-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.rb
143 lines (108 loc) · 3.33 KB
/
app.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
# frozen_string_literal: true
require_relative "models/refined_uri"
class App < Roda
class InvalidURIError < StandardError; end
# Routing plugins
plugin :head
plugin :not_allowed
plugin :status_handler
plugin :type_routing, exclude: [:xml]
# Rendering plugins
plugin :h
plugin :link_to
plugin :public
plugin :render, engine: "html.erb"
# Request/Response plugins
plugin :caching
plugin :halt
plugin :content_security_policy do |csp|
csp.base_uri :self
csp.block_all_mixed_content
csp.default_src :none
csp.font_src :self, "https://fonts.gstatic.com"
csp.form_action :self
csp.frame_ancestors :none
csp.img_src :self
csp.script_src :self
csp.style_src :self, "https://fonts.googleapis.com"
end
plugin :permissions_policy, default: :none
# Other plugins
plugin :environments
plugin :heartbeat
# Third-party plugins
plugin :sprockets,
css_compressor: :sass_embedded,
debug: false,
precompile: ["application.css", "apple-touch-icon-180x180.png", "icon.png"]
configure do
use Rack::CommonLogger
use Rack::ContentType
use Rack::Deflater
use Rack::ETag
end
# :nocov:
configure :production do
use Rack::HostRedirect, [ENV.fetch("HOSTNAME", nil), "www.indieweb-endpoints.cc"].compact => "indieweb-endpoints.cc"
use Rack::Static,
urls: ["/assets"],
root: "public",
header_rules: [
[:all, { "cache-control": "max-age=31536000, immutable" }]
]
end
# :nocov:
route do |r|
r.public
r.sprockets unless opts[:environment] == "production"
r.on "" do
# GET /
r.get do
response.cache_control public: true
view :index
end
# POST /
r.post do
query = RefinedURI.new(r.params["url"])
raise InvalidURIError if query.invalid?
r.redirect "/u/#{query.url}"
rescue InvalidURIError, URI::InvalidURIError
r.halt 400
end
end
# GET /u/https://example.com
r.get "u", /(#{URI::DEFAULT_PARSER.make_regexp(["http", "https"])})/io do |url|
query = RefinedURI.new(url)
raise InvalidURIError if query.invalid?
client = IndieWeb::Endpoints::Client.new(query.url)
endpoints = client.endpoints
r.json { endpoints.to_json }
view :search, locals: { canonical_url: client.response.uri.to_s, endpoints: endpoints }
rescue InvalidURIError, URI::InvalidURIError, IndieWeb::Endpoints::InvalidURIError
r.halt 400
rescue IndieWeb::Endpoints::HttpError, IndieWeb::Endpoints::SSLError
r.halt 408
end
end
status_handler(400) do |r|
error = { message: "Parameter url is required and must be a valid URL (e.g. https://example.com)" }
r.json { error.to_json }
view :bad_request, locals: error
end
status_handler(404) do |r|
response.cache_control public: true
error = { message: "The requested URL could not be found" }
r.json { error.to_json }
view :not_found, locals: error
end
status_handler(405, keep_headers: ["Allow"]) do |r|
error = { message: "The requested method is not allowed" }
r.json { error.to_json }
error[:message]
end
status_handler(408) do |r|
error = { message: "The request timed out and could not be completed" }
r.json { error.to_json }
view :request_timeout, locals: error
end
end