Diff
Not logged in
Home Help Timeline Files Branches Tags Forum Tickets Wiki More... Login
Annotate Patch Unified Diff

Differences From Artifact [2617b2dd5b]:

To Artifact [383b0cc171]:

1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495











1496
1497
1498
1499
1500
1501
1502

  #
  proc setupPackageUnknownVars {} {
    #
    # NOTE: Should the HTTP request processor attempt to force the use of
    #       HTTPS for URIs that were originally HTTP?  This setting is only
    #       applicable to native Tcl.
    #
    variable forceSecureHttps; # DEFAULT: true

    if {![info exists forceSecureHttps]} then {
      set forceSecureHttps true
    }

    #
    # NOTE: Is this HTTP request processor allowed to use plain HTTP if/when
    #       the "tls" package is not available?  This should only be changed
    #       if the "tls" package cannot be easily installed for use with the
    #       native Tcl interpreter in use.  It should be noted here that the
    #       official package repository server reserves the right to refuse
    #       plain HTTP connections, which means that changing this setting
    #       may be totally pointless.
    #
    variable allowInsecureHttp; # DEFAULT: false

    if {![info exists allowInsecureHttp]} then {
      set allowInsecureHttp false











    }

    #
    # NOTE: What is the default set of API keys if none were set explicitly?
    #       This list is subject to change at any time -AND- may be empty or
    #       may contain non-working API keys, please do not rely on it.
    #








|

|
|











|

|
|
>
>
>
>
>
>
>
>
>
>
>








1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513

  #
  proc setupPackageUnknownVars {} {
    #
    # NOTE: Should the HTTP request processor attempt to force the use of
    #       HTTPS for URIs that were originally HTTP?  This setting is only
    #       applicable to native Tcl.
    #
    variable forceSecureUri; # DEFAULT: true

    if {![info exists forceSecureUri]} then {
      set forceSecureUri true
    }

    #
    # NOTE: Is this HTTP request processor allowed to use plain HTTP if/when
    #       the "tls" package is not available?  This should only be changed
    #       if the "tls" package cannot be easily installed for use with the
    #       native Tcl interpreter in use.  It should be noted here that the
    #       official package repository server reserves the right to refuse
    #       plain HTTP connections, which means that changing this setting
    #       may be totally pointless.
    #
    variable allowInsecureUri; # DEFAULT: false

    if {![info exists allowInsecureUri]} then {
      set allowInsecureUri false
    }

    #
    # NOTE: Is this HTTP request processor allowed to use plain HTTP if/when
    #       the server responds with an HTTP redirect location to an original
    #       URI that was HTTPS?  Otherwise, a script error will result.
    #
    variable allowInsecureRedirect; # DEFAULT: false

    if {![info exists allowInsecureRedirect]} then {
      set allowInsecureRedirect false
    }

    #
    # NOTE: What is the default set of API keys if none were set explicitly?
    #       This list is subject to change at any time -AND- may be empty or
    #       may contain non-working API keys, please do not rely on it.
    #

1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729







1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755

1756
1757
1758

1759
1760
1761
1762
1763
1764
1765

      }
    }

    #
    # NOTE: This procedure was stolen from the "getEagle.tcl" script.  It is
    #       designed to process a single HTTP request, including any HTTP
    #       3XX redirects (up to the specified limit), and return the raw
    #       HTTP response data.  It does not contain special code to handle
    #       HTTP status codes other than 3XX (e.g. 4XX, 5XX, etc).
    #
    # <public>
    proc getFileViaHttp { uri redirectLimit channel quiet args } {
      #
      # NOTE: This variable is used to determine if plain HTTP URIs should be
      #       converted to HTTPS, if the "tls" package is available.
      #
      variable forceSecureHttps

      #
      # NOTE: This variable is used to determine if plain HTTP is allowed if
      #       the "tls" package is not available.
      #







      variable allowInsecureHttp

      #
      # NOTE: This variable is used to keep track of the currently scheduled
      #       (i.e. pending) [after] event.
      #
      variable afterForPageProgress

      #
      # NOTE: This procedure requires the modern version of the HTTP package,
      #       which is typically included with the Tcl core distribution.
      #
      package require http 2.0

      #
      # NOTE: If the 'tls' package is available, always attempt to use HTTPS;
      #       otherwise, only attempt to use HTTP if explicitly allowed.
      #
      if {[catch {package require tls}] == 0} then {
        ::http::register https 443 [list ::tls::socket -tls1 true]

        if {$forceSecureHttps} then {
          if {[string range $uri 0 6] eq "http://"} then {
            set uri [appendArgs https:// [string range $uri 7 end]]
          }
        }

      } elseif {$allowInsecureHttp} then {
        if {[string range $uri 0 7] eq "https://"} then {
          set uri [appendArgs http:// [string range $uri 8 end]]

        }
      }

      #
      # NOTE: Unless the caller forbids it, display progress messages during
      #       the download.
      #








|
<







|





>
>
>
>
>
>
>
|




















|




>
|
|
|
>








1719
1720
1721
1722
1723
1724
1725
1726

1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784

      }
    }

    #
    # NOTE: This procedure was stolen from the "getEagle.tcl" script.  It is
    #       designed to process a single HTTP request, including any HTTP
    #       3XX redirects (up to the specified limit), and return the raw
    #       HTTP response data.  It may raise any number of script errors.

    #
    # <public>
    proc getFileViaHttp { uri redirectLimit channel quiet args } {
      #
      # NOTE: This variable is used to determine if plain HTTP URIs should be
      #       converted to HTTPS, if the "tls" package is available.
      #
      variable forceSecureUri

      #
      # NOTE: This variable is used to determine if plain HTTP is allowed if
      #       the "tls" package is not available.
      #
      variable allowInsecureUri

      #
      # NOTE: This variable is used to determine if plain HTTP is allowed if
      #       an HTTP redirect response contains an HTTP URI and the original
      #       URI was HTTPS.
      #
      variable allowInsecureRedirect

      #
      # NOTE: This variable is used to keep track of the currently scheduled
      #       (i.e. pending) [after] event.
      #
      variable afterForPageProgress

      #
      # NOTE: This procedure requires the modern version of the HTTP package,
      #       which is typically included with the Tcl core distribution.
      #
      package require http 2.0

      #
      # NOTE: If the 'tls' package is available, always attempt to use HTTPS;
      #       otherwise, only attempt to use HTTP if explicitly allowed.
      #
      if {[catch {package require tls}] == 0} then {
        ::http::register https 443 [list ::tls::socket -tls1 true]

        if {$forceSecureUri} then {
          if {[string range $uri 0 6] eq "http://"} then {
            set uri [appendArgs https:// [string range $uri 7 end]]
          }
        }
      } else {
        if {$allowInsecureUri} then {
          if {[string range $uri 0 7] eq "https://"} then {
            set uri [appendArgs http:// [string range $uri 8 end]]
          }
        }
      }

      #
      # NOTE: Unless the caller forbids it, display progress messages during
      #       the download.
      #

1776
1777
1778
1779
1780
1781
1782






1783
1784
1785
1786
1787























1788
1789
1790
1791

1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815

1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835

1836

1837
1838
1839
1840
1841
1842
1843
1844


1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863







1864


1865




1866





1867
1868
1869
1870
1871
1872
1873
1874


1875
1876
1877
1878
1879
1880
1881


      while {1} {
        #
        # NOTE: Issue the HTTP request now, grabbing the resulting token.
        #
        set token [eval [list ::http::geturl $uri] $args]







        #
        # NOTE: Check the HTTP response code, in order to follow any HTTP
        #       redirect responses.
        #
        switch -exact -- [::http::ncode $token] {























          301 -
          302 -
          303 -
          307 {

            #
            # NOTE: Unless the caller forbids it, display progress messages
            #       when an HTTP redirect is returned.
            #
            if {!$quiet} then {
              pageProgress $channel > 0
            }

            #
            # NOTE: We hit another HTTP redirect.  Stop if there are more
            #       than X.
            #
            incr redirectCount

            #
            # TODO: Maybe make this limit configurable?
            #
            if {$redirectCount > $redirectLimit} then {
              #
              # NOTE: Just "give up" and return whatever data that we have
              #       now.
              #
              set data [::http::data $token]
              ::http::cleanup $token; break

            }

            #
            # NOTE: Grab the metadata associated with this HTTP response.
            #
            array set meta [::http::meta $token]

            #
            # NOTE: Is there actually a new URI (location) to use?
            #
            if {[info exist meta(Location)]} then {
              #
              # NOTE: Ok, grab it now.  Later, at the top of the loop,
              #       it will be used in the subsequent HTTP request.
              #
              set location $meta(Location); unset meta

              #
              # NOTE: For security, do NOT follow an HTTP redirect if
              #       it attempts to redirect from HTTPS to HTTP.

              #

              if {[string range $uri 0 7] eq "https://" && \
                  [string range $location 0 7] ne "https://"} then {
                #
                # NOTE: Just "give up" and return whatever data that
                #       we have now.
                #
                set data [::http::data $token]
                ::http::cleanup $token; break


              }

              #
              # NOTE: Replace the original URI with the new one, for
              #       use in the next HTTP request.
              #
              set uri $location

              #
              # NOTE: Cleanup the current HTTP token now beause a new
              #       one will be created for the next request.
              #
              ::http::cleanup $token
            } else {
              #
              # NOTE: Just "give up" and return whatever data that we
              #       have now.
              #
              set data [::http::data $token]







              ::http::cleanup $token; break


            }




          }





          default {
            #
            # NOTE: Ok, the HTTP response is actual data of some kind
            #       (which may be an error); however, it is not any
            #       kind of supported HTTP redirect.
            #
            set data [::http::data $token]
            ::http::cleanup $token; break


          }
        }
      }

      #
      # NOTE: If there is a currently scheduled [after] event, cancel it.
      #








>
>
>
>
>
>




|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>



|
>















|



|
<

<
|
>


















|
|
>

>
|


|
<

<
|
>
>















|
<

|
>
>
>
>
>
>
>
|
>
>
|
>
>
>
>

>
>
>
>
>

<
<
<
<
<
<
|
>
>








1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860

1861

1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890

1891

1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910

1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934






1935
1936
1937
1938
1939
1940
1941
1942
1943
1944


      while {1} {
        #
        # NOTE: Issue the HTTP request now, grabbing the resulting token.
        #
        set token [eval [list ::http::geturl $uri] $args]

        #
        # NOTE: Grab the HTTP response code and data now as they are needed
        #       in almost all cases.
        #
        set code [::http::ncode $token]; set data [::http::data $token]

        #
        # NOTE: Check the HTTP response code, in order to follow any HTTP
        #       redirect responses.
        #
        switch -glob -- $code {
          100 -
          101 -
          102 {
            ::http::cleanup $token; error [appendArgs \
                "unsupported informational HTTP response status code " \
                $code ", data: " $data]
          }
          200 -
          201 -
          202 -
          203 -
          204 -
          205 -
          206 -
          207 -
          208 -
          226 {
            #
            # NOTE: Ok, the HTTP response is actual data of some kind (which
            #       may be empty).
            #
            ::http::cleanup $token; break
          }
          301 -
          302 -
          303 -
          307 -
          308 {
            #
            # NOTE: Unless the caller forbids it, display progress messages
            #       when an HTTP redirect is returned.
            #
            if {!$quiet} then {
              pageProgress $channel > 0
            }

            #
            # NOTE: We hit another HTTP redirect.  Stop if there are more
            #       than X.
            #
            incr redirectCount

            #
            # TODO: Maybe make this limit more configurable?
            #
            if {$redirectCount > $redirectLimit} then {
              #
              # NOTE: Just "give up" and raise a script error.

              #

              ::http::cleanup $token; error [appendArgs \
                  "redirection limit of " $redirectLimit " exceeded"]
            }

            #
            # NOTE: Grab the metadata associated with this HTTP response.
            #
            array set meta [::http::meta $token]

            #
            # NOTE: Is there actually a new URI (location) to use?
            #
            if {[info exist meta(Location)]} then {
              #
              # NOTE: Ok, grab it now.  Later, at the top of the loop,
              #       it will be used in the subsequent HTTP request.
              #
              set location $meta(Location); unset meta

              #
              # NOTE: For security, by default, do NOT follow an HTTP
              #       redirect if it attempts to redirect from HTTPS
              #       to HTTP.
              #
              if {!$allowInsecureRedirect && \
                  [string range $uri 0 7] eq "https://" && \
                  [string range $location 0 7] ne "https://"} then {
                #
                # NOTE: Just "give up" and raise a script error.

                #

                ::http::cleanup $token; error [appendArgs \
                    "refused insecure redirect from \"" $uri "\" to \"" \
                    $location \"]
              }

              #
              # NOTE: Replace the original URI with the new one, for
              #       use in the next HTTP request.
              #
              set uri $location

              #
              # NOTE: Cleanup the current HTTP token now beause a new
              #       one will be created for the next request.
              #
              ::http::cleanup $token
            } else {
              #
              # NOTE: Just "give up" and raise a script error.

              #
              ::http::cleanup $token; error [appendArgs \
                  "redirect from \"" $uri "\" missing location, code " \
                  $code ", data: " $data]
            }
          }
          304 -
          305 -
          306 {
            ::http::cleanup $token; error [appendArgs \
                "unsupported redirection HTTP response status code " $code \
                ", data: " $data]
          }
          4?? {
            ::http::cleanup $token; error [appendArgs \
                "client error HTTP response status code " $code ", data: " \
                $data]
          }
          5?? {
            ::http::cleanup $token; error [appendArgs \
                "server error HTTP response status code " $code ", data: " \
                $data]
          }
          default {






            ::http::cleanup $token; error [appendArgs \
                "unrecognized HTTP response status code " $code ", data: " \
                $data]
          }
        }
      }

      #
      # NOTE: If there is a currently scheduled [after] event, cancel it.
      #
This page was generated in about 0.013s by Fossil version 2.20 Tcl version 8.6.12 [658547aa7c] 2022-10-09 01:11:55