bashttpd.sh

#!/usr/bin/env bash
#
# A simple, configurable HTTP server written in bash.
#
# See LICENSE for licensing information.
#
# Original author: Avleen Vig, 2012
# Reworked by:     Josh Cartwright, 2012
# Reworked by:     Nathan Rajlich, 2018

recv() { echo "<" "$@" >&2; }
send() { echo ">" "$@" >&2;
         printf "%s\r\n" "$*"; }

read_bytes() {
  LANG=C IFS= read -r -d '' -n "$1" char
  printf "%s" "${char}"
}

DATE=$(date +"%a, %d %b %Y %H:%M:%S %Z")
declare -a RESPONSE_HEADERS=(
      "Date: $DATE"
   "Expires: $DATE"
    "Server: Slash Bin Slash Bash"
)

add_response_header() {
   RESPONSE_HEADERS+=("$1: $2")
}

_add_response_header() {
   RESPONSE_HEADERS+=("$1")
}

declare -a HTTP_RESPONSE=(
  [100]="Continue"
  [101]="Switching Protocols"
  [102]="Processing"
  [103]="Early Hints"
  [200]="OK"
  [201]="Created"
  [202]="Accepted"
  [203]="Non-Authoritative Information"
  [204]="No Content"
  [205]="Reset Content"
  [206]="Partial Content"
  [207]="Multi-Status"
  [208]="Already Reported"
  [226]="IM Used"
  [300]="Multiple Choices"
  [301]="Moved Permanently"
  [302]="Found"
  [303]="See Other"
  [304]="Not Modified"
  [305]="Use Proxy"
  [307]="Temporary Redirect"
  [308]="Permanent Redirect"
  [400]="Bad Request"
  [401]="Unauthorized"
  [402]="Payment Required"
  [403]="Forbidden"
  [404]="Not Found"
  [405]="Method Not Allowed"
  [406]="Not Acceptable"
  [407]="Proxy Authentication Required"
  [408]="Request Timeout"
  [409]="Conflict"
  [410]="Gone"
  [411]="Length Required"
  [412]="Precondition Failed"
  [413]="Payload Too Large"
  [414]="URI Too Long"
  [415]="Unsupported Media Type"
  [416]="Range Not Satisfiable"
  [417]="Expectation Failed"
  [418]="I'm a teapot"
  [421]="Misdirected Request"
  [422]="Unprocessable Entity"
  [423]="Locked"
  [424]="Failed Dependency"
  [425]="Unordered Collection"
  [426]="Upgrade Required"
  [428]="Precondition Required"
  [429]="Too Many Requests"
  [431]="Request Header Fields Too Large"
  [451]="Unavailable For Legal Reasons"
  [500]="Internal Server Error"
  [501]="Not Implemented"
  [502]="Bad Gateway"
  [503]="Service Unavailable"
  [504]="Gateway Timeout"
  [505]="HTTP Version Not Supported"
  [506]="Variant Also Negotiates"
  [507]="Insufficient Storage"
  [508]="Loop Detected"
  [509]="Bandwidth Limit Exceeded"
  [510]="Not Extended"
  [511]="Network Authentication Required"
)

send_response_header() {
   local code=$1
   send "HTTP/1.0 ${code} ${HTTP_RESPONSE[${code}]}"
   for i in "${RESPONSE_HEADERS[@]}"; do
      send "$i"
   done
   send
}

_fail_with() {
   send_response_header "$1"
   echo "$1 ${HTTP_RESPONSE[$1]}"
   exit 1
}

# Request-Line HTTP RFC 2616 $5.1
IFS='' read -r line || _fail_with 400

# strip trailing CR if it exists
line=${line%%$'\r'}
recv "$line"

read -r REQUEST_METHOD REQUEST_URI REQUEST_HTTP_VERSION <<<"$line"

[ -n "$REQUEST_METHOD" ] && \
[ -n "$REQUEST_URI" ] && \
[ -n "$REQUEST_HTTP_VERSION" ] \
   || _fail_with 400

REQUEST_PATH="${REQUEST_URI%%\?*}"
QUERY_STRING="${REQUEST_URI#*\?}"

declare -a REQUEST_HEADERS

while IFS='' read -r line; do
   line=${line%%$'\r'}
   recv "$line"

   # If we've reached the end of the headers, break.
   [ -z "$line" ] && break

   REQUEST_HEADERS+=("$line")
done

CONTROL_SEQUENCE=$'\1'

flush_response() {
  # Wait for response code and header "events" from stdin
  local code=200
  local buf
  while true; do
    local buf="$(read_bytes "${#CONTROL_SEQUENCE}")"
    #recv "buf: $(printf "%x " "'${buf}") ${#buf}"
    if [ "${buf}" = "${CONTROL_SEQUENCE}" ]; then
      IFS='' read -r line
      line=${line%%$'\r'}
      #recv "line: ${line}"
      local cmd="${line:0:1}"
      local data="${line:1}"
      case "${cmd}" in
        C) code="${data}";;
        H) _add_response_header "${data}";;
      esac
    else
      break
    fi
  done
  send_response_header "${code}"
  printf "%s" "${buf}"
  cat
}

# Set the response status code.
# MUST be called *before* any output is generated by your script.
set_response_code() {
  echo "${CONTROL_SEQUENCE}C$1"
}

# Sets a response header.
# MUST be called *before* any output is generated by your script.
set_response_header() {
  local header="$1"
  shift
  if [ $# -ne 0 ]; then
    header="${header}: $*"
  fi
  echo "${CONTROL_SEQUENCE}H${header}"
}

fail_with() {
  set_response_code "$1"
  echo "$1 ${HTTP_RESPONSE[$1]}"
  return 1
}

# https://stackoverflow.com/a/37840948/376773
decode_url() { : "${*//+/ }"; echo -e "${_//%/\\x}"; }

get_request_header() {
  local name="$1"
  shopt -s nocasematch
  for header in "${REQUEST_HEADERS[@]}"; do
    if [[ "${header}" == "${name}:"* ]]; then
      local index="$((${#name} + 2))"
      echo "${header:$index}"
      return 0
    fi
  done

  # If we got to here then the header was not found
  return 1
}

parse_request_body() {
  local length="$(get_request_header "content-length")"
  if [ ! -z "${length}" ]; then
    recv "Reading ${length} byte request body"
    read_bytes "${length}"
  else
    local encoding="$(get_request_header "transfer-encoding")"
    if [ "${encoding}" = "chunked" ]; then
      while IFS='' read -r line; do
        line=${line%%$'\r'}
        #recv "$line"

        length="$(printf "%d" "0x${line%%$'\n'}")"

        if [ "${length}" -gt 0 ]; then
          recv "Reading ${length} byte chunk"
          read_bytes "${length}"

          # The next two bytes are supposed to be '\r\n'
          #recv "Reading 2 byte end"
          # TODO: add verification
          read_bytes 2 > /dev/null
          recv "Done with chunk"
        else
          recv "Done reading chunked body"
          break
        fi
      done
    fi
  fi
}

parse_request_body | "$@" | flush_response