set minimum go version in go.mod

README.md

@@ -237,158 +237,27 @@ $ transfer hello.txt
 ```
 
 
-### Bash and zsh (with delete url, delete token output and prompt before uploading)
-##### Add this to .bashrc or .zshrc or its equivalent
-
-<details><summary>Expand</summary><p>
-
+### Zsh (with delete url outpu)
+##### Add this to .zshrc or its equivalent
 ```bash
 transfer()
 {
-    local file
-    declare -a file_array
-    file_array=("${@}")
-
-    if [[ "${file_array[@]}" == "" || "${1}" == "--help" || "${1}" == "-h" ]]
-    then
-        echo "${0} - Upload arbitrary files to \"transfer.sh\"."
-        echo ""
-        echo "Usage: ${0} [options] [<file>]..."
-        echo ""
-        echo "OPTIONS:"
-        echo "  -h, --help"
-        echo "      show this message"
-        echo ""
-        echo "EXAMPLES:"
-        echo "  Upload a single file from the current working directory:"
-        echo "      ${0} \"image.img\""
-        echo ""
-        echo "  Upload multiple files from the current working directory:"
-        echo "      ${0} \"image.img\" \"image2.img\""
-        echo ""
-        echo "  Upload a file from a different directory:"
-        echo "      ${0} \"/tmp/some_file\""
-        echo ""
-        echo "  Upload all files from the current working directory. Be aware of the webserver's rate limiting!:"
-        echo "      ${0} *"
-        echo ""
-        echo "  Upload a single file from the current working directory and filter out the delete token and download link:"
-        echo "      ${0} \"image.img\" | awk --field-separator=\": \" '/Delete token:/ { print \$2 } /Download link:/ { print \$2 }'"
-        echo ""
-        echo "  Show help text from \"transfer.sh\":"
-        echo "      curl --request GET \"https://transfer.sh\""
-        return 0
-    else
-        for file in "${file_array[@]}"
-        do
-            if [[ ! -f "${file}" ]]
-            then
-                echo -e "\e[01;31m'${file}' could not be found or is not a file.\e[0m" >&2
-                return 1
-            fi
-        done
-        unset file
-    fi
-
-    local upload_files
-    local curl_output
-    local awk_output
-    local filename
-
-    du --total --block-size="K" --dereference "${file_array[@]}" >&2
-    # be compatible with "bash"
-    if [[ "${ZSH_NAME}" == "zsh" ]]
-    then
-        read $'upload_files?\e[01;31mDo you really want to upload the above files ('"${#file_array[@]}"$') to "transfer.sh"? (Y/n): \e[0m'
-    elif [[ "${BASH}" == *"bash"* ]]
-    then
-        read -p $'\e[01;31mDo you really want to upload the above files ('"${#file_array[@]}"$') to "transfer.sh"? (Y/n): \e[0m' upload_files
-    fi
-
-    case "${upload_files:-y}" in
-        "y"|"Y")
-            # for the sake of the progress bar, execute "curl" for each file.
-            # the parameters "--include" and "--form" will suppress the progress bar.
-            for file in "${file_array[@]}"
-            do
-                filename="${file##*/}"
-                # show delete link and filter out the delete token from the response header after upload.
-                # it is important to save "curl's" "stdout" via a subshell to a variable or redirect it to another command,
-                # which just redirects to "stdout" in order to have a sane output afterwards.
-                # the progress bar is redirected to "stderr" and is only displayed,
-                # if "stdout" is redirected to something; e.g. ">/dev/null", "tee /dev/null" or "| <some_command>".
-                # the response header is redirected to "stdout", so redirecting "stdout" to "/dev/null" does not make any sense.
-                # redirecting "curl's" "stderr" to "stdout" ("2>&1") will suppress the progress bar.
-                curl_output=$(curl --request PUT --progress-bar --dump-header - --upload-file "${file}" "https://transfer.sh/${filename}")
-                awk_output=$(awk \
-                    'gsub("\r", "", $0) && tolower($1) ~ /x-url-delete/ \
-                    {
-                        delete_link=$2;
-                        print "Delete command: curl --request DELETE " "\""delete_link"\"";
-
-                        gsub(".*/", "", delete_link);
-                        delete_token=delete_link;
-                        print "Delete token: " delete_token;
-                    }
-
-                    END{
-                        print "Download link: " $0;
-                    }' <<< "${curl_output}")
-
-                # return the results via "stdout", "awk" does not do this for some reason.
-                echo -e "${awk_output}\n"
-
-                # avoid rate limiting as much as possible; nginx: too many requests.
-                if (( ${#file_array[@]} > 4 ))
-                then
-                    sleep 5
-                fi
-            done
-            ;;
-
-        "n"|"N")
-            return 1
-            ;;
-
-        *)
-            echo -e "\e[01;31mWrong input: '${upload_files}'.\e[0m" >&2
-            return 1
-    esac
+    local file="${1}"
+    local filename="${file##*/}"
+    # show delete link from the response header after upload. the command "sed" is necessary to clean up the output, "gsub()" in "awk" does not work.
+    curl --request PUT --progress-bar --dump-header - --upload-file "${file}" "https://transfer.sh/${filename}" | sed "s/#//g" | awk '/x-url-delete/ { print "Delete command: curl --request DELETE " $2 } END{ print "Download link: " $1 }'
 }
 ```
 
-</p></details>
-
-#### Sample output
+#### Sample ouput
 ```bash
-$ ls -lh
-total 20M
--rw-r--r-- 1 <some_username> <some_username> 10M Apr  4 21:08 image.img
--rw-r--r-- 1 <some_username> <some_username> 10M Apr  4 21:08 image2.img
-$ transfer image*
-10240K  image2.img
-10240K  image.img
-20480K  total
-Do you really want to upload the above files (2) to "transfer.sh"? (Y/n):
+$ transfer image.img
 ######################################################################################################################################################################################################################################## 100.0%
-Delete command: curl --request DELETE "https://transfer.sh/wJw9pz/image2.img/mSctGx7pYCId"
-Delete token: mSctGx7pYCId
-Download link: https://transfer.sh/wJw9pz/image2.img
-
-######################################################################################################################################################################################################################################## 100.0%
-Delete command: curl --request DELETE "https://transfer.sh/ljJc5I/image.img/nw7qaoiKUwCU"
-Delete token: nw7qaoiKUwCU
-Download link: https://transfer.sh/ljJc5I/image.img
-
-$ transfer "image.img" | awk --field-separator=": " '/Delete token:/ { print $2 } /Download link:/ { print $2 }'
-10240K  image.img
-10240K  total
-Do you really want to upload the above files (1) to "transfer.sh"? (Y/n):
-######################################################################################################################################################################################################################################## 100.0%
-tauN5dE3fWJe
-https://transfer.sh/MYkuqn/image.img
+Delete command: curl --request DELETE https://transfer.sh/Ge9cuW/image.img/<some_delete_token>
+Download link: https://transfer.sh/Ge9cuW/image.img
 ```
 
+
 ## Contributions
 
 Contributions are welcome.

go.mod

@@ -26,7 +26,6 @@ require (
 	github.com/urfave/cli v1.22.5
 	go.opencensus.io v0.22.6 // indirect
 	golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838
-	golang.org/x/net v0.0.0-20220513224357-95641704303c // indirect
 	golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99
 	google.golang.org/api v0.40.0
 	google.golang.org/genproto v0.0.0-20210218151259-fe80b386bf06 // indirect

go.sum

@@ -447,8 +447,6 @@ golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT
 golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20220513224357-95641704303c h1:nF9mHSvoKBLkQNQhJZNsc66z2UzAMUbLGjC95CF3pU0=
-golang.org/x/net v0.0.0-20220513224357-95641704303c/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/oauth2 v0.0.0-20170912212905-13449ad91cb2/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -525,11 +523,9 @@ golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27 h1:XDXtA5hveEEV8JB2l7nhMTp3t3cHp9ZpwcdjqyEWLlo=
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -539,8 +535,6 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/time v0.0.0-20170424234030-8be79e1e0910/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=

server/handlers.go

@@ -58,7 +58,6 @@ import (
 	"github.com/microcosm-cc/bluemonday"
 	blackfriday "github.com/russross/blackfriday/v2"
 	"github.com/skip2/go-qrcode"
-	"golang.org/x/net/idna"
 )
 
 const getPathPart = "get"
@@ -625,14 +624,6 @@ func getURL(r *http.Request, proxyPort string) *url.URL {
 		host = r.Host
 		port = ""
 	}
-
-	p := idna.New(idna.ValidateForRegistration())
-	var hostFromPunycode string
-	hostFromPunycode, err = p.ToUnicode(host)
-	if err == nil {
-		host = hostFromPunycode
-	}
-
 	if len(proxyPort) != 0 {
 		port = proxyPort
 	}
@@ -686,6 +677,9 @@ func (s *Server) unlock(token, filename string) {
 }
 
 func (s *Server) checkMetadata(ctx context.Context, token, filename string, increaseDownload bool) (metadata, error) {
+	s.lock(token, filename)
+	defer s.unlock(token, filename)
+
 	var metadata metadata
 
 	r, _, err := s.storage.Get(ctx, token, fmt.Sprintf("%s.metadata", filename))
@@ -702,23 +696,7 @@ func (s *Server) checkMetadata(ctx context.Context, token, filename string, incr
 	} else if !metadata.MaxDate.IsZero() && time.Now().After(metadata.MaxDate) {
 		return metadata, errors.New("maxDate expired")
 	} else if metadata.MaxDownloads != -1 && increaseDownload {
-		s.lock(token, filename)
-		defer s.unlock(token, filename)
-
-		r2, _, err := s.storage.Get(ctx, token, fmt.Sprintf("%s.metadata", filename))
-		defer CloseCheck(r2.Close)
-
-		if err != nil {
-			return metadata, err
-		}
-
-		if err := json.NewDecoder(r2).Decode(&metadata); err != nil {
-			return metadata, err
-		}
-
-		if metadata.Downloads >= metadata.MaxDownloads {
-			return metadata, errors.New("maxDownloads expired")
-		}
+		// todo(nl5887): mutex?
 
 		// update number of downloads
 		metadata.Downloads++
@@ -1007,7 +985,6 @@ func (s *Server) headHandler(w http.ResponseWriter, r *http.Request) {
 
 	remainingDownloads, remainingDays := metadata.remainingLimitHeaderValues()
 
-	w.Header().Set("Accept-Ranges", "bytes")
 	w.Header().Set("Content-Type", contentType)
 	w.Header().Set("Content-Length", strconv.FormatUint(contentLength, 10))
 	w.Header().Set("Connection", "close")
@@ -1065,7 +1042,7 @@ func (s *Server) getHandler(w http.ResponseWriter, r *http.Request) {
 		reader = ioutil.NopCloser(bluemonday.UGCPolicy().SanitizeReader(reader))
 	}
 
-	if r.Header.Get("Range") != "" {
+	if w.Header().Get("Range") != "" || strings.HasPrefix(metadata.ContentType, "video") || strings.HasPrefix(metadata.ContentType, "audio") {
 		file, err := ioutil.TempFile(s.tempPath, "range-")
 		defer s.cleanTmpFile(file)
 

server/storage.go

@@ -21,7 +21,7 @@ import (
 	"github.com/aws/aws-sdk-go/service/s3/s3manager"
 	"golang.org/x/oauth2"
 	"golang.org/x/oauth2/google"
-	drive "google.golang.org/api/drive/v3"
+	"google.golang.org/api/drive/v3"
 	"google.golang.org/api/googleapi"
 
 	"storj.io/common/fpath"