// Copyright 2015 The go-ethereum Authors // This file is part of the go-ethereum library. // // The go-ethereum library is free software: you can redistribute it and/or modify // it under the terms of the GNU Lesser General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // The go-ethereum library is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Lesser General Public License for more details. // // You should have received a copy of the GNU Lesser General Public License // along with the go-ethereum library. If not, see . package rpc import ( "bytes" "context" "encoding/json" "fmt" "io" "io/ioutil" "mime" "net" "net/http" "sync" "time" "github.com/rs/cors" ) const ( contentType = "application/json" maxHTTPRequestContentLength = 1024 * 128 ) var nullAddr, _ = net.ResolveTCPAddr("tcp", "127.0.0.1:0") type httpConn struct { client *http.Client req *http.Request closeOnce sync.Once closed chan struct{} } // httpConn is treated specially by Client. func (hc *httpConn) LocalAddr() net.Addr { return nullAddr } func (hc *httpConn) RemoteAddr() net.Addr { return nullAddr } func (hc *httpConn) SetReadDeadline(time.Time) error { return nil } func (hc *httpConn) SetWriteDeadline(time.Time) error { return nil } func (hc *httpConn) SetDeadline(time.Time) error { return nil } func (hc *httpConn) Write([]byte) (int, error) { panic("Write called") } func (hc *httpConn) Read(b []byte) (int, error) { <-hc.closed return 0, io.EOF } func (hc *httpConn) Close() error { hc.closeOnce.Do(func() { close(hc.closed) }) return nil } // DialHTTP creates a new RPC clients that connection to an RPC server over HTTP. func DialHTTP(endpoint string) (*Client, error) { req, err := http.NewRequest("POST", endpoint, nil) if err != nil { return nil, err } req.Header.Set("Content-Type", contentType) req.Header.Set("Accept", contentType) initctx := context.Background() return newClient(initctx, func(context.Context) (net.Conn, error) { return &httpConn{client: new(http.Client), req: req, closed: make(chan struct{})}, nil }) } func (c *Client) sendHTTP(ctx context.Context, op *requestOp, msg interface{}) error { hc := c.writeConn.(*httpConn) respBody, err := hc.doRequest(ctx, msg) if err != nil { return err } defer respBody.Close() var respmsg jsonrpcMessage if err := json.NewDecoder(respBody).Decode(&respmsg); err != nil { return err } op.resp <- &respmsg return nil } func (c *Client) sendBatchHTTP(ctx context.Context, op *requestOp, msgs []*jsonrpcMessage) error { hc := c.writeConn.(*httpConn) respBody, err := hc.doRequest(ctx, msgs) if err != nil { return err } defer respBody.Close() var respmsgs []jsonrpcMessage if err := json.NewDecoder(respBody).Decode(&respmsgs); err != nil { return err } for i := 0; i < len(respmsgs); i++ { op.resp <- &respmsgs[i] } return nil } func (hc *httpConn) doRequest(ctx context.Context, msg interface{}) (io.ReadCloser, error) { body, err := json.Marshal(msg) if err != nil { return nil, err } req := hc.req.WithContext(ctx) req.Body = ioutil.NopCloser(bytes.NewReader(body)) req.ContentLength = int64(len(body)) resp, err := hc.client.Do(req) if err != nil { return nil, err } return resp.Body, nil } // httpReadWriteNopCloser wraps a io.Reader and io.Writer with a NOP Close method. type httpReadWriteNopCloser struct { io.Reader io.Writer } // Close does nothing and returns always nil func (t *httpReadWriteNopCloser) Close() error { return nil } // NewHTTPServer creates a new HTTP RPC server around an API provider. // // Deprecated: Server implements http.Handler func NewHTTPServer(cors []string, srv *Server) *http.Server { return &http.Server{Handler: newCorsHandler(srv, cors)} } // ServeHTTP serves JSON-RPC requests over HTTP. func (srv *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { // Permit dumb empty requests for remote health-checks (AWS) if r.Method == "GET" && r.ContentLength == 0 && r.URL.RawQuery == "" { return } if responseCode, errorMessage := httpErrorResponse(r); responseCode != 0 { http.Error(w, errorMessage, responseCode) return } // All checks passed, create a codec that reads direct from the request body // untilEOF and writes the response to w and order the server to process a // single request. codec := NewJSONCodec(&httpReadWriteNopCloser{r.Body, w}) defer codec.Close() w.Header().Set("content-type", "application/json") srv.ServeSingleRequest(codec, OptionMethodInvocation) } // Returns a non-zero response code and error message if the request is invalid. func httpErrorResponse(r *http.Request) (int, string) { if r.Method == "PUT" || r.Method == "DELETE" { errorMessage := "method not allowed" return http.StatusMethodNotAllowed, errorMessage } if r.ContentLength > maxHTTPRequestContentLength { errorMessage := fmt.Sprintf("content length too large (%d>%d)", r.ContentLength, maxHTTPRequestContentLength) return http.StatusRequestEntityTooLarge, errorMessage } ct := r.Header.Get("content-type") mt, _, err := mime.ParseMediaType(ct) if err != nil || mt != contentType { errorMessage := fmt.Sprintf("invalid content type, only %s is supported", contentType) return http.StatusUnsupportedMediaType, errorMessage } return 0, "" } func newCorsHandler(srv *Server, allowedOrigins []string) http.Handler { // disable CORS support if user has not specified a custom CORS configuration if len(allowedOrigins) == 0 { return srv } c := cors.New(cors.Options{ AllowedOrigins: allowedOrigins, AllowedMethods: []string{"POST", "GET"}, MaxAge: 600, AllowedHeaders: []string{"*"}, }) return c.Handler(srv) }