2015-07-20 13:42:07 +00:00
|
|
|
/*!
|
|
|
|
* express
|
|
|
|
* Copyright(c) 2009-2013 TJ Holowaychuk
|
|
|
|
* Copyright(c) 2014-2015 Douglas Christopher Wilson
|
|
|
|
* MIT Licensed
|
|
|
|
*/
|
|
|
|
|
2016-02-12 13:10:16 +00:00
|
|
|
'use strict';
|
|
|
|
|
2015-07-20 13:42:07 +00:00
|
|
|
/**
|
|
|
|
* Module dependencies.
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
2016-02-12 13:10:16 +00:00
|
|
|
var contentDisposition = require('content-disposition');
|
2015-07-20 13:42:07 +00:00
|
|
|
var contentType = require('content-type');
|
2016-02-12 13:10:16 +00:00
|
|
|
var deprecate = require('depd')('express');
|
|
|
|
var flatten = require('array-flatten');
|
|
|
|
var mime = require('send').mime;
|
|
|
|
var basename = require('path').basename;
|
2015-07-20 13:42:07 +00:00
|
|
|
var etag = require('etag');
|
|
|
|
var proxyaddr = require('proxy-addr');
|
2016-02-12 13:10:16 +00:00
|
|
|
var qs = require('qs');
|
|
|
|
var querystring = require('querystring');
|
2015-07-20 13:42:07 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Return strong ETag for `body`.
|
|
|
|
*
|
|
|
|
* @param {String|Buffer} body
|
|
|
|
* @param {String} [encoding]
|
|
|
|
* @return {String}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.etag = function (body, encoding) {
|
|
|
|
var buf = !Buffer.isBuffer(body)
|
|
|
|
? new Buffer(body, encoding)
|
|
|
|
: body;
|
|
|
|
|
|
|
|
return etag(buf, {weak: false});
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return weak ETag for `body`.
|
|
|
|
*
|
|
|
|
* @param {String|Buffer} body
|
|
|
|
* @param {String} [encoding]
|
|
|
|
* @return {String}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.wetag = function wetag(body, encoding){
|
|
|
|
var buf = !Buffer.isBuffer(body)
|
|
|
|
? new Buffer(body, encoding)
|
|
|
|
: body;
|
|
|
|
|
|
|
|
return etag(buf, {weak: true});
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if `path` looks absolute.
|
|
|
|
*
|
|
|
|
* @param {String} path
|
|
|
|
* @return {Boolean}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.isAbsolute = function(path){
|
2017-07-18 11:42:39 +00:00
|
|
|
if ('/' === path[0]) return true;
|
|
|
|
if (':' === path[1] && ('\\' === path[2] || '/' === path[2])) return true; // Windows device path
|
|
|
|
if ('\\\\' === path.substring(0, 2)) return true; // Microsoft Azure absolute path
|
2015-07-20 13:42:07 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Flatten the given `arr`.
|
|
|
|
*
|
|
|
|
* @param {Array} arr
|
|
|
|
* @return {Array}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
2016-02-12 13:10:16 +00:00
|
|
|
exports.flatten = deprecate.function(flatten,
|
|
|
|
'utils.flatten: use array-flatten npm module instead');
|
2015-07-20 13:42:07 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Normalize the given `type`, for example "html" becomes "text/html".
|
|
|
|
*
|
|
|
|
* @param {String} type
|
|
|
|
* @return {Object}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.normalizeType = function(type){
|
|
|
|
return ~type.indexOf('/')
|
|
|
|
? acceptParams(type)
|
|
|
|
: { value: mime.lookup(type), params: {} };
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Normalize `types`, for example "html" becomes "text/html".
|
|
|
|
*
|
|
|
|
* @param {Array} types
|
|
|
|
* @return {Array}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.normalizeTypes = function(types){
|
|
|
|
var ret = [];
|
|
|
|
|
|
|
|
for (var i = 0; i < types.length; ++i) {
|
|
|
|
ret.push(exports.normalizeType(types[i]));
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
2016-02-12 13:10:16 +00:00
|
|
|
* Generate Content-Disposition header appropriate for the filename.
|
|
|
|
* non-ascii filenames are urlencoded and a filename* parameter is added
|
2015-07-20 13:42:07 +00:00
|
|
|
*
|
2016-02-12 13:10:16 +00:00
|
|
|
* @param {String} filename
|
2015-07-20 13:42:07 +00:00
|
|
|
* @return {String}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
2016-02-12 13:10:16 +00:00
|
|
|
exports.contentDisposition = deprecate.function(contentDisposition,
|
|
|
|
'utils.contentDisposition: use content-disposition npm module instead');
|
2015-07-20 13:42:07 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Parse accept params `str` returning an
|
|
|
|
* object with `.value`, `.quality` and `.params`.
|
|
|
|
* also includes `.originalIndex` for stable sorting
|
|
|
|
*
|
|
|
|
* @param {String} str
|
|
|
|
* @return {Object}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
function acceptParams(str, index) {
|
|
|
|
var parts = str.split(/ *; */);
|
|
|
|
var ret = { value: parts[0], quality: 1, params: {}, originalIndex: index };
|
|
|
|
|
|
|
|
for (var i = 1; i < parts.length; ++i) {
|
|
|
|
var pms = parts[i].split(/ *= */);
|
2017-07-18 11:42:39 +00:00
|
|
|
if ('q' === pms[0]) {
|
2015-07-20 13:42:07 +00:00
|
|
|
ret.quality = parseFloat(pms[1]);
|
|
|
|
} else {
|
|
|
|
ret.params[pms[0]] = pms[1];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Compile "etag" value to function.
|
|
|
|
*
|
|
|
|
* @param {Boolean|String|Function} val
|
|
|
|
* @return {Function}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.compileETag = function(val) {
|
|
|
|
var fn;
|
|
|
|
|
|
|
|
if (typeof val === 'function') {
|
|
|
|
return val;
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (val) {
|
|
|
|
case true:
|
|
|
|
fn = exports.wetag;
|
|
|
|
break;
|
|
|
|
case false:
|
|
|
|
break;
|
|
|
|
case 'strong':
|
|
|
|
fn = exports.etag;
|
|
|
|
break;
|
|
|
|
case 'weak':
|
|
|
|
fn = exports.wetag;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
throw new TypeError('unknown value for etag function: ' + val);
|
|
|
|
}
|
|
|
|
|
|
|
|
return fn;
|
|
|
|
}
|
|
|
|
|
2016-02-12 13:10:16 +00:00
|
|
|
/**
|
|
|
|
* Compile "query parser" value to function.
|
|
|
|
*
|
|
|
|
* @param {String|Function} val
|
|
|
|
* @return {Function}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.compileQueryParser = function compileQueryParser(val) {
|
|
|
|
var fn;
|
|
|
|
|
|
|
|
if (typeof val === 'function') {
|
|
|
|
return val;
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (val) {
|
|
|
|
case true:
|
|
|
|
fn = querystring.parse;
|
|
|
|
break;
|
|
|
|
case false:
|
|
|
|
fn = newObject;
|
|
|
|
break;
|
|
|
|
case 'extended':
|
|
|
|
fn = parseExtendedQueryString;
|
|
|
|
break;
|
|
|
|
case 'simple':
|
|
|
|
fn = querystring.parse;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
throw new TypeError('unknown value for query parser function: ' + val);
|
|
|
|
}
|
|
|
|
|
|
|
|
return fn;
|
|
|
|
}
|
|
|
|
|
2015-07-20 13:42:07 +00:00
|
|
|
/**
|
|
|
|
* Compile "proxy trust" value to function.
|
|
|
|
*
|
|
|
|
* @param {Boolean|String|Number|Array|Function} val
|
|
|
|
* @return {Function}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.compileTrust = function(val) {
|
|
|
|
if (typeof val === 'function') return val;
|
|
|
|
|
|
|
|
if (val === true) {
|
|
|
|
// Support plain true/false
|
|
|
|
return function(){ return true };
|
|
|
|
}
|
|
|
|
|
|
|
|
if (typeof val === 'number') {
|
|
|
|
// Support trusting hop count
|
|
|
|
return function(a, i){ return i < val };
|
|
|
|
}
|
|
|
|
|
|
|
|
if (typeof val === 'string') {
|
|
|
|
// Support comma-separated values
|
|
|
|
val = val.split(/ *, */);
|
|
|
|
}
|
|
|
|
|
|
|
|
return proxyaddr.compile(val || []);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set the charset in a given Content-Type string.
|
|
|
|
*
|
|
|
|
* @param {String} type
|
|
|
|
* @param {String} charset
|
|
|
|
* @return {String}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
exports.setCharset = function setCharset(type, charset) {
|
|
|
|
if (!type || !charset) {
|
|
|
|
return type;
|
|
|
|
}
|
|
|
|
|
|
|
|
// parse type
|
|
|
|
var parsed = contentType.parse(type);
|
|
|
|
|
|
|
|
// set charset
|
|
|
|
parsed.parameters.charset = charset;
|
|
|
|
|
|
|
|
// format type
|
|
|
|
return contentType.format(parsed);
|
|
|
|
};
|
2016-02-12 13:10:16 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Parse an extended query string with qs.
|
|
|
|
*
|
|
|
|
* @return {Object}
|
|
|
|
* @private
|
|
|
|
*/
|
|
|
|
|
|
|
|
function parseExtendedQueryString(str) {
|
|
|
|
return qs.parse(str, {
|
|
|
|
allowPrototypes: true
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return new empty object.
|
|
|
|
*
|
|
|
|
* @return {Object}
|
|
|
|
* @api private
|
|
|
|
*/
|
|
|
|
|
|
|
|
function newObject() {
|
|
|
|
return {};
|
|
|
|
}
|