(url)
+ if url == "" then url = "/" end
status(302, "Found")
header("Location", url)
close()
end
---- Create a querystring out of a table of key - value pairs.
--- @param table Query string source table
--- @return Encoded HTTP query string
function build_querystring(q)
- local s = { "?" }
+ local s, n, k, v = {}, 1, nil, nil
for k, v in pairs(q) do
- if #s > 1 then s[#s+1] = "&" end
-
- s[#s+1] = urldecode(k)
- s[#s+1] = "="
- s[#s+1] = urldecode(v)
+ s[n+0] = (n == 1) and "?" or "&"
+ s[n+1] = util.urlencode(k)
+ s[n+2] = "="
+ s[n+3] = util.urlencode(v)
+ n = n + 4
end
return table.concat(s, "")
end
---- Return the URL-decoded equivalent of a string.
--- @param str URL-encoded string
--- @param no_plus Don't decode + to " "
--- @return URL-decoded string
--- @see urlencode
-urldecode = protocol.urldecode
-
---- Return the URL-encoded equivalent of a string.
--- @param str Source string
--- @return URL-encoded string
--- @see urldecode
-urlencode = protocol.urlencode
-
---- Send the given data as JSON encoded string.
--- @param data Data to send
+urldecode = util.urldecode
+
+urlencode = util.urlencode
+
function write_json(x)
- if x == nil then
- write("null")
- elseif type(x) == "table" then
- local k, v
- if type(next(x)) == "number" then
- write("[ ")
- for k, v in ipairs(x) do
- write_json(v)
- if next(x, k) then
- write(", ")
- end
- end
- write(" ]")
- else
- write("{ ")
- for k, v in pairs(x) do
- write("%q: " % k)
- write_json(v)
- if next(x, k) then
- write(", ")
- end
- end
- write(" }")
- end
- elseif type(x) == "number" or type(x) == "boolean" then
- if (x ~= x) then
- -- NaN is the only value that doesn't equal to itself.
- write("Number.NaN")
- else
- write(tostring(x))
- end
- else
- write('"%s"' % tostring(x):gsub('["%z\1-\31]', function(c)
- return '\\u%04x' % c:byte(1)
- end))
- end
+ util.serialize_json(x, write)
end
projects / project / luci.git / blobdiff