Improve redbean docs (#249)

- Add Location to ProgramHeader exclusions - Add ProgramHeader documentation - Update ProgramRedirect to check location validity
2025-03-03 07:29:23 +00:00 · 2021-08-19 09:34:50 -07:00 · 2021-08-19 09:34:50 -07:00 · 7341336b1a
commit 7341336b1a
parent a63b147a93
2 changed files with 34 additions and 15 deletions
--- a/tool/net/help.txt
+++ b/tool/net/help.txt
@ -431,9 +431,9 @@ FUNCTIONS
           "OK") if a status has not yet been set. The header buffer is
           independent of the payload buffer. Neither are written to the wire
           until the Lua Server Page has finished executing. This function
-           disallows the setting of certain headers such as Date and
-           Content-Range which are abstracted by the transport layer. In such
-           cases, consider calling ServeAsset.
+           disallows the setting of certain headers such as Content-Range and
+           Date, which are abstracted by the transport layer. In such cases,
+           consider calling ServeAsset.

   GetParam(name:str) → value:str
           Returns first value associated with name. name is handled in a
@ -820,12 +820,36 @@ FUNCTIONS
           browsers to cache for a given number of seconds. This should only
           be called from /.init.lua.

+   ProgramCertificate(pem:str)
+           Same as the -C flag if called from .init.lua, e.g.
+           ProgramCertificate(LoadAsset("/.sign.crt")) for zip loading or
+           ProgramCertificate(Slurp("/etc/letsencrypt.lol/fullchain.pem")) for
+           local file system only.
+
+   ProgramHeader(name:str,value:str)
+           Appends HTTP header to the header buffer for all responses (whereas
+           SetHeader only appends a header to the current response buffer).
+           name is case-insensitive and restricted to non-space ASCII. value
+           is a UTF-8 string that must be encodable as ISO-8859-1. Leading and
+           trailing whitespace is trimmed automatically. Overlong characters
+           are canonicalized. C0 and C1 control codes are forbidden, with the
+           exception of tab. The header buffer is independent of the payload
+           buffer. This function disallows the setting of certain headers such
+           as Content-Range and Date, which are abstracted by the transport
+           layer.
+
   ProgramPort(uint16)
           Hard-codes the port number on which to listen, which can be any
           number in the range 1..65535, or alternatively 0 to ask the
           operating system to choose a port, which may be revealed later on
           by GetServerAddr or the -z flag to stdout.

+   ProgramPrivateKey(pem:str)
+           Same as the -K flag if called from .init.lua, e.g.
+           ProgramPrivateKey(LoadAsset("/.sign.key")) for zip loading or
+           ProgramPrivateKey(Slurp("/etc/letsencrypt/fullchain.pem")) for
+           local file system only.
+
   ProgramRedirect(code:int,src:str,location:str)
           Configures fallback routing for paths which would otherwise return
           404 Not Found. If code is 0 then the path is rewritten internally
@ -833,18 +857,6 @@ FUNCTIONS
           a redirect response will be sent to the client. This should only
           be called from /.init.lua.

-   ProgramCertificate(pem:str)
-           Same as the -C flag if called from .init.lua, e.g.
-           ProgramCertificate(LoadAsset("/.sign.crt")) for zip loading or
-           ProgramCertificate(Slurp("/etc/letsencrypt.lol/fullchain.pem")) for
-           local file system only.
-
-   ProgramPrivateKey(pem:str)
-           Same as the -K flag if called from .init.lua, e.g.
-           ProgramPrivateKey(LoadAsset("/.sign.key")) for zip loading or
-           ProgramPrivateKey(Slurp("/etc/letsencrypt/fullchain.pem")) for
-           local file system only.
-
   ProgramSslTicketLifetime(seconds:int)
           Defaults to 86400 (24 hours). This may be set to ≤0 to disable
           SSL tickets. It's a good idea to use these since it increases
--- a/tool/net/redbean.c
+++ b/tool/net/redbean.c
@ -750,6 +750,12 @@ static void ProgramRedirect(int code, const char *sp, size_t sn, const char *dp,
    fprintf(stderr, "error: unsupported redirect code %d\n", code);
    exit(1);
  }
+
+  if (!(FreeLater(EncodeHttpHeaderValue(dp, dn, 0)))) {
+    fprintf(stderr, "error: invalid location %s\n", dp);
+    exit(1);
+  }
+
  r.code = code;
  r.path.s = sp;
  r.path.n = sn;
@ -928,6 +934,7 @@ static void ProgramHeader(const char *s) {
      case kHttpContentLength:
      case kHttpContentEncoding:
      case kHttpContentRange:
+      case kHttpLocation:
        fprintf(stderr, "error: can't program header: %`'s\n", s);
        exit(1);
      case kHttpServer: