goscript 0.2.5 → 0.2.7

package/dist/gs/net/http/index.d.ts

@@ -330,7 +330,7 @@ interface fileServerFileSystem {
 interface fileServerFile {
     Close(): maybePromise<$.GoError>;
     Read(p: $.Bytes): maybePromise<[number, $.GoError]>;
-    Seek(offset: number, whence: number): maybePromise<[number, $.GoError]>;
+    Seek(offset: bigint, whence: number): maybePromise<[bigint, $.GoError]>;
     Readdir(count: number): maybePromise<[$.Slice<fs.FileInfo> | null, $.GoError]>;
     Stat(): maybePromise<[fs.FileInfo | null, $.GoError]>;
 }
@@ -338,7 +338,7 @@ export declare function FS(fsys: fs.FS): FileSystem;
 export declare function FileServer(root: fileServerFileSystem | null): Handler;
 export declare function FileServerFS(fsys: fs.FS): Handler;
 export declare function ServeFile(w: ResponseWriter | null, r: Request | $.VarRef<Request> | null, _name: string): void;
-export declare function ServeFileFS(w: ResponseWriter | null, r: Request | $.VarRef<Request> | null, _fsys: fs.FS, name: string): void;
+export declare function ServeFileFS(w: ResponseWriter | null, r: Request | $.VarRef<Request> | null, fsys: fs.FS, name: string): Promise<void>;
 export interface Handler {
     ServeHTTP(w: ResponseWriter | null, r: Request | $.VarRef<Request> | null): void | Promise<void>;
 }
@@ -432,7 +432,7 @@ export declare function RedirectHandler(url: string, code: number): Handler;
 export declare function TimeoutHandler(handler: Handler | null, _dt: number, msg: string): Handler;
 export declare function Error(w: ResponseWriter | null, error: string, code: number): void;
 export declare function NotFound(w: ResponseWriter | null, _r: Request | $.VarRef<Request> | null): void;
-export declare function Redirect(w: ResponseWriter | null, _r: Request | $.VarRef<Request> | null, url: string, code: number): Promise<void>;
+export declare function Redirect(w: ResponseWriter | null, r: Request | $.VarRef<Request> | null, url: string, code: number): Promise<void>;
 export declare function ParseTime(text: string): [time.Time, $.GoError];
 export declare function DetectContentType(data: $.Slice<number>): string;
 export declare function ParseHTTPVersion(vers: string): [number, number, boolean];
@@ -444,9 +444,9 @@ export declare function Get(_url: string): Promise<[Response | null, $.GoError]>
 export declare function Head(_url: string): Promise<[Response | null, $.GoError]>;
 export declare function Post(_url: string, contentType: string, body: io.Reader | null): Promise<[Response | null, $.GoError]>;
 export declare function PostForm(_url: string, data: any): Promise<[Response | null, $.GoError]>;
-export declare function ProxyFromEnvironment(_req: Request | $.VarRef<Request> | null): [any, $.GoError];
 export declare function ProxyURL(fixedURL: any): (req: Request | $.VarRef<Request> | null) => [any, $.GoError];
-export declare function ReadRequest(_reader: any): [Request | null, $.GoError];
-export declare function ReadResponse(_reader: any, _req: Request | $.VarRef<Request> | null): [Response | null, $.GoError];
+export declare function ProxyFromEnvironment(_req: Request | $.VarRef<Request> | null): [any, $.GoError];
+export declare function ReadRequest(reader: any): Promise<[Request | null, $.GoError]>;
+export declare function ReadResponse(reader: any, req: Request | $.VarRef<Request> | null): Promise<[Response | null, $.GoError]>;
 export declare function ServeContent(w: ResponseWriter | null, req: Request | $.VarRef<Request> | null, _name: string, _modtime: time.Time, content: io.Reader | null): Promise<void>;
 export {};

package/dist/gs/net/http/index.js

@@ -336,9 +336,10 @@ function parseRequestURL(rawURL) {
             return [null, errors.New(`parse "${rawURL}": invalid URL escape`)];
         }
         const parsed = new URL(rawURL, 'http://goscript.invalid');
+        const path = decodeURIComponent(parsed.pathname);
         const hasHost = /^[a-zA-Z][a-zA-Z0-9+.-]*:\/\//.test(rawURL);
         return [
-            new RequestURL(parsed.pathname, parsed.search.startsWith('?') ? parsed.search.slice(1) : parsed.search, hasHost ? parsed.protocol.replace(/:$/, '') : '', hasHost ? parsed.host : ''),
+            new RequestURL(path, parsed.search.startsWith('?') ? parsed.search.slice(1) : parsed.search, hasHost ? parsed.protocol.replace(/:$/, '') : '', hasHost ? parsed.host : ''),
             null,
         ];
     }
@@ -1248,7 +1249,7 @@ function httpFileFromFSFile(file) {
         Close: () => file.Close(),
         Stat: () => file.Stat(),
         Seek: seek == null ?
-            () => [0, errors.New('net/http: file does not support seek')]
+            () => [0n, errors.New('net/http: file does not support seek')]
             : seek.bind(file),
         Readdir: readdir == null ? () => [null, io.EOF] : readdir.bind(file),
     };
@@ -1279,23 +1280,7 @@ export function FileServer(root) {
                     NotFound(w, req);
                     return;
                 }
-                const header = await w.Header();
-                if (Header_Get(header, 'Content-Type') === '') {
-                    const contentType = mime.TypeByExtension(path.Ext(info?.Name?.() || req.URL?.Path || ''));
-                    if (contentType !== '') {
-                        Header_Set(header, 'Content-Type', contentType);
-                    }
-                }
-                if (info?.Size != null) {
-                    Header_Set(header, 'Content-Length', String(info.Size()));
-                }
-                await w.WriteHeader(StatusOK);
-                if (req.Method !== MethodHead) {
-                    const [, copyErr] = await io.Copy(w, file);
-                    if (copyErr != null) {
-                        return;
-                    }
-                }
+                await serveContent(w, req, info?.Name?.() || req.URL?.Path || '', file, typeof info?.Size === 'function' ? Number(info.Size()) : null);
             }
             finally {
                 await file.Close();
@@ -1317,8 +1302,35 @@ export function ServeFile(w, r, _name) {
     }
     NotFound(w, req);
 }
-export function ServeFileFS(w, r, _fsys, name) {
-    ServeFile(w, r, name);
+export async function ServeFileFS(w, r, fsys, name) {
+    const req = $.pointerValue(r);
+    if (w == null || req == null) {
+        return;
+    }
+    if (req.Method !== MethodGet && req.Method !== MethodHead) {
+        Error(w, 'method not allowed', StatusMethodNotAllowed);
+        return;
+    }
+    const [file, err] = (await FS(fsys).Open(name)) ?? [null, fs.ErrInvalid];
+    if (err != null || file == null) {
+        NotFound(w, req);
+        return;
+    }
+    try {
+        const [info, statErr] = await file.Stat();
+        if (statErr != null) {
+            Error(w, statErr.Error(), StatusInternalServerError);
+            return;
+        }
+        if (info?.IsDir?.() === true) {
+            NotFound(w, req);
+            return;
+        }
+        await serveContent(w, req, info?.Name?.() || name, file, typeof info?.Size === 'function' ? Number(info.Size()) : null);
+    }
+    finally {
+        await file.Close();
+    }
 }
 function cleanFileServerPath(name) {
     const parts = [];
@@ -1666,20 +1678,53 @@ export function HandleFunc(pattern, handler) {
     DefaultServeMux.HandleFunc(pattern, handler);
 }
 export function StripPrefix(prefix, handler) {
+    if (prefix === '') {
+        return handler ?? NotFoundHandler();
+    }
     return {
         ServeHTTP(w, r) {
             const req = $.pointerValue(r);
-            if (req?.URL != null &&
-                typeof req.URL.Path === 'string' &&
-                req.URL.Path.startsWith(prefix)) {
-                req.URL = { ...req.URL, Path: req.URL.Path.slice(prefix.length) || '/' };
+            const urlPath = req?.URL?.Path;
+            const rawPath = req?.URL?.RawPath ?? '';
+            const strippedPath = typeof urlPath === 'string' && urlPath.startsWith(prefix) ?
+                urlPath.slice(prefix.length)
+                : urlPath;
+            const strippedRawPath = rawPath !== '' && rawPath.startsWith(prefix) ?
+                rawPath.slice(prefix.length)
+                : rawPath;
+            if (req != null &&
+                req.URL != null &&
+                typeof urlPath === 'string' &&
+                strippedPath.length < urlPath.length &&
+                (rawPath === '' || strippedRawPath.length < rawPath.length)) {
+                const reqCopy = req.Clone(req.Context());
+                reqCopy.URL = {
+                    ...reqCopy.URL,
+                    Path: strippedPath,
+                    RawPath: strippedRawPath,
+                };
+                return handler?.ServeHTTP(w, reqCopy);
             }
-            return handler?.ServeHTTP(w, req);
+            NotFound(w, req);
         },
     };
 }
 export function AllowQuerySemicolons(handler) {
-    return handler ?? NotFoundHandler();
+    const target = handler ?? NotFoundHandler();
+    return {
+        ServeHTTP(w, r) {
+            const req = $.pointerValue(r);
+            if (req?.URL?.RawQuery?.includes(';') === true) {
+                const reqCopy = req.Clone(req.Context());
+                reqCopy.URL = {
+                    ...reqCopy.URL,
+                    RawQuery: req.URL.RawQuery.replaceAll(';', '&'),
+                };
+                return target.ServeHTTP(w, reqCopy);
+            }
+            return target.ServeHTTP(w, r);
+        },
+    };
 }
 export function MaxBytesHandler(handler, n) {
     return {
@@ -1723,15 +1768,46 @@ export function Error(w, error, code) {
 export function NotFound(w, _r) {
     Error(w, '404 page not found', StatusNotFound);
 }
-export async function Redirect(w, _r, url, code) {
+export async function Redirect(w, r, url, code) {
     if (w == null) {
         return;
     }
+    const req = $.pointerValue(r);
+    url = redirectLocation(req, url);
     const header = await w.Header();
+    const hadContentType = Header_Get(header, 'Content-Type') !== '';
     if (header != null) {
         Header_Set(header, 'Location', url);
+        if (!hadContentType && req?.Method === MethodGet) {
+            Header_Set(header, 'Content-Type', 'text/html; charset=utf-8');
+        }
     }
     await w.WriteHeader(code);
+    if (!hadContentType && req?.Method === MethodGet) {
+        await w.Write($.stringToBytes(`<a href="${url}">${StatusText(code)}</a>.\n\n`));
+    }
+}
+function redirectLocation(req, url) {
+    if (req?.URL == null ||
+        url === '' ||
+        url.startsWith('/') ||
+        /^[A-Za-z][A-Za-z0-9+.-]*:/.test(url)) {
+        return url;
+    }
+    const [dir] = path.Split(req.URL.Path || '/');
+    let pathPart = dir + url;
+    let query = '';
+    const queryIndex = pathPart.indexOf('?');
+    if (queryIndex >= 0) {
+        query = pathPart.slice(queryIndex);
+        pathPart = pathPart.slice(0, queryIndex);
+    }
+    const trailingSlash = pathPart.endsWith('/');
+    pathPart = path.Clean(pathPart);
+    if (trailingSlash && !pathPart.endsWith('/')) {
+        pathPart += '/';
+    }
+    return pathPart + query;
 }
 export function ParseTime(text) {
     const date = new globalThis.Date(text);
@@ -1741,7 +1817,7 @@ export function ParseTime(text) {
             $.newError(`parsing time "${text}" as HTTP-date: cannot parse`),
         ];
     }
-    return [time.UnixMilli(date.getTime()), null];
+    return [time.UnixMilli(BigInt(date.getTime())), null];
 }
 export function DetectContentType(data) {
     const bytes = Uint8Array.from(data ?? []).subarray(0, 512);
@@ -2077,7 +2153,7 @@ export function ParseSetCookie(line) {
                 if (Number.isNaN(parsed.getTime())) {
                     break;
                 }
-                cookie.Expires = time.UnixMilli(parsed.getTime());
+                cookie.Expires = time.UnixMilli(BigInt(parsed.getTime()));
                 continue;
             }
             case 'path':
@@ -2150,33 +2226,421 @@ export async function Post(_url, contentType, body) {
 export async function PostForm(_url, data) {
     return await DefaultClient.PostForm(_url, data);
 }
+export function ProxyURL(fixedURL) {
+    return () => [fixedURL, null];
+}
 export function ProxyFromEnvironment(_req) {
     return [null, null];
 }
-export function ProxyURL(fixedURL) {
-    return () => [fixedURL, null];
+export async function ReadRequest(reader) {
+    const [wire, readErr] = await readHTTPWire(reader);
+    if (readErr != null) {
+        return [null, readErr];
+    }
+    const parsed = parseHTTPWire(wire);
+    if (parsed.error != null) {
+        return [null, parsed.error];
+    }
+    const [method, requestURI, proto] = splitRequestLine(parsed.startLine);
+    if (method === '' || requestURI === '' || proto === '') {
+        return [null, badHTTPMessageError('malformed HTTP request')];
+    }
+    if (!isToken(method)) {
+        return [null, badHTTPMessageError(`invalid method ${method}`)];
+    }
+    const [protoMajor, protoMinor, protoOK] = ParseHTTPVersion(proto);
+    if (!protoOK) {
+        return [null, badHTTPMessageError(`malformed HTTP version ${proto}`)];
+    }
+    const [url, urlErr] = parseRequestURL(requestURI);
+    if (urlErr != null || url == null) {
+        return [null, urlErr];
+    }
+    const host = Header_Get(parsed.header, 'Host');
+    Header_Del(parsed.header, 'Host');
+    const bodyInfo = parseHTTPBody(parsed.header, parsed.body);
+    if (bodyInfo.error != null) {
+        return [null, bodyInfo.error];
+    }
+    return [
+        new Request({
+            Method: method,
+            URL: url,
+            Proto: proto,
+            ProtoMajor: protoMajor,
+            ProtoMinor: protoMinor,
+            Body: bodyInfo.body,
+            Header: parsed.header,
+            ContentLength: bodyInfo.contentLength,
+            TransferEncoding: bodyInfo.transferEncoding,
+            Close: shouldClose(protoMajor, protoMinor, parsed.header),
+            Host: host,
+            RequestURI: requestURI,
+        }),
+        null,
+    ];
 }
-export function ReadRequest(_reader) {
-    return [null, ErrNotSupported];
+export async function ReadResponse(reader, req) {
+    const [wire, readErr] = await readHTTPWire(reader);
+    if (readErr != null) {
+        return [null, readErr];
+    }
+    const parsed = parseHTTPWire(wire);
+    if (parsed.error != null) {
+        return [null, parsed.error];
+    }
+    const match = /^(HTTP\/\d+\.\d+) ([0-9]{3})(?: (.*))?$/.exec(parsed.startLine);
+    if (match == null) {
+        return [null, badHTTPMessageError('malformed HTTP response')];
+    }
+    const [, proto, statusCodeText, statusText = ''] = match;
+    const [protoMajor, protoMinor, protoOK] = ParseHTTPVersion(proto);
+    if (!protoOK) {
+        return [null, badHTTPMessageError(`malformed HTTP version ${proto}`)];
+    }
+    const statusCode = Number(statusCodeText);
+    const noBody = statusCode === StatusNoContent || statusCode === StatusNotModified;
+    const bodyInfo = noBody ?
+        {
+            body: NoBody,
+            contentLength: 0,
+            transferEncoding: null,
+            error: null,
+        }
+        : parseHTTPBody(parsed.header, parsed.body);
+    if (bodyInfo.error != null) {
+        return [null, bodyInfo.error];
+    }
+    return [
+        new Response({
+            Status: `${statusCodeText}${statusText === '' ? '' : ` ${statusText}`}`,
+            StatusCode: statusCode,
+            Proto: proto,
+            ProtoMajor: protoMajor,
+            ProtoMinor: protoMinor,
+            Body: bodyInfo.body,
+            Header: parsed.header,
+            ContentLength: bodyInfo.contentLength,
+            TransferEncoding: bodyInfo.transferEncoding,
+            Close: shouldClose(protoMajor, protoMinor, parsed.header),
+            Request: req,
+        }),
+        null,
+    ];
 }
-export function ReadResponse(_reader, _req) {
-    return [null, ErrNotSupported];
+async function readHTTPWire(reader) {
+    const r = $.pointerValueOrNil(reader);
+    if (r == null || typeof r.Read !== 'function') {
+        return ['', errors.New('malformed HTTP message')];
+    }
+    const [data, err] = await io.ReadAll(r);
+    if (err != null) {
+        return ['', err];
+    }
+    return [$.bytesToString(data), null];
+}
+function splitRequestLine(line) {
+    const first = line.indexOf(' ');
+    const last = line.lastIndexOf(' ');
+    if (first <= 0 || last <= first) {
+        return ['', '', ''];
+    }
+    return [
+        line.slice(0, first),
+        line.slice(first + 1, last),
+        line.slice(last + 1),
+    ];
+}
+function parseHTTPWire(wire) {
+    const headerEnd = wire.indexOf('\r\n\r\n');
+    const separatorLength = headerEnd >= 0 ? 4 : 2;
+    const fallbackHeaderEnd = headerEnd >= 0 ? headerEnd : wire.indexOf('\n\n');
+    if (fallbackHeaderEnd < 0) {
+        return {
+            startLine: '',
+            header: new Header(),
+            body: '',
+            error: badHTTPMessageError('malformed HTTP message'),
+        };
+    }
+    const head = wire.slice(0, fallbackHeaderEnd).replace(/\r\n/g, '\n');
+    const lines = head.split('\n');
+    const startLine = lines.shift() ?? '';
+    const header = new Header();
+    let lastKey = '';
+    for (const rawLine of lines) {
+        if (rawLine === '') {
+            continue;
+        }
+        if ((rawLine[0] === ' ' || rawLine[0] === '\t') && lastKey !== '') {
+            const values = Array.from(header.get(lastKey) ?? []);
+            values[values.length - 1] =
+                `${values[values.length - 1]} ${rawLine.trim()}`;
+            header.set(lastKey, $.arrayToSlice(values));
+            continue;
+        }
+        const colon = rawLine.indexOf(':');
+        if (colon <= 0) {
+            return {
+                startLine: '',
+                header: new Header(),
+                body: '',
+                error: badHTTPMessageError('malformed MIME header line'),
+            };
+        }
+        lastKey = canonicalMIMEHeaderKey(rawLine.slice(0, colon).trim());
+        Header_Add(header, lastKey, rawLine.slice(colon + 1).trim());
+    }
+    return {
+        startLine,
+        header,
+        body: wire.slice(fallbackHeaderEnd + separatorLength),
+        error: null,
+    };
+}
+function parseHTTPBody(header, rawBody) {
+    const transferEncoding = Header_Get(header, 'Transfer-Encoding');
+    if (transferEncoding.toLowerCase() === 'chunked') {
+        const chunked = decodeChunkedBody(rawBody);
+        if (chunked.error != null) {
+            return {
+                body: NoBody,
+                contentLength: -1,
+                transferEncoding: $.arrayToSlice(['chunked']),
+                error: chunked.error,
+            };
+        }
+        return {
+            body: bodyFromString(chunked.body),
+            contentLength: -1,
+            transferEncoding: $.arrayToSlice(['chunked']),
+            error: null,
+        };
+    }
+    const contentLength = Header_Get(header, 'Content-Length');
+    if (contentLength !== '') {
+        const parsedLength = Number.parseInt(contentLength, 10);
+        if (!/^[0-9]+$/.test(contentLength) ||
+            !Number.isSafeInteger(parsedLength)) {
+            return {
+                body: NoBody,
+                contentLength: 0,
+                transferEncoding: null,
+                error: badHTTPMessageError(`bad Content-Length ${contentLength}`),
+            };
+        }
+        return {
+            body: bodyFromString(rawBody.slice(0, parsedLength)),
+            contentLength: parsedLength,
+            transferEncoding: null,
+            error: null,
+        };
+    }
+    if (rawBody === '') {
+        return {
+            body: NoBody,
+            contentLength: 0,
+            transferEncoding: null,
+            error: null,
+        };
+    }
+    return {
+        body: bodyFromString(rawBody),
+        contentLength: -1,
+        transferEncoding: null,
+        error: null,
+    };
+}
+function decodeChunkedBody(rawBody) {
+    let offset = 0;
+    let body = '';
+    while (true) {
+        const lineEnd = rawBody.indexOf('\r\n', offset);
+        if (lineEnd < 0) {
+            return { body: '', error: io.ErrUnexpectedEOF };
+        }
+        const sizeText = rawBody.slice(offset, lineEnd).split(';', 1)[0].trim();
+        const size = Number.parseInt(sizeText, 16);
+        if (!/^[0-9A-Fa-f]+$/.test(sizeText) || !Number.isSafeInteger(size)) {
+            return { body: '', error: badHTTPMessageError('invalid chunk length') };
+        }
+        offset = lineEnd + 2;
+        if (size === 0) {
+            return { body, error: null };
+        }
+        if (offset + size + 2 > rawBody.length) {
+            return { body: '', error: io.ErrUnexpectedEOF };
+        }
+        body += rawBody.slice(offset, offset + size);
+        offset += size;
+        if (rawBody.slice(offset, offset + 2) !== '\r\n') {
+            return { body: '', error: badHTTPMessageError('malformed chunk') };
+        }
+        offset += 2;
+    }
+}
+function bodyFromString(body) {
+    return body === '' ? NoBody : new responseBody($.stringToBytes(body));
+}
+function shouldClose(protoMajor, protoMinor, header) {
+    const connection = Header_Get(header, 'Connection').toLowerCase();
+    if (connection
+        .split(',')
+        .map((part) => part.trim())
+        .includes('close')) {
+        return true;
+    }
+    if (protoMajor < 1 || (protoMajor === 1 && protoMinor === 0)) {
+        return !connection
+            .split(',')
+            .map((part) => part.trim())
+            .includes('keep-alive');
+    }
+    return false;
+}
+function badHTTPMessageError(message) {
+    return errors.New(message);
 }
 export async function ServeContent(w, req, _name, _modtime, content) {
+    await serveContent(w, $.pointerValueOrNil(req), _name, content, null);
+}
+async function serveContent(w, req, name, content, knownSize) {
+    // Browser media seeks depend on FileServer and ServeContent sharing byte-range semantics.
     if (content == null) {
         NotFound(w, req);
         return;
     }
-    const [data, err] = await io.ReadAll(content);
-    if (err != null) {
-        Error(w, err.Error(), StatusInternalServerError);
+    if (w == null) {
         return;
     }
-    w?.WriteHeader(StatusOK);
-    const request = $.pointerValueOrNil(req);
-    if (request?.Method !== MethodHead) {
-        w?.Write(data);
+    const header = await w.Header();
+    if (Header_Get(header, 'Content-Type') === '') {
+        const contentType = mime.TypeByExtension(path.Ext(name));
+        if (contentType !== '') {
+            Header_Set(header, 'Content-Type', contentType);
+        }
+    }
+    const rangeHeader = req?.Header == null ? '' : Header_Get(req.Header, 'Range');
+    if (rangeHeader === '' && knownSize != null) {
+        Header_Set(header, 'Content-Length', String(knownSize));
+        await w.WriteHeader(StatusOK);
+        if (req?.Method !== MethodHead) {
+            await io.Copy(w, content);
+        }
+        return;
+    }
+    const seeker = content;
+    if (typeof seeker.Seek !== 'function') {
+        const [data, err] = await io.ReadAll(content);
+        if (err != null) {
+            Error(w, err.Error(), StatusInternalServerError);
+            return;
+        }
+        const body = data ?? new Uint8Array(0);
+        Header_Set(header, 'Content-Length', String(body.length));
+        await w.WriteHeader(StatusOK);
+        if (req?.Method !== MethodHead) {
+            await w.Write(body);
+        }
+        return;
+    }
+    let size = knownSize;
+    if (size == null) {
+        const [end, err] = await seeker.Seek(0n, io.SeekEnd);
+        if (err != null) {
+            Error(w, err.Error(), StatusInternalServerError);
+            return;
+        }
+        size = Number(end);
+    }
+    const [, seekErr] = await seeker.Seek(0n, io.SeekStart);
+    if (seekErr != null) {
+        Error(w, seekErr.Error(), StatusInternalServerError);
+        return;
+    }
+    Header_Set(header, 'Accept-Ranges', 'bytes');
+    const parsedRange = rangeHeader === '' ? null : parseHTTPRange(rangeHeader, size);
+    if (parsedRange?.error === true) {
+        Header_Set(header, 'Content-Range', `bytes */${size}`);
+        Header_Set(header, 'Content-Length', '0');
+        await w.WriteHeader(StatusRequestedRangeNotSatisfiable);
+        return;
+    }
+    let status = StatusOK;
+    let start = 0;
+    let length = size;
+    if (parsedRange?.range != null) {
+        status = StatusPartialContent;
+        start = parsedRange.range.start;
+        length = parsedRange.range.length;
+        Header_Set(header, 'Content-Range', `bytes ${start}-${start + length - 1}/${size}`);
+    }
+    Header_Set(header, 'Content-Length', String(length));
+    const [, rangeSeekErr] = await seeker.Seek(BigInt(start), io.SeekStart);
+    if (rangeSeekErr != null) {
+        Error(w, rangeSeekErr.Error(), StatusInternalServerError);
+        return;
+    }
+    await w.WriteHeader(status);
+    if (req?.Method === MethodHead) {
+        return;
+    }
+    if (length === 0) {
+        return;
+    }
+    await io.CopyN(w, seeker, BigInt(length));
+}
+function parseHTTPRange(header, size) {
+    if (!header.startsWith('bytes=') || header.includes(',')) {
+        return { range: null, error: true };
+    }
+    const spec = header.slice('bytes='.length).trim();
+    const dash = spec.indexOf('-');
+    if (dash < 0) {
+        return { range: null, error: true };
+    }
+    const startText = spec.slice(0, dash).trim();
+    const endText = spec.slice(dash + 1).trim();
+    if (startText === '' && endText === '') {
+        return { range: null, error: true };
+    }
+    if (size < 0) {
+        return { range: null, error: true };
+    }
+    if (startText === '') {
+        const suffixLength = parseHTTPRangeNumber(endText);
+        if (suffixLength == null || suffixLength <= 0) {
+            return { range: null, error: true };
+        }
+        if (size === 0) {
+            return { range: null, error: true };
+        }
+        const length = Math.min(suffixLength, size);
+        return { range: { start: size - length, length }, error: false };
+    }
+    const start = parseHTTPRangeNumber(startText);
+    if (start == null || start >= size) {
+        return { range: null, error: true };
+    }
+    let end = size - 1;
+    if (endText !== '') {
+        const parsedEnd = parseHTTPRangeNumber(endText);
+        if (parsedEnd == null || parsedEnd < start) {
+            return { range: null, error: true };
+        }
+        end = Math.min(parsedEnd, size - 1);
+    }
+    return { range: { start, length: end - start + 1 }, error: false };
+}
+function parseHTTPRangeNumber(value) {
+    if (!/^[0-9]+$/.test(value)) {
+        return null;
+    }
+    const parsed = Number(value);
+    if (!Number.isSafeInteger(parsed)) {
+        return null;
     }
+    return parsed;
 }
 function readCloserForBody(body) {
     if (body == null) {