shithub: mycel

--- a/browser/experimental_test.go

+++ b/browser/experimental_test.go

@@ -71,7 +71,7 @@

 		`throw 'fail';`,

 	fs.SetDOM(nt)

-	fs.Update(h, nil, scripts)

+	fs.Update("", h, nil, scripts)

 	js.Start()

 	h, _, err = processJS2()

 	if err != nil {

--- a/browser/fs/fs.go

+++ b/browser/fs/fs.go

@@ -23,9 +23,10 @@

 	oFS     *fs.FS

 	un      string

 	gn      string

+	url     string

+	htm     string

 	cssDir  *fs.StaticDir

 	jsDir   *fs.StaticDir

-	htm     string

 	rt      *Node

 	Client  *http.Client

 	Fetcher opossum.Fetcher

@@ -46,24 +47,40 @@

 	rt.nt = d

+func userGroup() (un, gn string, err error) {

+	u, err := user.Current()

+	if err != nil {

+		return "", "", fmt.Errorf("current user: %w", err)

+	}

+	un = u.Username

+	gn, err = opossum.Group(u)

+	if err != nil {

+		return "", "", fmt.Errorf("group: %v", err)

+	}

+	return

+}

 func Srv9p() {

 	c.L.Lock()

 	var root *fs.StaticDir

-	u, err := user.Current()

+	un, gn, err := userGroup()

 	if err != nil {

 		log.Errorf("get user: %v", err)

 		c.L.Unlock()

 		return

-	un = u.Username

-	gn, err = opossum.Group(u)

-	if err != nil {

-		log.Errorf("get group: %v", err)

-		c.L.Unlock()

-		return

-	}

 	oFS, root = fs.NewFS(un, gn, 0500)

+	u := fs.NewDynamicFile(

+		oFS.NewStat("url", un, gn, 0400),

+		func() []byte {

+			mu.RLock()

+			defer mu.RUnlock()

+			return []byte(url)

+		},

+	)

+	root.AddChild(u)

 	h := fs.NewDynamicFile(

 		oFS.NewStat("html", un, gn, 0400),

 		func() []byte {

@@ -179,9 +196,6 @@

 	url.Host = req.Host

 	if h := url.Host; h == "" {

 		url.Host = Fetcher.Origin().Host

-	} else if !allowed(req.Header, h, Fetcher.Origin().Host) {

-		log.Errorf("no cross-origin request: %v", h)

-		return

 	url.Scheme = "https"

 	proxyReq, err := http.NewRequest(req.Method, url.String(), req.Body)

@@ -200,6 +214,10 @@

 		log.Errorf("do request: %v", err)

 		return

+	if h := url.Host; !allowed(resp.Header, h, Fetcher.Origin().Host) {

+		log.Errorf("no cross-origin request: %v", h)

+		return

+	}

 	if err := resp.Write(conn); err != nil {

 		log.Errorf("write response: %v", err)

 		return

@@ -206,7 +224,7 @@

-func Update(html string, css []string, js []string) {

+func Update(uri, html string, css []string, js []string) {

 	c.L.Lock()

 	defer c.L.Unlock()

@@ -214,6 +232,7 @@

 		c.Wait()

+	url = uri

 	htm = html

 	if cssDir != nil {

 		for name := range cssDir.Children() {

--- a/browser/website.go

+++ b/browser/website.go

@@ -100,7 +100,7 @@

 			downloads[src] = string(buf)

 		scripts = js.Scripts(nt, downloads)

-		fs.Update(htm, csss, scripts)

+		fs.Update(f.Origin().String(), htm, csss, scripts)

 		fs.SetDOM(nt)

 		log.Infof("JS pipeline start")

 		js.Stop()

@@ -157,7 +157,7 @@

 		w.UI = scroller

-	fs.Update(htm, csss, scripts)

+	fs.Update(f.Origin().String(), htm, csss, scripts)

 	fs.SetDOM(nt)

--- a/js/js_test.go

+++ b/js/js_test.go

@@ -71,7 +71,7 @@

 	nt := nodes.NewNodeTree(doc, style.Map{}, make(map[*html.Node]style.Map), nil)

 	fs.SetDOM(nt)

-	fs.Update(simpleHTML, nil, []string{string(buf), script})

+	fs.Update("", simpleHTML, nil, []string{string(buf), script})

 	resHtm, changed, err := Start(string(buf), script)

 	if err != nil {