From 04977e56b1a2f5d8b158cea98535d29545fa41da Mon Sep 17 00:00:00 2001 From: tjpcc Date: Sat, 28 Jan 2023 15:36:40 -0700 Subject: middleware to turn away non-gemini requests. fixes #3. --- gemini/serve.go | 34 +++++++++++++++++++++++++--------- 1 file changed, 25 insertions(+), 9 deletions(-) diff --git a/gemini/serve.go b/gemini/serve.go index 55998d6..60e0242 100644 --- a/gemini/serve.go +++ b/gemini/serve.go @@ -5,6 +5,7 @@ import ( "context" "crypto/tls" "errors" + "fmt" "io" "net" "strconv" @@ -86,15 +87,13 @@ func (s *server) handleConn(conn net.Conn) { } } - /* - defer func() { - if r := recover(); r != nil { - err := fmt.Errorf("%s", r) - _ = s.LogError("msg", "panic in handler", "err", err) - _, _ = io.Copy(conn, NewResponseReader(Failure(err))) - } - }() - */ + defer func() { + if r := recover(); r != nil { + err := fmt.Errorf("%s", r) + _ = s.LogError("msg", "panic in handler", "err", err) + _, _ = io.Copy(conn, NewResponseReader(Failure(err))) + } + }() response = s.handler(ctx, request) if response == nil { response = NotFound("Resource does not exist.") @@ -120,3 +119,20 @@ func sizeParam(path string) (int, error) { return 0, errors.New("no size param found") } + +// GeminiOnly filters requests down to just those on the gemini:// protocol. +// +// Optionally, it will also allow through titan:// requests. +// +// Filtered requests will be turned away with a 53 response "proxy request refused". +func GeminiOnly(allowTitan bool) gus.Middleware { + return func(inner gus.Handler) gus.Handler { + return func(ctx context.Context, request *gus.Request) *gus.Response { + if request.Scheme == "gemini" || (allowTitan && request.Scheme == "titan") { + return inner(ctx, request) + } + + return RefuseProxy("Non-gemini protocol requests are not supported.") + } + } +} -- cgit v1.2.3