internal/pkg: compute http identifier from url

The previous implementation exposes arbitrary user input to the cache as an identifier, which is highly error-prone and can cause the cache to enter an inconsistent state if the user is not careful. This change replaces the implementation to compute identifier late, using url string as params. Signed-off-by: Ophestra <cat@gensokyo.uk>
2026-01-05 00:43:21 +09:00
parent 4897b0259e
commit 4da26681b5
7 changed files with 95 additions and 119 deletions
--- a/internal/pkg/net_test.go
+++ b/internal/pkg/net_test.go
@@ -2,7 +2,6 @@ package pkg_test

 import (
 	"crypto/sha512"
-	"encoding/base64"
 	"net/http"
 	"reflect"
 	"testing"
@@ -12,7 +11,7 @@ import (
 	"hakurei.app/internal/pkg"
 )

-func TestHTTP(t *testing.T) {
+func TestHTTPGet(t *testing.T) {
 	t.Parallel()

 	const testdata = "\x7f\xe1\x69\xa2\xdd\x63\x96\x26\x83\x79\x61\x8b\xf0\x3f\xd5\x16\x9a\x39\x3a\xdb\xcf\xb1\xbc\x8d\x33\xff\x75\xee\x62\x56\xa9\xf0\x27\xac\x13\x94\x69"
@@ -23,8 +22,6 @@ func TestHTTP(t *testing.T) {
 		return (pkg.Checksum)(h.Sum(nil))
 	}()

-	testdataChecksumString := base64.URLEncoding.EncodeToString(testdataChecksum[:])
-
 	var transport http.Transport
 	client := http.Client{Transport: &transport}
 	transport.RegisterProtocol("file", http.NewFileTransportFS(fstest.MapFS{
@@ -33,75 +30,66 @@ func TestHTTP(t *testing.T) {

 	checkWithCache(t, []cacheTestCase{
 		{"direct", nil, func(t *testing.T, base *check.Absolute, c *pkg.Cache) {
-			var got []byte
-			if f, err := pkg.NewHTTPGet(
+			f := pkg.NewHTTPGet(
 				t.Context(),
 				&client,
 				"file:///testdata",
 				testdataChecksum,
-			); err != nil {
-				t.Fatalf("NewHTTPGet: error = %v", err)
-			} else if got, err = f.Data(); err != nil {
+			)
+			wantIdent := pkg.KindHTTPGet.Ident([]byte("file:///testdata"))
+			if got, err := f.Data(); err != nil {
 				t.Fatalf("Data: error = %v", err)
 			} else if string(got) != testdata {
 				t.Fatalf("Data: %x, want %x", got, testdata)
-			} else if gotIdent := pkg.Ident(f); gotIdent != testdataChecksum {
-				t.Fatalf("Ident: %x, want %x", gotIdent, testdataChecksum)
+			} else if gotIdent := pkg.Ident(f); gotIdent != wantIdent {
+				t.Fatalf("Ident: %s, want %s", pkg.Encode(gotIdent), pkg.Encode(wantIdent))
 			}

 			// check direct validation
-			wantErrMismatch := &pkg.ChecksumMismatchError{
-				Got: testdataChecksum,
-			}
-			if f, err := pkg.NewHTTPGet(
+			f = pkg.NewHTTPGet(
 				t.Context(),
 				&client,
 				"file:///testdata",
 				pkg.Checksum{},
-			); err != nil {
-				t.Fatalf("NewHTTPGet: error = %v", err)
-			} else if _, err = f.Data(); !reflect.DeepEqual(err, wantErrMismatch) {
+			)
+			wantErrMismatch := &pkg.ChecksumMismatchError{
+				Got: testdataChecksum,
+			}
+			if _, err := f.Data(); !reflect.DeepEqual(err, wantErrMismatch) {
 				t.Fatalf("Data: error = %#v, want %#v", err, wantErrMismatch)
-			} else if gotIdent := pkg.Ident(f); gotIdent != (pkg.Checksum{}) {
-				t.Fatalf("Ident: %x, want %x", gotIdent, pkg.Checksum{})
+			} else if gotIdent := pkg.Ident(f); gotIdent != wantIdent {
+				t.Fatalf("Ident: %s, want %s", pkg.Encode(gotIdent), pkg.Encode(wantIdent))
 			}

 			// check direct response error
-			wantErrNotFound := pkg.ResponseStatusError(http.StatusNotFound)
-			if f, err := pkg.NewHTTPGet(
+			f = pkg.NewHTTPGet(
 				t.Context(),
 				&client,
 				"file:///nonexistent",
 				pkg.Checksum{},
-			); err != nil {
-				t.Fatalf("NewHTTPGet: error = %v", err)
-			} else if _, err = f.Data(); !reflect.DeepEqual(err, wantErrNotFound) {
+			)
+			wantIdentNonexistent := pkg.KindHTTPGet.Ident([]byte("file:///nonexistent"))
+			wantErrNotFound := pkg.ResponseStatusError(http.StatusNotFound)
+			if _, err := f.Data(); !reflect.DeepEqual(err, wantErrNotFound) {
 				t.Fatalf("Data: error = %#v, want %#v", err, wantErrNotFound)
-			} else if gotIdent := pkg.Ident(f); gotIdent != (pkg.Checksum{}) {
-				t.Fatalf("Ident: %x, want %x", gotIdent, pkg.Checksum{})
+			} else if gotIdent := pkg.Ident(f); gotIdent != wantIdentNonexistent {
+				t.Fatalf("Ident: %s, want %s", pkg.Encode(gotIdent), pkg.Encode(wantIdentNonexistent))
 			}
 		}, pkg.MustDecode("E4vEZKhCcL2gPZ2Tt59FS3lDng-d_2SKa2i5G_RbDfwGn6EemptFaGLPUDiOa94C")},

 		{"cure", nil, func(t *testing.T, base *check.Absolute, c *pkg.Cache) {
-			f, err := pkg.NewHTTPGet(
+			f := pkg.NewHTTPGet(
 				t.Context(),
 				&client,
 				"file:///testdata",
 				testdataChecksum,
 			)
-			if err != nil {
-				t.Fatalf("NewHTTPGet: error = %v", err)
-			}
-
+			wantIdent := pkg.KindHTTPGet.Ident([]byte("file:///testdata"))
 			wantPathname := base.Append(
 				"identifier",
-				testdataChecksumString,
+				pkg.Encode(wantIdent),
 			)
-			var (
-				pathname *check.Absolute
-				checksum pkg.Checksum
-			)
-			if pathname, checksum, err = c.Cure(f); err != nil {
+			if pathname, checksum, err := c.Cure(f); err != nil {
 				t.Fatalf("Cure: error = %v", err)
 			} else if !pathname.Is(wantPathname) {
 				t.Fatalf("Cure: %q, want %q", pathname, wantPathname)
@@ -109,45 +97,43 @@ func TestHTTP(t *testing.T) {
 				t.Fatalf("Cure: %x, want %x", checksum, testdataChecksum)
 			}

-			var got []byte
-			if got, err = f.Data(); err != nil {
+			if got, err := f.Data(); err != nil {
 				t.Fatalf("Data: error = %v", err)
 			} else if string(got) != testdata {
 				t.Fatalf("Data: %x, want %x", got, testdata)
-			} else if gotIdent := pkg.Ident(f); gotIdent != testdataChecksum {
-				t.Fatalf("Ident: %x, want %x", gotIdent, testdataChecksum)
+			} else if gotIdent := pkg.Ident(f); gotIdent != wantIdent {
+				t.Fatalf("Ident: %s, want %s", pkg.Encode(gotIdent), pkg.Encode(wantIdent))
 			}

 			// check load from cache
-			if f, err = pkg.NewHTTPGet(
+			f = pkg.NewHTTPGet(
 				t.Context(),
 				&client,
 				"file:///testdata",
 				testdataChecksum,
-			); err != nil {
-				t.Fatalf("NewHTTPGet: error = %v", err)
-			} else if got, err = f.Data(); err != nil {
+			)
+			if got, err := f.Data(); err != nil {
 				t.Fatalf("Data: error = %v", err)
 			} else if string(got) != testdata {
 				t.Fatalf("Data: %x, want %x", got, testdata)
-			} else if gotIdent := pkg.Ident(f); gotIdent != testdataChecksum {
-				t.Fatalf("Ident: %x, want %x", gotIdent, testdataChecksum)
+			} else if gotIdent := pkg.Ident(f); gotIdent != wantIdent {
+				t.Fatalf("Ident: %s, want %s", pkg.Encode(gotIdent), pkg.Encode(wantIdent))
 			}

 			// check error passthrough
-			wantErrNotFound := pkg.ResponseStatusError(http.StatusNotFound)
-			if f, err = pkg.NewHTTPGet(
+			f = pkg.NewHTTPGet(
 				t.Context(),
 				&client,
 				"file:///nonexistent",
 				pkg.Checksum{},
-			); err != nil {
-				t.Fatalf("NewHTTPGet: error = %v", err)
-			} else if _, _, err = c.Cure(f); !reflect.DeepEqual(err, wantErrNotFound) {
+			)
+			wantIdentNonexistent := pkg.KindHTTPGet.Ident([]byte("file:///nonexistent"))
+			wantErrNotFound := pkg.ResponseStatusError(http.StatusNotFound)
+			if _, _, err := c.Cure(f); !reflect.DeepEqual(err, wantErrNotFound) {
 				t.Fatalf("Pathname: error = %#v, want %#v", err, wantErrNotFound)
-			} else if gotIdent := pkg.Ident(f); gotIdent != (pkg.Checksum{}) {
-				t.Fatalf("Ident: %x, want %x", gotIdent, pkg.Checksum{})
+			} else if gotIdent := pkg.Ident(f); gotIdent != wantIdentNonexistent {
+				t.Fatalf("Ident: %s, want %s", pkg.Encode(gotIdent), pkg.Encode(wantIdentNonexistent))
 			}
-		}, pkg.MustDecode("4WHaMvRRcCac1uAyXnEklEd2YaNQBj6rXlfMntX9GgYLij3By1znv5QYPGJHYQIH")},
+		}, pkg.MustDecode("bqtn69RkV5E7V7GhhgCFjcvbxmaqrO8DywamM4Tyjf10F6EJBHjXiIa_tFRtF4iN")},
 	})
 }