Back to

package zhttp

v0.0.0 (2396be2)
Latest Go to latest
Published: May 20, 2020 | License: MIT | Module:



const (
	ContentUnsupported uint8 = iota
const (
	LevelInfo  = "i"
	LevelError = "e"

Level constants.

const (
	ServeTLS      = uint8(0b0001)
	ServeRedirect = uint8(0b0010)
const (
	// Don't set any header.
	CacheNoHeader = 0

	// Set to "no-cache" to tell browsers to always validate a cache (with e.g.
	// If-Match or If-None-Match). It does NOT tell browsers to never store a
	// cache; use Cache NoStore for that.
	CacheNoCache = -1

	// Set to "no-store, no-cache" to tell browsers to never store a local copy
	// (the no-cache is there to be sure previously stored copies from before
	// this header are revalidated).
	CacheNoStore = -2

Constants for the NewStatic() cache parameter.


var (
	CookieSecure   = false
	CookieSameSite = http.SameSiteLaxMode

Flags to add to all cookies (login and flash).

var DefaultHeaders = http.Header{
	"Strict-Transport-Security": []string{"max-age=2592000"},
	"X-Frame-Options":           []string{"deny"},
	"X-Content-Type-Options":    []string{"nosniff"},

DefaultHeaders will be set by default.

var ErrPage = DefaultErrPage
var FuncMap = template.FuncMap{
	"deref_s":      TderefS,
	"unsafe":       Tunsafe,
	"unsafe_js":    TunsafeJS,
	"checked":      Tchecked,
	"nformat":      Tnformat,
	"tformat":      Ttformat,
	"mult":         Tmult,
	"sum":          Tsum,
	"div":          Tdiv,
	"sub":          Tsub,
	"if2":          Tif2,
	"has_prefix":   ThasPrefix,
	"has_suffix":   ThasSuffix,
	"substr":       Tsubstr,
	"option_value": ToptionValue,
	"checkbox":     Tcheckbox,
	"pp":           Tpp,
	"string":       Tstring,
	"map":          Tmap,

FuncMap contains all the template functions.

var LogUnknownFields bool

LogUnknownFields tells Decode() to issue an error log on unknown fields.

var Static404 = func(w http.ResponseWriter, r *http.Request) {
	http.Error(w, fmt.Sprintf("packed file not found: %q", r.RequestURI), 404)
var TplPath = "tpl"

TplPath is the path to template files.

func Auth

func Auth(load loadFunc) func(http.Handler) http.Handler

func Bytes

func Bytes(w http.ResponseWriter, b []byte) error

func ClearCookie

func ClearCookie(w http.ResponseWriter, domain string)

func Decode

func Decode(r *http.Request, dst interface{}) (uint8, error)

Decode request parameters from a form, JSON body, or query parameters.

Returns one of the Content* constants, which is useful if you want to alternate the responses.

func DefaultErrPage

func DefaultErrPage(w http.ResponseWriter, r *http.Request, code int, reported error)

TODO: make it easy to hide errors on production.

func ErrorCode

func ErrorCode(err error) string

ErrorCode gets a hash based on the error value.

func ExecuteTpl

func ExecuteTpl(name string, data interface{}) ([]byte, error)

ExecuteTpl executes a named template.

func Filter

func Filter(f filterFunc) func(http.Handler) http.Handler

Filter access to a resource.

If the returning error is a and has a redirect code, then the error value is used as a redirection.

func Flash

func Flash(w http.ResponseWriter, msg string, v ...interface{})

Flash sets a new flash message at the LevelInfo, overwriting any previous messages (if any).

func FlashError

func FlashError(w http.ResponseWriter, msg string, v ...interface{})

FlashError sets a new flash message at the LevelError, overwriting any previous messages (if any).

func HandlerCSP

func HandlerCSP() func(w http.ResponseWriter, r *http.Request)

HandlerCSP handles CSP errors.

func HandlerJSErr

func HandlerJSErr() func(w http.ResponseWriter, r *http.Request)

HandlerJSErr logs JavaScript errors from window.onerror.

func HandlerRedirectHTTP

func HandlerRedirectHTTP(port string) http.HandlerFunc

HandlerRedirectHTTP redirects all HTTP requests to HTTPS.

func HandlerRobots

func HandlerRobots(rules [][]string) func(w http.ResponseWriter, r *http.Request)

HandlerRobots writes a simple robots.txt.

func Headers

func Headers(h http.Header) func(next http.Handler) http.Handler

Headers sets the given headers.

DefaultHeaders will always be set. Headers passed to this function overrides them. Use a nil value to remove a header.

func HostRoute

func HostRoute(routers map[string]http.Handler) http.HandlerFunc

HostRoute routes requests based on the Host header.

The routers can be simple domain names ("", "") or with a leading wildcard ("*", "*").

Exact matches are preferred over wildcards (e.g. "" trumps "*"). A single "*" will match any host and is used if nothing else matches.

func InitTpl

func InitTpl(pack map[string][]byte)

InitTpl sets up the templates.

func JSON

func JSON(w http.ResponseWriter, i interface{}) error

func Log

func Log(host bool, timeFmt string, ignore ...string) func(http.Handler) http.Handler

func MovedPermanently

func MovedPermanently(w http.ResponseWriter, url string) error

MovedPermanently redirects to the given URL.

func NewTpl

func NewTpl() *template.Template

func NoCache

func NoCache(next http.Handler) http.Handler

NoCache sets the Cache-Control header to "no-cache".

Browsers will always validate a cache (with e.g. If-Match or If-None-Match). It does NOT tell browsers to never store a cache (use NoStore for that).

func NoStore

func NoStore(next http.Handler) http.Handler

NoStore sets the Cache-Control header to "no-store, no-cache"

Browsers will never store a local copy (the no-cache is there to be sure previously stored copies from before this header are revalidated).

func Ratelimit

func Ratelimit(opts RatelimitOptions) func(http.Handler) http.Handler

Ratelimit requests.

func RatelimitIP

func RatelimitIP(r *http.Request) string

RatelimitIP rate limits based IP address.

Assumes RemoteAddr is set correctly. E.g. with chi's middleware.RealIP middleware.

func RatelimitLimit

func RatelimitLimit(limit int, period int64) func(*http.Request) (int, int64)

RatelimitLimit is a simple limiter, always returning the same numbers.

func RedirectHost

func RedirectHost(dst string) http.Handler

RedirectHost redirects all requests to the destination host.

Mainly intended for redirecting "" to "", or vice verse. The full URL is preserved, so " is redirected to

Only GET requests are redirected.

func ReloadTpl

func ReloadTpl()

ReloadTpl reloads the templates.

func RemovePort

func RemovePort(host string) string

RemovePort removes the "port" part of an hostname.

This only works for "host:port", and not URLs. See net.SplitHostPort.

func SafePath

func SafePath(s string) string

SafePath converts any string to a safe pathname, preventing directory traversal attacks and the like.

func Secret

func Secret() string

Secret number of 256 bits formatted in base36.

func SecretP

func SecretP() *string

SecretP is like Secret() but returns a pointer.

func SeeOther

func SeeOther(w http.ResponseWriter, url string) error

SeeOther redirects to the given URL.

"A 303 response to a GET request indicates that the origin server does not have a representation of the target resource that can be transferred by the server over HTTP. However, the Location field value refers to a resource that is descriptive of the target resource, such that making a retrieval request on that other resource might result in a representation that is useful to recipients without implying that it represents the original target resource."

func Serve

func Serve(flags uint8, server *http.Server)

Serve a HTTP server with graceful shutdown.

The server will use TLS if the http.Server has a valid TLSConfig; it will also try to redirect port 80 to the TLS server, but will gracefully fail if the permission for this is denied.

func SetCookie

func SetCookie(w http.ResponseWriter, val, domain string)

func Stream

func Stream(w http.ResponseWriter, fp io.Reader) error

func String

func String(w http.ResponseWriter, s string) error

func Tcheckbox

func Tcheckbox(current bool, name string) template.HTML

Tcheckbox adds a checkbox; if current is true then it's checked.

It also adds a hidden input with the value "off" so that's sent to the server when the checkbox isn't sent, which greatly simplifies backend handling.

func Tchecked

func Tchecked(vals []int64, id int64) template.HTMLAttr

Tchecked returns a 'checked="checked"' attribute if id is in vals.

func TderefS

func TderefS(s *string) string

TderefS dereferences a string pointer, returning "" if it's nil.

func Tdiv

func Tdiv(n, n2 int, n3 ...float32) float32

Tdiv divides all the given numbers.

func Template

func Template(w http.ResponseWriter, name string, data interface{}) error

func Text

func Text(w http.ResponseWriter, s string) error

func ThasPrefix

func ThasPrefix(s, prefix string) bool

ThasPrefix tests whether the string s begins with prefix.

func ThasSuffix

func ThasSuffix(s, suffix string) bool

ThasSuffix tests whether the string s ends with suffix.

func Tif2

func Tif2(cond bool, yes, no interface{}) interface{}

Tif2 returns yes if cond is true, and no otherwise.

func Tmap

func Tmap(values ...interface{}) map[string]interface{}

Tmap creates a map.

func Tmult

func Tmult(n, n2 int, n3 int

Tmult multiplies all the given numbers.

func Tnformat

func Tnformat(n int, sep rune) string

Tnformat formats a number with thousand separators.

func ToptionValue

func ToptionValue(current, value string) template.HTMLAttr

ToptionValue inserts the value attribute, and selected attribute if the value is the same as current.

func Tpp

func Tpp(v interface{}) string

Tpp pretty-prints any object as JSON.

func Tstring

func Tstring(v interface{}) string

Tstring converts anything to a string.

func Tsub

func Tsub(n, n2 int, n3 int

Tsub subtracts all the given numbers.

func Tsubstr

func Tsubstr(s string, i, j int) string

Tsubstr returns part of a string.

func Tsum

func Tsum(n, n2 int, n3 int

Tsum sums all the given numbers.

func Ttformat

func Ttformat(t time.Time, fmt string) string

Ttformat formats a time as the given format string.

func Tunsafe

func Tunsafe(s string) template.HTML

Tunsafe converts a string to template.HTML, preventing any escaping.

Can be dangerous if used on untrusted input!

func TunsafeJS

func TunsafeJS(s string) template.JS

TunsafeJS converts a string to template.JS, preventing any escaping.

Can be dangerous if used on untrusted input!

func Wrap

func Wrap(handler HandlerFunc) http.HandlerFunc

Wrap a http.HandlerFunc

func WrapWriter

func WrapWriter(next http.Handler) http.Handler

WrapWriter replaces the http.ResponseWriter with our version of http.ResponseWriter for some additional functionality.

type CSPError

type CSPError struct {
	Report Report `json:"csp-report"`

CSP errors.

type FlashMessage

type FlashMessage struct {
	Level   string
	Message template.HTML

FlashMessage is a displayed flash message.

func ReadFlash

func ReadFlash(w http.ResponseWriter, r *http.Request) *FlashMessage

ReadFlash reads any existing flash message, returning the severity level and the message itself.

type HandlerFunc

type HandlerFunc func(http.ResponseWriter, *http.Request) error

HandlerFunc function.

type RatelimitMemory

type RatelimitMemory struct {
	// contains filtered or unexported fields

RatelimitMemory stores the rate limit information in the Go process' memory.

func NewRatelimitMemory

func NewRatelimitMemory() *RatelimitMemory

func (*RatelimitMemory) Grant

func (m *RatelimitMemory) Grant(key string, n int, period int64) (bool, int)

type RatelimitOptions

type RatelimitOptions struct {
	Message string                                        // Displayed when limit is reached.
	Client  func(*http.Request) string                    // String to identify client (e.g. ip address).
	Store   RatelimitStore                                // How to store the # of requests.
	Limit   func(*http.Request) (limit int, period int64) // "limit" requests over "period" seconds.

type RatelimitStore

type RatelimitStore interface {
	Grant(key string, n int, period int64) (granted bool, remaining int)

type Report

type Report struct {
	BlockedURI   string `json:"blocked-uri"`
	ColumnNumber int    `json:"column-number"`
	DocumentURI  string `json:"document-uri"`
	LineNumber   int    `json:"line-number"`
	Referrer     string `json:"referrer"`
	SourceFile   string `json:"source-file"`
	Violated     string `json:"violated-directive"`

CSP errors.

type ResponseWriter

type ResponseWriter interface {

	// Status returns the HTTP status of the request, or 0 if one has not
	// yet been sent.
	Status() int

	// BytesWritten returns the total number of bytes sent to the client.
	BytesWritten() int

	// Tee causes the response body to be written to the given io.Writer in
	// addition to proxying the writes through. Only one io.Writer can be
	// tee'd to at once: setting a second one will overwrite the first.
	// Writes will be sent to the proxy before being written to this
	// io.Writer. It is illegal for the tee'd writer to be modified
	// concurrently with writes.

	// Unwrap returns the original proxied target.
	Unwrap() http.ResponseWriter

ResponseWriter is a proxy around an http.ResponseWriter that allows you to hook into various parts of the response process.

func NewResponseWriter

func NewResponseWriter(w http.ResponseWriter, protoMajor int) ResponseWriter

NewResponseWriter wraps an http.ResponseWriter, returning a proxy that allows you to hook into various parts of the response process.

type Static

type Static struct {
	// contains filtered or unexported fields

Static file server.

func NewStatic

func NewStatic(dir, domain string, cache int, packed map[string][]byte) Static

NewStatic returns a new static fileserver.

It will serve all files in dir. Symlinks are followed (even outside of dir!), but paths containing ".." are not allowed.

The domain parameter is used for CORS.

Cache is set to the Cache-Control: max-age parameter, or use one of the special Cache* constants.

If packed is not nil then all files will be served from the map, and the filesystem is never accessed. This is useful for self-contained production builds.

func (Static) ServeHTTP

func (s Static) ServeHTTP(w http.ResponseWriter, r *http.Request)

type User

type User interface {
	GetToken() string
Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
f or F : Jump to identifier