feat: show filename in text view if available

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "datatrash"
-version = "2.4.1"
+version = "2.5.0"
 authors = ["neri"]
 edition = "2021"
 

init-db.sql

@@ -14,3 +14,4 @@ ALTER TABLE files ADD COLUMN IF NOT EXISTS content_type varchar(255) not null
     GENERATED ALWAYS AS (CASE WHEN kind = 'text' THEN 'text/plain' ELSE 'application/octet-stream' END) STORED;
 ALTER TABLE files ALTER COLUMN content_type DROP EXPRESSION IF EXISTS;
 ALTER TABLE files DROP COLUMN IF EXISTS kind;
+ALTER TABLE files ALTER COLUMN file_name DROP NOT NULL;

snippet/file_name.html.snippet

@@ -0,0 +1 @@
+<h2>{file_name}</h2>

src/download.rs

@@ -36,10 +36,14 @@ pub async fn download(
     let path = config.files_dir.join(&file_id);
 
     let mime = Mime::from_str(&content_type).unwrap_or(APPLICATION_OCTET_STREAM);
+    let computed_file_name = file_name.clone().unwrap_or_else(|| {
+        let extension = mime_relations::get_extension(&mime).unwrap_or("txt");
+        format!("{file_id}.{extension}")
+    });
     let mut response = match get_view_type(&req, &mime, &path, delete).await {
-        ViewType::Raw => build_file_response(false, &file_name, path, mime, &req),
+        ViewType::Raw => build_file_response(false, &computed_file_name, path, mime, &req),
-        ViewType::Download => build_file_response(true, &file_name, path, mime, &req),
+        ViewType::Download => build_file_response(true, &computed_file_name, path, mime, &req),
-        ViewType::Html => build_html_response(&path, &config, &req).await,
+        ViewType::Html => build_html_response(file_name.as_deref(), &path, &config, &req).await,
     }?;
 
     insert_cache_headers(&mut response, valid_till);
@@ -59,7 +63,7 @@ pub async fn download(
 async fn load_file_info(
     id: &str,
     db: &web::Data<sqlx::Pool<sqlx::Postgres>>,
-) -> Result<(String, String, OffsetDateTime, String, bool), Error> {
+) -> Result<(String, Option<String>, OffsetDateTime, String, bool), Error> {
     sqlx::query_as(
         "SELECT file_id, file_name, valid_till, content_type, delete_on_download from files WHERE file_id = $1",
     )
@@ -118,6 +122,7 @@ async fn get_file_size(file_path: &Path) -> u64 {
 }
 
 async fn build_html_response(
+    file_name: Option<&str>,
     path: &Path,
     config: &Config,
     req: &HttpRequest,
@@ -126,7 +131,7 @@ async fn build_html_response(
         log::error!("file could not be read {:?}", file_err);
         error::ErrorInternalServerError("this file should be here but could not be found")
     })?;
-    let html_view = template::build_html_view_template(&content, req, config);
+    let html_view = template::build_html_view_template(&content, file_name, req, config);
     Ok(HttpResponse::Ok()
         .content_type(TEXT_HTML.to_string())
         .body(html_view))
@@ -172,24 +177,26 @@ fn get_disposition_params(filename: &str) -> Vec<DispositionParam> {
     parameters
 }
 
+const ALLOWED_CONTEXTS: [&str; 6] = ["audio", "document", "empty", "font", "image", "video"];
+
 fn append_security_headers(response: &mut HttpResponse, req: &HttpRequest) {
-    // if the browser is trying to fetch this resource in a secure context pretend the reponse is
+    // if the browser is trying to fetch this resource in a secure context pretend the response is
     // just binary data so it won't be executed
-    let sec_fetch_mode = req
+    let sec_fetch_dest = req
         .headers()
-        .get("sec-fetch-mode")
+        .get("sec-fetch-dest")
-        .and_then(|v| v.to_str().ok());
+        .map(|v| v.to_str().unwrap_or("unknown"));
-    if sec_fetch_mode.is_some() && sec_fetch_mode != Some("navigate") {
+    if sec_fetch_dest.is_some_and(|sec_fetch_dest| !ALLOWED_CONTEXTS.contains(&sec_fetch_dest)) {
         response.headers_mut().insert(
             CONTENT_TYPE,
             HeaderValue::from_str(APPLICATION_OCTET_STREAM.as_ref())
                 .expect("mime type can be encoded to header value"),
         );
     }
-    // the reponse varies based on these request headers
+    // the response varies based on these request headers
     response
         .headers_mut()
-        .append(VARY, HeaderValue::from_static("sec-fetch-mode"));
+        .append(VARY, HeaderValue::from_static("sec-fetch-dest"));
 }
 
 fn insert_cache_headers(response: &mut HttpResponse, valid_till: OffsetDateTime) {

src/main.rs

@@ -16,7 +16,7 @@ use actix_web::{
         HeaderName, CONTENT_SECURITY_POLICY, PERMISSIONS_POLICY, REFERRER_POLICY,
         X_CONTENT_TYPE_OPTIONS, X_FRAME_OPTIONS, X_XSS_PROTECTION,
     },
-    middleware::{self, Condition, DefaultHeaders, Logger},
+    middleware::{self, Condition, DefaultHeaders},
     web::{self, Data},
     App, Error, HttpResponse, HttpServer,
 };
@@ -81,7 +81,6 @@ async fn main() -> std::io::Result<()> {
     let http_server = HttpServer::new({
         move || {
             App::new()
-                .wrap(Logger::new(r#"%{r}a "%r" =%s %bbytes %Tsec"#))
                 .wrap(
                     DefaultHeaders::new()
                         .add(DEFAULT_CONTENT_SECURITY_POLICY)

src/template.rs

@@ -11,6 +11,7 @@ const INDEX_HTML: &str = include_str!("../template/index.html");
 const AUTH_HIDE_JS: &str = include_str!("../template/auth-hide.js");
 const AUTH_SNIPPET_HTML: &str = include_str!("../snippet/auth.html.snippet");
 const MAX_SIZE_SNIPPET_HTML: &str = include_str!("../snippet/max_size.html.snippet");
+const FILE_NAME_SNIPPET_HTML: &str = include_str!("../snippet/file_name.html.snippet");
 
 const ABUSE_SNIPPET_HTML: &str = include_str!("../snippet/abuse.html.snippet");
 
@@ -46,15 +47,26 @@ pub fn get_file_url(req: &HttpRequest, id: &str, name: Option<&str>) -> String {
     }
 }
 
-pub fn build_html_view_template(content: &str, req: &HttpRequest, config: &Config) -> String {
+pub fn build_html_view_template(
-    let encoded = htmlescape::encode_minimal(content);
+    content: &str,
+    file_name: Option<&str>,
+    req: &HttpRequest,
+    config: &Config,
+) -> String {
+    let encoded_content = htmlescape::encode_minimal(content);
+    let name_snippet = file_name
+        .map(htmlescape::encode_minimal)
+        .map(|name| FILE_NAME_SNIPPET_HTML.replace("{file_name}", &name))
+        .unwrap_or_default();
     let html = if !content.trim().contains(['\n', '\r']) && Url::from_str(content.trim()).is_ok() {
-        let attribute_encoded = htmlescape::encode_attribute(content);
+        let attribute_encoded_content = htmlescape::encode_attribute(content);
         URL_VIEW_HTML
-            .replace("{link_content}", &encoded)
+            .replace("{link_content}", &encoded_content)
-            .replace("{link_attribute}", &attribute_encoded)
+            .replace("{link_attribute}", &attribute_encoded_content)
     } else {
-        TEXT_VIEW_HTML.replace("{text}", &encoded)
+        TEXT_VIEW_HTML
+            .replace("{file_name}", &name_snippet)
+            .replace("{text}", &encoded_content)
     };
     insert_abuse_template(html, Some(req), config)
 }

src/upload.rs

@@ -2,7 +2,7 @@ use std::io::ErrorKind;
 
 use crate::config::Config;
 use crate::multipart::UploadConfig;
-use crate::{mime_relations, multipart, template};
+use crate::{multipart, template};
 use actix_files::NamedFile;
 use actix_multipart::Multipart;
 use actix_web::http::header::LOCATION;
@@ -39,18 +39,12 @@ pub async fn upload(
     })?;
 
     let upload_config = multipart::parse_multipart(payload, &file_path, &config).await?;
-    let file_name = upload_config.original_name.clone().unwrap_or_else(|| {
+    let file_name = upload_config.original_name.clone();
-        format!(
-            "{file_id}.{}",
-            mime_relations::get_extension(&upload_config.content_type).unwrap_or("txt")
-        )
-    });
 
     insert_file_metadata(&file_id, file_name, &file_path, &upload_config, db).await?;
 
     log::info!(
-        "{} create new file {} (valid_till: {}, content_type: {}, delete_on_download: {})",
+        "create new file {} (valid_till: {}, content_type: {}, delete_on_download: {})",
-        req.connection_info().realip_remote_addr().unwrap_or("-"),
         file_id,
         upload_config.valid_till,
         upload_config.content_type,
@@ -68,7 +62,7 @@ pub async fn upload(
 
 async fn insert_file_metadata(
     file_id: &String,
-    file_name: String,
+    file_name: Option<String>,
     file_path: &Path,
     upload_config: &UploadConfig,
     db: web::Data<sqlx::Pool<sqlx::Postgres>>,
@@ -78,7 +72,7 @@ async fn insert_file_metadata(
         VALUES ($1, $2, $3, $4, $5)",
     )
     .bind(file_id)
-    .bind(&file_name)
+    .bind(file_name)
     .bind(&upload_config.content_type.to_string())
     .bind(upload_config.valid_till)
     .bind(upload_config.delete_on_download)

static/index.css

@@ -108,11 +108,11 @@ a:focus-within {
 
 textarea {
   width: 100%;
-  height: 30vh;
+  height: 60vh;
 }
 
-h1 + textarea {
+form > textarea {
-  height: 60vh;
+  height: 30vh;
 }
 
 .hidden {

template/text-view.html

@@ -17,6 +17,7 @@
       <h1>
         <a href="/">datatrash<img src="/static/favicon.svg" class="icon" /></a>
       </h1>
+      {file_name}
       <textarea id="text" rows="20" cols="120" readonly>{text}</textarea>
       <br />
       <a class="main button" href="?dl">herunterladen</a>