When using HTTP "Content-Disposition: attachment;", users are forced to
download files in order to use them, whereas others might prefer to open
them in the browser.
Therefore, now that URL parameters are supported by http.h, previews can
be forced by adding "preview=1" or "preview=true" (case-insensitive) as
a URL parameters. Any other parameters are ignored by slcl.
For users, a "Preview" link has been added next to the "Share" button
for each file.
So far, slcl would just close the connection with a client when the
Content-Length of an incoming request exceeded the user quota, without
any meaningful information given back to the user.
Now, slcl responds with a HTML file with meaningful information about
the error.
Limitations:
- While this commits has been successfully tested on ungoogled-chromium,
LibreWolf (and I assume Firefox and any other derivates too) does not
seem to receive the response from the server.
- However, this issue only occurred during local testing, but not
on remote instances.
- When a non-empty username and an empty password was given, slcl would
crash due to a double free(3). This happened because append_form would
grow the form list before sanitizing the input and, since the output
pointer was not updated to the caller function, the latter would attempt
to free a now-old pointer.
- Additionally, some compilers such as clang complained about the
potential use of an uninitialized variable when calling forms_free.
- Also, it was a good opportunity to refactor get_forms and its caller
functions, as get_forms was not differentiate fatal errors from user
input errors.
As otherwise reported by clang 14.0.0:
main.c:679:14: warning: variable 'cur' is used uninitialized whenever '&&' condition is false [-Wsometimes-uninitialized]
else if (available && quota_current(a, username, &cur))
This was a minor issue after all, as pq was not used unless available
were set.
So far, slcl failed with poorly described error messages when any of the
essential directories were missing. Now, these are created automatically
so that the initial setup is easier.
An HTML form is now added next to each regular file, that generates a
POST request. Then, slcl replies with a HTML document with a link to the
public resource (which are implemented as symlinks).
Limitations:
- For now, only regular files can be shared i.e., sharing directories is
not possible. While feasible, it still requires a larger refactor to
list_dir and resource_layout, so that read-only access to the directory
is provided to anonymous users.
Otherwise, slcl would fail to generate the URLs for the elements inside
a directory, because of how cust_dirname worked, which also turned out
to be redundant.
Until now, f->tmpname was removed by move_file when the move
operation succeeded. However, since a HTTP operation can fail before
move_file is called, the temporary file must also be removed.
This feature allows admins to set a specific quota for each user, in
MiB. This feature is particularly useful for shared instances, where
unlimited user storage might be unfeasible or even dangerous for the
server.
Also, a nice HTML5 <progress> element has been added to the site that
shows how much of the quota has been consumed.
If no quota is set, slcl falls back to the default behaviour i.e.,
assume unlimited storage.
Limitations:
- While HTTP does specify a Content-Length, which determines the length
of the whole request, it does not specify how many files are involved
or their individual sizes.
- Because of this, if multiple files are uploaded simultaneously, the
whole request would be dropped if user quota is exceeded, even if not
all files exceeded it.
- Also, Content-Length adds the length of some HTTP boilerplate
(e.g.: boundaries), but slcl must rely on this before accepting the
whole request. In other words, this means some requests might be
rejected by slcl because of the extra bytes caused by such boilerplate.
- When the quota is exceeded, slcl must close the connection so that
the rest of the transfer is cancelled. Unfortunately, this means no
HTML can be sent back to the customer to inform about the situation.