X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fcontrollers%2Fclient.ts;h=fcccc48e0691b7fbc76ab1b3ef9df46fbf75e61f;hb=a1eda903a497857017495f37a1fd3593ba7ab23c;hp=385757fa6bb45729433b142458f918e9a815589e;hpb=74b7c6d48e9ca377fe938c8134ed74b612e62ba0;p=github%2FChocobozzz%2FPeerTube.git
diff --git a/server/controllers/client.ts b/server/controllers/client.ts
index 385757fa6..fcccc48e0 100644
--- a/server/controllers/client.ts
+++ b/server/controllers/client.ts
@@ -1,73 +1,89 @@
-import * as Bluebird from 'bluebird'
import * as express from 'express'
+import { constants, promises as fs } from 'fs'
+import { readFile } from 'fs-extra'
import { join } from 'path'
-import * as validator from 'validator'
-import { escapeHTML, readFileBufferPromise, root } from '../helpers/core-utils'
-import { ACCEPT_HEADERS, CONFIG, EMBED_SIZE, OPENGRAPH_AND_OEMBED_COMMENT, STATIC_MAX_AGE, STATIC_PATHS } from '../initializers'
-import { asyncMiddleware } from '../middlewares'
-import { VideoModel } from '../models/video/video'
-import { VideoPrivacy } from '../../shared/models/videos'
-import { buildFileLocale, getCompleteLocale, getDefaultLocale, is18nLocale } from '../../shared/models'
-import { LOCALE_FILES } from '../../shared/models/i18n/i18n'
+import { logger } from '@server/helpers/logger'
+import { CONFIG } from '@server/initializers/config'
+import { Hooks } from '@server/lib/plugins/hooks'
+import { HttpStatusCode } from '@shared/core-utils'
+import { buildFileLocale, getCompleteLocale, is18nLocale, LOCALE_FILES } from '@shared/core-utils/i18n'
+import { root } from '../helpers/core-utils'
+import { STATIC_MAX_AGE } from '../initializers/constants'
+import { ClientHtml, sendHTML, serveIndexHTML } from '../lib/client-html'
+import { asyncMiddleware, embedCSP } from '../middlewares'
const clientsRouter = express.Router()
const distPath = join(root(), 'client', 'dist')
-const assetsImagesPath = join(root(), 'client', 'dist', 'assets', 'images')
-const embedPath = join(distPath, 'standalone', 'videos', 'embed.html')
+const testEmbedPath = join(distPath, 'standalone', 'videos', 'test-embed.html')
// Special route that add OpenGraph and oEmbed tags
// Do not use a template engine for a so little thing
-clientsRouter.use('/videos/watch/:id',
- asyncMiddleware(generateWatchHtmlPage)
-)
+clientsRouter.use([ '/w/p/:id', '/videos/watch/playlist/:id' ], asyncMiddleware(generateWatchPlaylistHtmlPage))
+clientsRouter.use([ '/w/:id', '/videos/watch/:id' ], asyncMiddleware(generateWatchHtmlPage))
+clientsRouter.use([ '/accounts/:nameWithHost', '/a/:nameWithHost' ], asyncMiddleware(generateAccountHtmlPage))
+clientsRouter.use([ '/video-channels/:nameWithHost', '/c/:nameWithHost' ], asyncMiddleware(generateVideoChannelHtmlPage))
+clientsRouter.use('/@:nameWithHost', asyncMiddleware(generateActorHtmlPage))
-clientsRouter.use('/videos/embed', (req: express.Request, res: express.Response, next: express.NextFunction) => {
- res.sendFile(embedPath)
-})
+const embedMiddlewares = [
+ CONFIG.CSP.ENABLED
+ ? embedCSP
+ : (req: express.Request, res: express.Response, next: express.NextFunction) => next(),
-// Static HTML/CSS/JS client files
+ // Set headers
+ (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ res.removeHeader('X-Frame-Options')
-const staticClientFiles = [
- 'manifest.json',
- 'ngsw-worker.js',
- 'ngsw.json'
-]
-for (const staticClientFile of staticClientFiles) {
- const path = join(root(), 'client', 'dist', staticClientFile)
- clientsRouter.use('/' + staticClientFile, express.static(path, { maxAge: STATIC_MAX_AGE }))
-}
+ // Don't cache HTML file since it's an index to the immutable JS/CSS files
+ res.setHeader('Cache-Control', 'public, max-age=0')
-clientsRouter.use('/client', express.static(distPath, { maxAge: STATIC_MAX_AGE }))
-clientsRouter.use('/client/assets/images', express.static(assetsImagesPath, { maxAge: STATIC_MAX_AGE }))
+ next()
+ },
-clientsRouter.use('/client/locales/:locale/:file.json', function (req, res) {
- const locale = req.params.locale
- const file = req.params.file
+ asyncMiddleware(generateEmbedHtmlPage)
+]
- if (is18nLocale(locale) && LOCALE_FILES.indexOf(file) !== -1) {
- const completeLocale = getCompleteLocale(locale)
- const completeFileLocale = buildFileLocale(completeLocale)
- return res.sendFile(join(__dirname, `../../../client/dist/locale/${file}_${completeFileLocale}.json`))
- }
+clientsRouter.use('/videos/embed', ...embedMiddlewares)
+clientsRouter.use('/video-playlists/embed', ...embedMiddlewares)
+
+const testEmbedController = (req: express.Request, res: express.Response) => res.sendFile(testEmbedPath)
+
+clientsRouter.use('/videos/test-embed', testEmbedController)
+clientsRouter.use('/video-playlists/test-embed', testEmbedController)
+
+// Dynamic PWA manifest
+clientsRouter.get('/manifest.webmanifest', asyncMiddleware(generateManifest))
+
+// Static client overrides
+// Must be consistent with static client overrides redirections in /support/nginx/peertube
+const staticClientOverrides = [
+ 'assets/images/logo.svg',
+ 'assets/images/favicon.png',
+ 'assets/images/icons/icon-36x36.png',
+ 'assets/images/icons/icon-48x48.png',
+ 'assets/images/icons/icon-72x72.png',
+ 'assets/images/icons/icon-96x96.png',
+ 'assets/images/icons/icon-144x144.png',
+ 'assets/images/icons/icon-192x192.png',
+ 'assets/images/icons/icon-512x512.png'
+]
- return res.sendStatus(404)
-})
+for (const staticClientOverride of staticClientOverrides) {
+ const overridePhysicalPath = join(CONFIG.STORAGE.CLIENT_OVERRIDES_DIR, staticClientOverride)
+ clientsRouter.use(`/client/${staticClientOverride}`, asyncMiddleware(serveClientOverride(overridePhysicalPath)))
+}
+
+clientsRouter.use('/client/locales/:locale/:file.json', serveServerTranslations)
+clientsRouter.use('/client', express.static(distPath, { maxAge: STATIC_MAX_AGE.CLIENT }))
// 404 for static files not found
-clientsRouter.use('/client/*', (req: express.Request, res: express.Response, next: express.NextFunction) => {
- res.sendStatus(404)
+clientsRouter.use('/client/*', (req: express.Request, res: express.Response) => {
+ res.sendStatus(HttpStatusCode.NOT_FOUND_404)
})
// Always serve index client page (the client is a single page application, let it handle routing)
// Try to provide the right language index.html
-clientsRouter.use('/(:language)?', function (req, res) {
- if (req.accepts(ACCEPT_HEADERS) === 'html') {
- return res.sendFile(getIndexPath(req, req.params.language))
- }
-
- return res.status(404).end()
-})
+clientsRouter.use('/(:language)?', asyncMiddleware(serveIndexHTML))
// ---------------------------------------------------------------------------
@@ -77,123 +93,103 @@ export {
// ---------------------------------------------------------------------------
-function getIndexPath (req: express.Request, paramLang?: string) {
- let lang: string
+function serveServerTranslations (req: express.Request, res: express.Response) {
+ const locale = req.params.locale
+ const file = req.params.file
+
+ if (is18nLocale(locale) && LOCALE_FILES.includes(file)) {
+ const completeLocale = getCompleteLocale(locale)
+ const completeFileLocale = buildFileLocale(completeLocale)
- // Check param lang validity
- if (paramLang && is18nLocale(paramLang)) {
- lang = paramLang
- } else {
- // lang = req.acceptsLanguages(POSSIBLE_LOCALES) || getDefaultLocale()
- // Disable auto language for now
- lang = getDefaultLocale()
+ const path = join(__dirname, `../../../client/dist/locale/${file}.${completeFileLocale}.json`)
+ return res.sendFile(path, { maxAge: STATIC_MAX_AGE.SERVER })
}
- return join(__dirname, '../../../client/dist/' + buildFileLocale(lang) + '/index.html')
+ return res.sendStatus(HttpStatusCode.NOT_FOUND_404)
}
-function addOpenGraphAndOEmbedTags (htmlStringPage: string, video: VideoModel) {
- const previewUrl = CONFIG.WEBSERVER.URL + STATIC_PATHS.PREVIEWS + video.getPreviewName()
- const videoUrl = CONFIG.WEBSERVER.URL + '/videos/watch/' + video.uuid
-
- const videoNameEscaped = escapeHTML(video.name)
- const videoDescriptionEscaped = escapeHTML(video.description)
- const embedUrl = CONFIG.WEBSERVER.URL + video.getEmbedPath()
-
- const openGraphMetaTags = {
- 'og:type': 'video',
- 'og:title': videoNameEscaped,
- 'og:image': previewUrl,
- 'og:url': videoUrl,
- 'og:description': videoDescriptionEscaped,
-
- 'og:video:url': embedUrl,
- 'og:video:secure_url': embedUrl,
- 'og:video:type': 'text/html',
- 'og:video:width': EMBED_SIZE.width,
- 'og:video:height': EMBED_SIZE.height,
-
- 'name': videoNameEscaped,
- 'description': videoDescriptionEscaped,
- 'image': previewUrl,
-
- 'twitter:card': CONFIG.SERVICES.TWITTER.WHITELISTED ? 'player' : 'summary_large_image',
- 'twitter:site': CONFIG.SERVICES.TWITTER.USERNAME,
- 'twitter:title': videoNameEscaped,
- 'twitter:description': videoDescriptionEscaped,
- 'twitter:image': previewUrl,
- 'twitter:player': embedUrl,
- 'twitter:player:width': EMBED_SIZE.width,
- 'twitter:player:height': EMBED_SIZE.height
- }
+async function generateEmbedHtmlPage (req: express.Request, res: express.Response) {
+ const hookName = req.originalUrl.startsWith('/video-playlists/')
+ ? 'filter:html.embed.video-playlist.allowed.result'
+ : 'filter:html.embed.video.allowed.result'
- const oembedLinkTags = [
- {
- type: 'application/json+oembed',
- href: CONFIG.WEBSERVER.URL + '/services/oembed?url=' + encodeURIComponent(videoUrl),
- title: videoNameEscaped
- }
- ]
-
- const schemaTags = {
- '@context': 'http://schema.org',
- '@type': 'VideoObject',
- name: videoNameEscaped,
- description: videoDescriptionEscaped,
- thumbnailUrl: previewUrl,
- uploadDate: video.createdAt.toISOString(),
- duration: video.getActivityStreamDuration(),
- contentUrl: videoUrl,
- embedUrl: embedUrl,
- interactionCount: video.views
+ const allowParameters = { req }
+
+ const allowedResult = await Hooks.wrapFun(
+ isEmbedAllowed,
+ allowParameters,
+ hookName
+ )
+
+ if (!allowedResult || allowedResult.allowed !== true) {
+ logger.info('Embed is not allowed.', { allowedResult })
+
+ return sendHTML(allowedResult?.html || '', res)
}
- let tagsString = ''
+ const html = await ClientHtml.getEmbedHTML()
- // Opengraph
- Object.keys(openGraphMetaTags).forEach(tagName => {
- const tagValue = openGraphMetaTags[tagName]
+ return sendHTML(html, res)
+}
- tagsString += ``
- })
+async function generateWatchHtmlPage (req: express.Request, res: express.Response) {
+ const html = await ClientHtml.getWatchHTMLPage(req.params.id + '', req, res)
- // OEmbed
- for (const oembedLinkTag of oembedLinkTags) {
- tagsString += ``
- }
+ return sendHTML(html, res)
+}
- // Schema.org
- tagsString += ``
+async function generateWatchPlaylistHtmlPage (req: express.Request, res: express.Response) {
+ const html = await ClientHtml.getWatchPlaylistHTMLPage(req.params.id + '', req, res)
- // SEO
- tagsString += ``
+ return sendHTML(html, res)
+}
- return htmlStringPage.replace(OPENGRAPH_AND_OEMBED_COMMENT, tagsString)
+async function generateAccountHtmlPage (req: express.Request, res: express.Response) {
+ const html = await ClientHtml.getAccountHTMLPage(req.params.nameWithHost, req, res)
+
+ return sendHTML(html, res)
}
-async function generateWatchHtmlPage (req: express.Request, res: express.Response, next: express.NextFunction) {
- const videoId = '' + req.params.id
- let videoPromise: Bluebird
-
- // Let Angular application handle errors
- if (validator.isUUID(videoId, 4)) {
- videoPromise = VideoModel.loadByUUIDAndPopulateAccountAndServerAndTags(videoId)
- } else if (validator.isInt(videoId)) {
- videoPromise = VideoModel.loadAndPopulateAccountAndServerAndTags(+videoId)
- } else {
- return res.sendFile(getIndexPath(req))
- }
+async function generateVideoChannelHtmlPage (req: express.Request, res: express.Response) {
+ const html = await ClientHtml.getVideoChannelHTMLPage(req.params.nameWithHost, req, res)
- let [ file, video ] = await Promise.all([
- readFileBufferPromise(getIndexPath(req)),
- videoPromise
- ])
+ return sendHTML(html, res)
+}
+
+async function generateActorHtmlPage (req: express.Request, res: express.Response) {
+ const html = await ClientHtml.getActorHTMLPage(req.params.nameWithHost, req, res)
+
+ return sendHTML(html, res)
+}
+
+async function generateManifest (req: express.Request, res: express.Response) {
+ const manifestPhysicalPath = join(root(), 'client', 'dist', 'manifest.webmanifest')
+ const manifestJson = await readFile(manifestPhysicalPath, 'utf8')
+ const manifest = JSON.parse(manifestJson)
- const html = file.toString()
+ manifest.name = CONFIG.INSTANCE.NAME
+ manifest.short_name = CONFIG.INSTANCE.NAME
+ manifest.description = CONFIG.INSTANCE.SHORT_DESCRIPTION
- // Let Angular application handle errors
- if (!video || video.privacy === VideoPrivacy.PRIVATE) return res.sendFile(getIndexPath(req))
+ res.json(manifest)
+}
+
+function serveClientOverride (path: string) {
+ return async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ try {
+ await fs.access(path, constants.F_OK)
+ // Serve override client
+ res.sendFile(path, { maxAge: STATIC_MAX_AGE.SERVER })
+ } catch {
+ // Serve dist client
+ next()
+ }
+ }
+}
- const htmlStringPageWithTags = addOpenGraphAndOEmbedTags(html, video)
- res.set('Content-Type', 'text/html; charset=UTF-8').send(htmlStringPageWithTags)
+type AllowedResult = { allowed: boolean, html?: string }
+function isEmbedAllowed (_object: {
+ req: express.Request
+}): AllowedResult {
+ return { allowed: true }
}