Simple HTTP server to save artifacts
In this fork you can download files without a token. This is a main target of this fork.
$ mkdir $HOME/tmp
$ ./simple_upload_server -token f9403fc5f537b4ab332d $HOME/tmp
(see "Security" section below for -token
option)
You can upload files with POST /upload
.
The filename is taken from the original file if available. If not, SHA1 hex digest will be used as the filename.
$ echo 'Hello, world!' > sample.txt
$ curl [email protected] 'http://localhost:25478/upload?token=f9403fc5f537b4ab332d'
{"ok":true,"path":"/files/sample.txt"}
$ cat $HOME/tmp/sample.txt
hello, world!
OR
Use PUT /files/(filename)
.
In this case, the original file name is ignored, and the name is taken from the URL.
$ curl -X PUT [email protected] "http://localhost:25478/files/another_sample.txt?token=f9403fc5f537b4ab332d"
{"ok":true,"path":"/files/another_sample.txt"}
GET /files/(filename)
.
$ curl 'http://localhost:25478/files/sample.txt'
hello, world!
HEAD /files/(filename)
.
$ curl -I 'http://localhost:25478/files/foobar.txt'
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 9
Content-Type: text/plain; charset=utf-8
Last-Modified: Sun, 09 Oct 2016 14:35:39 GMT
Date: Sun, 09 Oct 2016 14:35:43 GMT
$ curl 'http://localhost:25478/files/foobar.txt'
hello!!!
$ curl -I 'http://localhost:25478/files/unknown'
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Sun, 09 Oct 2016 14:37:48 GMT
Content-Length: 19
OPTIONS /files/(filename)
OPTIONS /upload
$ curl -I 'http://localhost:25478/files/foo'
HTTP/1.1 204 No Content
Access-Control-Allow-Methods: PUT,GET,HEAD
Access-Control-Allow-Origin: *
Date: Sun, 06 Sep 2020 09:45:20 GMT
$ curl -I -XOPTIONS 'http://localhost:25478/upload'
HTTP/1.1 204 No Content
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Date: Sun, 06 Sep 2020 09:45:32 GMT
notes:
- Requests using
*
as a path, like asOPTIONS * HTTP/1.1
, are not supported. - On sending
OPTIONS
request,token
parameter is not required. - For
/files/(filename)
request, server replies "204 No Content" even if the specified file does not exist.
To enable TLS support, add -cert
and -key
options:
$ ./simple_upload_server -cert ./cert.pem -key ./key.pem root/
INFO[0000] starting up simple-upload-server
WARN[0000] token generated token=28d93c74c8589ab62b5e
INFO[0000] start listening TLS cert=./cert.pem key=./key.pem port=25443
INFO[0000] start listening ip=0.0.0.0 port=25478 root=root token=28d93c74c8589ab62b5e upload_limit=5242880
...
This server listens on 25443/tcp
for TLS connections by default. This can be changed by passing -tlsport
option.
NOTE: The endpoint using HTTP is still active even if TLS is enabled.
There is no Basic/Digest authentication. This app implements dead simple authentication: "security token".
All requests except GET and HEAD should have token
parameter (it can be passed as a query string or a form parameter). The server accepts the request only when the token is matched; otherwise, the server rejects the request and respond 401 Unauthorized
.
You can specify the server's token on startup by -token
option. If you don't so, the server generates the token and writes it to STDOUT at WARN level log, like as:
$ ./simple_upload_server root
INFO[0000] starting up simple-upload-server
WARN[0000] token generated token=2dd30b90536d688e19f7
INFO[0000] start listening ip=0.0.0.0 port=25478 root=root token=2dd30b90536d688e19f7 upload_limit=5242880
NOTE: The token is generated from the random number, so it will change every time you start the server.
If you enable CORS support using -cors
option, the server append Access-Control-Allow-Origin
header to the response. This feature is disabled by default.
$ docker run -p 25478:25478 -v $HOME/tmp:/var/root salykin/go-simple-upload-server -token f9403fc5f537b4ab332d /var/root