diff --git a/net/turfwar/BUILD.mk b/net/turfwar/BUILD.mk index ffa291ea9..73a1fd2e6 100644 --- a/net/turfwar/BUILD.mk +++ b/net/turfwar/BUILD.mk @@ -9,8 +9,8 @@ NET_TURFWAR_OBJS = \ $(NET_TURFWAR_SRCS:%.c=o/$(MODE)/%.o) NET_TURFWAR_COMS = \ - $(NET_TURFWAR_SRCS:%.c=o/$(MODE)/%.com) \ - o/$(MODE)/net/turfwar/turfbean.com + $(NET_TURFWAR_SRCS:%.c=o/$(MODE)/%) \ + o/$(MODE)/net/turfwar/turfbean NET_TURFWAR_BINS = \ $(NET_TURFWAR_COMS) \ @@ -48,7 +48,7 @@ o/$(MODE)/net/turfwar/turfwar.pkg: \ $(NET_TURFWAR_OBJS) \ $(foreach x,$(NET_TURFWAR_DIRECTDEPS),$($(x)_A).pkg) -o/$(MODE)/net/turfwar/%.com.dbg: \ +o/$(MODE)/net/turfwar/%.dbg: \ $(NET_TURFWAR_DEPS) \ o/$(MODE)/net/turfwar/%.o \ o/$(MODE)/net/turfwar/turfwar.pkg \ @@ -56,7 +56,7 @@ o/$(MODE)/net/turfwar/%.com.dbg: \ $(APE_NO_MODIFY_SELF) @$(APELINK) -o/$(MODE)/net/turfwar/turfbean.com.dbg: \ +o/$(MODE)/net/turfwar/turfbean.dbg: \ $(TOOL_NET_DEPS) \ o/$(MODE)/tool/net/redbean.o \ $(TOOL_NET_REDBEAN_LUA_MODULES) \ diff --git a/net/turfwar/turfwar.c b/net/turfwar/turfwar.c index 3a717fc50..77efea1d3 100644 --- a/net/turfwar/turfwar.c +++ b/net/turfwar/turfwar.c @@ -892,9 +892,7 @@ void *HttpWorker(void *arg) { // get client address from frontend if (HasHeader(kHttpXForwardedFor)) { - if (!IsLoopbackIp(clientip) && // - !IsPrivateIp(clientip) && // - !IsCloudflareIp(clientip)) { + if (!IsLoopbackIp(clientip) && !IsPrivateIp(clientip)) { LOG("Got X-Forwarded-For from untrusted IPv4 client address " "%hhu.%hhu.%hhu.%hhu\n", clientip >> 24, clientip >> 16, clientip >> 8, clientip); diff --git a/test/tool/net/redbean_test.c b/test/tool/net/redbean_test.c index 685db685f..b25010030 100644 --- a/test/tool/net/redbean_test.c +++ b/test/tool/net/redbean_test.c @@ -263,7 +263,7 @@ Last-Modified: .*\r\n\ Accept-Ranges: bytes\r\n\ X-Content-Type-Options: nosniff\r\n\ Date: .*\r\n\ -Server: redbean/2.2.0\r\n\ +Server: redbean/.*\r\n\ Content-Length: 34\r\n\ \r\n\ J\n\ diff --git a/tool/net/help.txt b/tool/net/help.txt index f031a83ae..1be07e8a9 100644 --- a/tool/net/help.txt +++ b/tool/net/help.txt @@ -1,6 +1,6 @@ SYNOPSIS - redbean [-?BVabdfghjkmsuvz] [-p PORT] [-D DIR] [-- SCRIPTARGS...] + redbean.com [-?BVabdfghjkmsuvz] [-p PORT] [-D DIR] [-- SCRIPTARGS...] DESCRIPTION @@ -137,15 +137,15 @@ USAGE This executable is also a ZIP file that contains static assets. You can run redbean interactively in your terminal as follows: - ./redbean -vvvmbag # starts server verbosely + ./redbean.com -vvvmbag # starts server verbosely open http://127.0.0.1:8080/ # shows zip listing page CTRL-C # 1x: graceful shutdown CTRL-C # 2x: forceful shutdown You can override the default listing page by adding: - zip redbean index.lua # lua server pages take priority - zip redbean index.html # default page for directory + zip redbean.com index.lua # lua server pages take priority + zip redbean.com index.html # default page for directory The listing page only applies to the root directory. However the default index page applies to subdirectories too. In order for it @@ -160,7 +160,7 @@ USAGE --no-parent \ --no-if-modified-since \ http://a.example/index.html - zip -r redbean a.example/ # default page for directory + zip -r redbean.com a.example/ # default page for directory redbean normalizes the trailing slash for you automatically: @@ -198,18 +198,18 @@ USAGE by default, embedded as a bas64 data uri. You can override the custom page for various errors by adding files to the zip root. - zip redbean 404.html # custom not found page + zip redbean.com 404.html # custom not found page Audio video content should not be compressed in your ZIP files. Uncompressed assets enable browsers to send Range HTTP request. On the other hand compressed assets are best for gzip encoding. - zip redbean index.html # adds file - zip -0 redbean video.mp4 # adds without compression + zip redbean.com index.html # adds file + zip -0 redbean.com video.mp4 # adds without compression You can have redbean run as a daemon by doing the following: - sudo ./redbean -vvdp80 -p443 -L redbean.log -P redbean.pid + sudo ./redbean.com -vvdp80 -p443 -L redbean.log -P redbean.pid kill -TERM $(cat redbean.pid) # 1x: graceful shutdown kill -TERM $(cat redbean.pid) # 2x: forceful shutdown @@ -230,14 +230,7 @@ USAGE run on six different operating systems. To do that, it needs to extract a 4kb loader program to ${TMPDIR:-${HOME:-.}}/.ape that'll map your redbean into memory. It does however check to see if `ape` - is on the system path beforehand. You can also "assimilate" any - redbean into the platform-local executable format by running: - - $ file redbean - redbean: DOS/MBR boot sector - $ ./redbean --assimilate - $ file redbean - redbean: ELF 64-bit LSB executable + is on the system path beforehand. ──────────────────────────────────────────────────────────────────────────────── SECURITY @@ -406,12 +399,14 @@ REPL encoded in its preferred executable format. You can assimilate your redbean into the local format using the following commands: - $ file redbean - redbean: DOS/MBR boot sector - $ ./redbean --assimilate - $ file redbean - redbean: ELF 64-bit LSB executable - $ sudo cp redbean /usr/bin/redbean + $ file redbean.com + redbean.com: DOS/MBR boot sector + $ curl -o assimilate https://cosmo.zip/pub/cosmos/bin/assimilate + $ chmod +x assimilate + $ ./assimilate ./redbean.com + $ file redbean.com + redbean.com: ELF 64-bit LSB executable + $ sudo cp redbean.com /usr/bin/redbean By following the above steps, redbean can be installed systemwide for multiple user accounts. It's also possible to chmod the binary to have @@ -461,7 +456,7 @@ GLOBALS Then your `/.init.lua` file will have the `arg` array like: - arg[-1] = '/usr/bin/redbean' + arg[-1] = '/usr/bin/redbean arg[ 0] = '/zip/.init.lua' arg[ 1] = 'arg1' arg[ 2] = 'arg2' @@ -469,11 +464,11 @@ GLOBALS If you launch redbean in interpreter mode (rather than web server) mode, then an invocation like this: - ./redbean -i script.lua arg1 arg2 + ./redbean.com -i script.lua arg1 arg2 Would have an `arg` array like this: - arg[-1] = './redbean' + arg[-1] = './redbean.com' arg[ 0] = 'script.lua' arg[ 1] = 'arg1' arg[ 2] = 'arg2' @@ -3689,7 +3684,6 @@ UNIX MODULE - `CLOCK_MONOTONIC_RAW`: is actually monotonic but needs Linux 2.6.28+ - `CLOCK_PROCESS_CPUTIME_ID`: linux and bsd - `CLOCK_THREAD_CPUTIME_ID`: linux and bsd - - `CLOCK_MONOTONIC_COARSE`: linux, freebsd - `CLOCK_PROF`: linux and netbsd - `CLOCK_BOOTTIME`: linux and openbsd - `CLOCK_REALTIME_ALARM`: linux-only @@ -4477,9 +4471,8 @@ UNIX MODULE If the executable in question needs a loader, then you will need "rpath prot_exec" too. With APE, security is strongest when you - assimilate your binaries beforehand, using the --assimilate flag, - or the o//tool/build/assimilate program. On OpenBSD this is - mandatory. + assimilate your binaries beforehand using the assimilate program. + On OpenBSD this is mandatory. prot_exec diff --git a/tool/net/redbean.c b/tool/net/redbean.c index fe2080c32..6e6f196bd 100644 --- a/tool/net/redbean.c +++ b/tool/net/redbean.c @@ -71,6 +71,7 @@ #include "libc/stdio/hex.internal.h" #include "libc/stdio/rand.h" #include "libc/stdio/stdio.h" +#include "libc/str/locale.h" #include "libc/str/slice.h" #include "libc/str/str.h" #include "libc/str/strwidth.h" @@ -169,7 +170,8 @@ __static_yoink("blink_xnu_aarch64"); // is apple silicon #define REDBEAN "redbean" #endif -#define VERSION 0x020200 +// XXYYZZ +#define VERSION 0x030000 #define HASH_LOAD_FACTOR /* 1. / */ 4 #define READ(F, P, N) readv(F, &(struct iovec){P, N}, 1) #define WRITE(F, P, N) writev(F, &(struct iovec){P, N}, 1) @@ -2545,7 +2547,7 @@ static char *CommitOutput(char *p) { static char *ServeDefaultErrorPage(char *p, unsigned code, const char *reason, const char *details) { - p = AppendContentType(p, "text/html; charset=ISO-8859-1"); + p = AppendContentType(p, "text/html; charset=UTF-8"); reason = FreeLater(EscapeHtml(reason, -1, 0)); appends(&cpm.outbuf, "\ \r\n\ @@ -7428,6 +7430,9 @@ int main(int argc, char *argv[]) { ShowCrashReports(); #endif + // just in case + setlocale(LC_ALL, "C.UTF-8"); + LoadZipArgs(&argc, &argv); RedBean(argc, argv);