Skip to content

Commit

Permalink
Extend request methods for Download button #356 (#429)
Browse files Browse the repository at this point in the history
  • Loading branch information
@m-mohr
m-mohr authored Jun 5, 2024
1 parent b9a3039 commit 999faae
Show file tree
Hide file tree
Showing 7 changed files with 484 additions and 46 deletions.
1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@
"remove-markdown": "^0.5.0",
"stac-layer": "^0.15.0",
"stac-node-validator": "^2.0.0-beta.7",
"streamsaver-js": "^2.0.7",
"urijs": "^1.19.11",
"v-clipboard": "^3.0.0-next.1",
"vue": "^2.6.12",
Expand Down
168 changes: 168 additions & 0 deletions public/mitm.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,168 @@
<!--
mitm.html is the lite "man in the middle"
This is only meant to signal the opener's messageChannel to
the service worker - when that is done this mitm can be closed
but it's better to keep it alive since this also stops the sw
from restarting
The service worker is capable of intercepting all request and fork their
own "fake" response - wish we are going to craft
when the worker then receives a stream then the worker will tell the opener
to open up a link that will start the download
-->
<script>
// This will prevent the sw from restarting
let keepAlive = () => {
keepAlive = () => {}
var ping = location.href.substr(0, location.href.lastIndexOf('/')) + '/ping'
var interval = setInterval(() => {
if (sw) {
sw.postMessage('ping')
} else {
fetch(ping).then(res => res.text(!res.ok && clearInterval(interval)))
}
}, 10000)
}

// message event is the first thing we need to setup a listner for
// don't want the opener to do a random timeout - instead they can listen for
// the ready event
// but since we need to wait for the Service Worker registration, we store the
// message for later
let messages = []
window.onmessage = evt => messages.push(evt)

let sw = null
let scope = ''

function registerWorker() {
return navigator.serviceWorker.getRegistration('./').then(swReg => {
return swReg || navigator.serviceWorker.register('sw.js', { scope: './' })
}).then(swReg => {
const swRegTmp = swReg.installing || swReg.waiting

scope = swReg.scope

return (sw = swReg.active) || new Promise(resolve => {
swRegTmp.addEventListener('statechange', fn = () => {
if (swRegTmp.state === 'activated') {
swRegTmp.removeEventListener('statechange', fn)
sw = swReg.active
resolve()
}
})
})
})
}

// Now that we have the Service Worker registered we can process messages
function onMessage (event) {
let { data, ports, origin } = event

// It's important to have a messageChannel, don't want to interfere
// with other simultaneous downloads
if (!ports || !ports.length) {
throw new TypeError("[StreamSaver] You didn't send a messageChannel")
}

if (typeof data !== 'object') {
throw new TypeError("[StreamSaver] You didn't send a object")
}

// the default public service worker for StreamSaver is shared among others.
// so all download links needs to be prefixed to avoid any other conflict
data.origin = origin

// if we ever (in some feature versoin of streamsaver) would like to
// redirect back to the page of who initiated a http request
data.referrer = data.referrer || document.referrer || origin

// pass along version for possible backwards compatibility in sw.js
data.streamSaverVersion = new URLSearchParams(location.search).get('version')

if (data.streamSaverVersion === '1.2.0') {
console.warn('[StreamSaver] please update streamsaver')
}

/** @since v2.0.0 */
if (!data.headers) {
console.warn("[StreamSaver] pass `data.headers` that you would like to pass along to the service worker\nit should be a 2D array or a key/val object that fetch's Headers api accepts")
} else {
// test if it's correct
// should thorw a typeError if not
new Headers(data.headers)
}

/** @since v2.0.0 */
if (typeof data.filename === 'string') {
console.warn("[StreamSaver] You shouldn't send `data.filename` anymore. It should be included in the Content-Disposition header option")
// Do what File constructor do with fileNames
data.filename = data.filename.replace(/\//g, ':')
}

/** @since v2.0.0 */
if (data.size) {
console.warn("[StreamSaver] You shouldn't send `data.size` anymore. It should be included in the content-length header option")
}

/** @since v2.0.0 */
if (data.readableStream) {
console.warn("[StreamSaver] You should send the readableStream in the messageChannel, not throught mitm")
}

/** @since v2.0.0 */
if (!data.pathname) {
console.warn("[StreamSaver] Please send `data.pathname` (eg: /pictures/summer.jpg)")
data.pathname = Math.random().toString().slice(-6) + '/' + data.filename
}

// remove all leading slashes
data.pathname = data.pathname.replace(/^\/+/g, '')

// remove protocol
let org = origin.replace(/(^\w+:|^)\/\//, '')

// set the absolute pathname to the download url.
data.url = new URL(`${scope + org}/${data.pathname}`).toString()

if (!data.url.startsWith(`${scope + org}/`)) {
throw new TypeError('[StreamSaver] bad `data.pathname`')
}

// This sends the message data as well as transferring
// messageChannel.port2 to the service worker. The service worker can
// then use the transferred port to reply via postMessage(), which
// will in turn trigger the onmessage handler on messageChannel.port1.

const transferable = data.readableStream
? [ ports[0], data.readableStream ]
: [ ports[0] ]

if (!(data.readableStream || data.transferringReadable)) {
keepAlive()
}

return sw.postMessage(data, transferable)
}

if (window.opener) {
// The opener can't listen to onload event, so we need to help em out!
// (telling them that we are ready to accept postMessage's)
window.opener.postMessage('StreamSaver::loadedPopup', '*')
}

if (navigator.serviceWorker) {
registerWorker().then(() => {
window.onmessage = onMessage
messages.forEach(window.onmessage)
})
}

// FF v102 just started to supports transferable streams, but still needs to ping sw.js
// even tough the service worker dose not have to do any kind of work and listen to any
// messages... #305
keepAlive()

</script>

130 changes: 130 additions & 0 deletions public/sw.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
self.addEventListener('install', () => {
self.skipWaiting();
});

self.addEventListener('activate', event => {
event.waitUntil(self.clients.claim());
});

const map = new Map();

// This should be called once per download
// Each event has a dataChannel that the data will be piped through
self.onmessage = event => {
// We send a heartbeat every x second to keep the
// service worker alive if a transferable stream is not sent
if (event.data === 'ping') {
return;
}

const data = event.data;
const downloadUrl = data.url || self.registration.scope + Math.random() + '/' + (typeof data === 'string' ? data : data.filename);
const port = event.ports[0];
const metadata = new Array(3); // [stream, data, port]

metadata[1] = data;
metadata[2] = port;

// Note to self:
// old streamsaver v1.2.0 might still use `readableStream`...
// but v2.0.0 will always transfer the stream through MessageChannel #94
if (event.data.readableStream) {
metadata[0] = event.data.readableStream;
} else if (event.data.transferringReadable) {
port.onmessage = evt => {
port.onmessage = null;
metadata[0] = evt.data.readableStream;
};
} else {
metadata[0] = createStream(port);
}

map.set(downloadUrl, metadata);
port.postMessage({ download: downloadUrl });
};

function createStream(port) {
// ReadableStream is only supported by chrome 52
return new ReadableStream({
start(controller) {
// When we receive data on the messageChannel, we write
port.onmessage = ({ data }) => {
if (data === 'end') {
return controller.close();
}

if (data === 'abort') {
controller.error('Aborted the download');
return;
}

controller.enqueue(data);
};
},
cancel(reason) {
console.log('user aborted', reason);
port.postMessage({ abort: true });
}
});
}

self.onfetch = event => {
const url = event.request.url;

// this only works for Firefox
if (url.endsWith('/ping')) {
return event.respondWith(new Response('pong'));
}

const hijacke = map.get(url);

if (!hijacke) {
return null;
}

const [stream, data, port] = hijacke;

map.delete(url);

// Not comfortable letting any user control all headers
// so we only copy over the length & disposition
const responseHeaders = new Headers({
'Content-Type': 'application/octet-stream; charset=utf-8',

// To be on the safe side, The link can be opened in a iframe.
// but octet-stream should stop it.
'Content-Security-Policy': "default-src 'none'",
'X-Content-Security-Policy': "default-src 'none'",
'X-WebKit-CSP': "default-src 'none'",
'X-XSS-Protection': '1; mode=block',
'Cross-Origin-Embedder-Policy': 'require-corp'
});

let headers = new Headers(data.headers || {});

if (headers.has('Content-Length')) {
responseHeaders.set('Content-Length', headers.get('Content-Length'));
}

if (headers.has('Content-Disposition')) {
responseHeaders.set('Content-Disposition', headers.get('Content-Disposition'));
}

// data, data.filename and size should not be used anymore
if (data.size) {
console.warn('Depricated');
responseHeaders.set('Content-Length', data.size);
}

let fileName = typeof data === 'string' ? data : data.filename;
if (fileName) {
console.warn('Depricated');
// Make filename RFC5987 compatible
fileName = encodeURIComponent(fileName).replace(/['()]/g, escape).replace(/\*/g, '%2A');
responseHeaders.set('Content-Disposition', "attachment; filename*=UTF-8''" + fileName);
}

event.respondWith(new Response(stream, { headers: responseHeaders }));

port.postMessage({ debug: 'Download started' });
};
Loading

0 comments on commit 999faae

Please sign in to comment.