From 5e9850414bfa7965f44d9fd5301a596061110a73 Mon Sep 17 00:00:00 2001
From: Marcus Rohrmoser <work@mro.name>
Date: Sun, 6 Jan 2019 22:43:50 +0100
Subject: [PATCH] basic Go pinboard API.

https://github.com/mro/Shaarli-API-test/issues/7
---
 pinboard.go                      | 279 +++++++++++++++++++++++++++++++++++++++
 pinboard.sh                      |  64 +++++++++
 pinboard_test.go                 | 151 +++++++++++++++++++++
 testdata/bookmark/login.html     |  64 +++++++++
 testdata/sebsauvage/login.html   |  51 +++++++
 testdata/shaarligo/linkform.html |  25 ++++
 testdata/v0.10.2/login.html      | 201 ++++++++++++++++++++++++++++
 version.go                       |   3 +
 8 files changed, 838 insertions(+)
 create mode 100644 pinboard.go
 create mode 100755 pinboard.sh
 create mode 100644 pinboard_test.go
 create mode 100644 testdata/bookmark/login.html
 create mode 100644 testdata/sebsauvage/login.html
 create mode 100644 testdata/shaarligo/linkform.html
 create mode 100644 testdata/v0.10.2/login.html
 create mode 100644 version.go

diff --git a/pinboard.go b/pinboard.go
new file mode 100644
index 0000000..9fc58e1
--- /dev/null
+++ b/pinboard.go
@@ -0,0 +1,279 @@
+//
+// Copyright (C) 2019-2019 Marcus Rohrmoser, https://code.mro.name/mro/Shaarli-API-test
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package main
+
+import (
+	"github.com/yhat/scrape"
+	"golang.org/x/net/html"
+	"golang.org/x/net/html/atom"
+	"golang.org/x/net/publicsuffix"
+	"io"
+	"log"
+	"net/http"
+	"net/http/cgi"
+	"net/http/cookiejar"
+	"net/url"
+	"os"
+	"strings"
+	"time"
+)
+
+var GitSHA1 = "Please set -ldflags \"-X main.GitSHA1=$(git rev-parse --short HEAD)\"" // https://medium.com/@joshroppo/setting-go-1-5-variables-at-compile-time-for-versioning-5b30a965d33e
+
+// even cooler: https://stackoverflow.com/a/8363629
+//
+// inspired by // https://coderwall.com/p/cp5fya/measuring-execution-time-in-go
+func trace(name string) (string, time.Time) { return name, time.Now() }
+func un(name string, start time.Time)       { log.Printf("%s took %s", name, time.Since(start)) }
+
+func main() {
+	if true {
+		// lighttpd doesn't seem to like more than one (per-vhost) server.breakagelog
+		log.SetOutput(os.Stderr)
+	} else { // log to custom logfile rather than stderr (may not be reachable on shared hosting)
+	}
+
+	if err := cgi.Serve(http.HandlerFunc(handleMux)); err != nil {
+		log.Fatal(err)
+	}
+}
+
+// https://pinboard.in/api
+//
+// All API methods are GET requests, even when good REST habits suggest they should use a different verb.
+//
+// v1/posts/add
+// v1/posts/delete
+// v1/posts/get
+func handleMux(w http.ResponseWriter, r *http.Request) {
+	defer un(trace(strings.Join([]string{"v", version, "+", GitSHA1, " ", r.RemoteAddr, " ", r.Method, " ", r.URL.String()}, "")))
+	// w.Header().Set("Server", strings.Join([]string{myselfNamespace, CurrentShaarliGoVersion}, "#"))
+	// w.Header().Set("X-Powered-By", strings.Join([]string{myselfNamespace, CurrentShaarliGoVersion}, "#"))
+	//	now := time.Now()
+
+	path_info := os.Getenv("PATH_INFO")
+	base := *r.URL
+	base.Path = base.Path[0:len(base.Path)-len(path_info)] + "/../index.php"
+	// script_name := os.Getenv("SCRIPT_NAME")
+	//	urlBase := mustParseURL(string(xmlBaseFromRequestURL(r.URL, os.Getenv("SCRIPT_NAME"))))
+	w.Header().Set("Content-Type", "text/plain; charset=utf-8")
+
+	switch path_info {
+	case "/v1/info":
+		io.WriteString(w, "r.URL: "+r.URL.String()+"\n")
+		io.WriteString(w, "base: "+base.String()+"\n")
+
+		return
+	case "/v1/posts/add":
+		uid, pwd, ok := r.BasicAuth()
+		if !ok {
+			http.Error(w, "Basic Pre-Authentication required.", http.StatusUnauthorized)
+			return
+		}
+
+		if "GET" != r.Method {
+			http.Error(w, "All API methods are GET requests, even when good REST habits suggest they should use a different verb.", http.StatusMethodNotAllowed)
+			return
+		}
+
+		params := r.URL.Query()
+		if 1 != len(params["url"]) {
+			http.Error(w, "Required parameter missing: url", http.StatusBadRequest)
+			return
+		}
+		p_url := params["url"][0]
+
+		if 1 != len(params["description"]) {
+			http.Error(w, "Required parameter missing: description", http.StatusBadRequest)
+			return
+		}
+		p_description := params["description"][0]
+
+		p_extended := ""
+		if 1 == len(params["extended"]) {
+			p_extended = params["extended"][0]
+		}
+
+		p_tags := ""
+		if 1 == len(params["tags"]) {
+			p_tags = params["tags"][0]
+		}
+
+		v := url.Values{}
+		v.Set("post", p_url)
+		v.Set("title", p_description)
+		base.RawQuery = v.Encode()
+
+		// https://stackoverflow.com/a/18414432
+		options := cookiejar.Options{
+			PublicSuffixList: publicsuffix.List,
+		}
+		jar, err := cookiejar.New(&options)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+		client := http.Client{Jar: jar}
+		resp, err := client.Get(base.String())
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusBadGateway)
+			return
+		}
+		form, err := formValuesFromReader(resp.Body, "loginform")
+		resp.Body.Close()
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusInternalServerError)
+			return
+		}
+
+		form.Set("login", uid)
+		form.Set("password", pwd)
+		form.Set("returnurl", r.URL.String())
+		resp, err = client.PostForm(resp.Request.URL.String(), form)
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusBadGateway)
+			return
+		}
+
+		form, err = formValuesFromReader(resp.Body, "linkform")
+		resp.Body.Close()
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusBadGateway)
+			return
+		}
+		// if we do not have a linkform, auth must have failed.
+		if 0 == len(form) {
+			http.Error(w, "Authentication failed", http.StatusForbidden)
+			return
+		}
+
+		// form.Set("lf_linkdate", "20190106_172531")
+		form.Set("lf_url", p_url)
+		form.Set("lf_title", p_description)
+		form.Set("lf_description", p_extended)
+		form.Set("lf_tags", p_tags)
+
+		resp, err = client.PostForm(resp.Request.URL.String(), form)
+		resp.Body.Close()
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusBadGateway)
+			return
+		}
+
+		w.Header().Set("Content-Type", "text/xml; charset=utf-8")
+		io.WriteString(w, "<?xml version='1.0' encoding='UTF-8' ?><result code='done' />")
+		return
+	case "/v1/posts/delete":
+		_, _, ok := r.BasicAuth()
+		if !ok {
+			http.Error(w, "Basic Pre-Authentication required.", http.StatusUnauthorized)
+			return
+		}
+
+		if "GET" != r.Method {
+			http.Error(w, "All API methods are GET requests, even when good REST habits suggest they should use a different verb.", http.StatusMethodNotAllowed)
+			return
+		}
+
+		params := r.URL.Query()
+		if 1 != len(params["url"]) {
+			http.Error(w, "Required parameter missing: url", http.StatusBadRequest)
+			return
+		}
+		// p_url := params["url"][0]
+
+		io.WriteString(w, "bhb")
+		return
+	case "/v1/posts/update":
+		_, _, ok := r.BasicAuth()
+		if !ok {
+			http.Error(w, "Basic Pre-Authentication required.", http.StatusUnauthorized)
+			return
+		}
+
+		if "GET" != r.Method {
+			http.Error(w, "All API methods are GET requests, even when good REST habits suggest they should use a different verb.", http.StatusMethodNotAllowed)
+			return
+		}
+
+		w.Header().Set("Content-Type", "text/xml; charset=utf-8")
+		io.WriteString(w, "<?xml version='1.0' encoding='UTF-8' ?><update time='2011-03-24T19:02:07Z' />")
+		return
+	case "/v1/posts/get":
+		_, _, ok := r.BasicAuth()
+		if !ok {
+			http.Error(w, "Basic Pre-Authentication required.", http.StatusUnauthorized)
+			return
+		}
+
+		if "GET" != r.Method {
+			http.Error(w, "All API methods are GET requests, even when good REST habits suggest they should use a different verb.", http.StatusMethodNotAllowed)
+			return
+		}
+
+		params := r.URL.Query()
+		if 1 != len(params["url"]) {
+			http.Error(w, "Required parameter missing: url", http.StatusBadRequest)
+			return
+		}
+		// p_url := params["url"][0]
+
+		return
+	case "/v1/posts/recent":
+	case "/v1/posts/dates":
+	case "/v1/posts/suggest":
+	case "/v1/tags/get":
+	case "/v1/tags/delete":
+	case "/v1/tags/rename":
+	case "/v1/user/secret":
+	case "/v1/user/api_token":
+	case "/v1/notes/list":
+	case "/v1/notes/ID":
+		http.Error(w, "Not Implemented", http.StatusNotImplemented)
+		return
+	}
+	http.NotFound(w, r)
+}
+
+func formValuesFromReader(r io.Reader, name string) (ret url.Values, err error) {
+	root, err := html.Parse(r)
+	if err != nil {
+		return ret, err
+	}
+
+	for _, form := range scrape.FindAll(root, func(n *html.Node) bool { return atom.Form == n.DataAtom }) {
+		if name != scrape.Attr(form, "name") && name != scrape.Attr(form, "id") {
+			continue
+		}
+		ret := url.Values{}
+		for _, inp := range scrape.FindAll(form, func(n *html.Node) bool { return atom.Input == n.DataAtom || atom.Textarea == n.DataAtom }) {
+			n := scrape.Attr(inp, "name")
+			if n == "" {
+				n = scrape.Attr(inp, "id")
+			}
+			ty := scrape.Attr(inp, "type")
+			v := scrape.Attr(inp, "value")
+			if v == "" && ty == "checkbox" {
+				v = scrape.Attr(inp, "checked")
+			}
+			ret.Set(n, v)
+		}
+		return ret, err // return on first occurence
+	}
+	return ret, err
+}
diff --git a/pinboard.sh b/pinboard.sh
new file mode 100755
index 0000000..446e31d
--- /dev/null
+++ b/pinboard.sh
@@ -0,0 +1,64 @@
+#!/bin/sh
+# https://golang.org/doc/install/source#environment
+#
+
+cd "$(dirname "${0}")" || exit 1
+# $ uname -s -m
+# Darwin x86_64
+# Linux x86_64
+# Linux armv6l
+
+say="say"
+parm="" # "-u"
+{
+  "${say}" "go get"
+    go get ${parm} \
+    golang.org/x/net/html \
+    \
+    github.com/stretchr/testify \
+    github.com/yhat/scrape
+}
+
+PROG_NAME="pinboard"
+VERSION="$(grep -F 'version = ' version.go | cut -d \" -f 2)"
+
+rm "${PROG_NAME}"-*-"${VERSION}" 2>/dev/null
+
+"${say}" "test"
+umask 0022
+go fmt && go vet && go test --short || { exit $?; }
+"${say}" "ok"
+
+"${say}" "build localhost"
+go build -ldflags "-s -w -X main.GitSHA1=$(git rev-parse --short HEAD)" -o ~/public_html/b/pinboard.cgi || { echo "Aua" 1>&2 && exit 1; }
+"${say}" "ok"
+# open "http://localhost/~$(whoami)/b/pinboard.cgi"
+
+"${say}" bench
+go test -bench=.
+"${say}" ok
+
+"${say}" "linux build"
+# http://dave.cheney.net/2015/08/22/cross-compilation-with-go-1-5
+env GOOS=linux GOARCH=amd64 go build -ldflags="-s -w -X main.GitSHA1=$(git rev-parse --short HEAD)" -o "${PROG_NAME}-linux-amd64-${VERSION}" || { echo "Aua" 1>&2 && exit 1; }
+# env GOOS=linux GOARCH=arm GOARM=6 go build -ldflags="-s -w -X main.GitSHA1=$(git rev-parse --short HEAD)" -o "${PROG_NAME}-linux-arm-${VERSION}" || { echo "Aua" 1>&2 && exit 1; }
+# env GOOS=linux GOARCH=386 GO386=387 go build -o "${PROG_NAME}-linux-386-${VERSION}" # https://github.com/golang/go/issues/11631
+# env GOOS=darwin GOARCH=amd64 go build -o "${PROG_NAME}-darwin-amd64-${VERSION}"
+
+
+"${say}" "simply"
+# scp "ServerInfo.cgi" simply:/var/www/lighttpd/h4u.r-2.eu/public_html/"info.cgi"
+gzip --force --best "${PROG_NAME}"-*-"${VERSION}" \
+&& chmod a-x "${PROG_NAME}"-*-"${VERSION}.gz" \
+&& rsync -vp --bwlimit=1234 "${PROG_NAME}"-*-"${VERSION}.gz" "simply:/tmp/" \
+&& ssh simply "sh -c 'cd /var/www/lighttpd/l.mro.name/public_html/ && cp "/tmp/${PROG_NAME}-linux-amd64-${VERSION}.gz" pinboard_cgi.gz && gunzip < pinboard_cgi.gz > pinboard.cgi && chmod a+x pinboard.cgi && ls -l pinboard?cgi*'" \
+&& ssh simply "sh -c 'cd /var/www/lighttpd/b.r-2.eu/public_html/u/ && cp /var/www/lighttpd/l.mro.name/public_html/pinboard?cgi* .'"
+
+ssh simply "sh -c 'cd /var/www/lighttpd/b.mro.name/public_html/u/ && cp /var/www/lighttpd/l.mro.name/public_html/pinboard?cgi* . && ls -l pinboard?cgi*'"
+"${say}" "ok"
+
+"${say}" "vario"
+# scp "ServerInfo.cgi" vario:~/mro.name/webroot/b/"info.cgi"
+ssh vario "sh -c 'cd ~/mro.name/webroot/b/ && curl -L http://purl.mro.name/pinboard_cgi.gz | tee pinboard_cgi.gz | gunzip > pinboard.cgi && chmod a+x pinboard.cgi && ls -l pinboard?cgi*'"
+"${say}" "ok"
+
diff --git a/pinboard_test.go b/pinboard_test.go
new file mode 100644
index 0000000..32469a6
--- /dev/null
+++ b/pinboard_test.go
@@ -0,0 +1,151 @@
+//
+// Copyright (C) 2019-2019 Marcus Rohrmoser, https://code.mro.name/mro/Shaarli-API-test
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+
+package main
+
+import (
+	"fmt"
+	"net/url"
+	"os"
+
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func TestURL(t *testing.T) {
+	t.Parallel()
+
+	u, _ := url.Parse("https://l.mro.name/pinboard.cgi/v1/info")
+	assert.Equal(t, "https://l.mro.name/pinboard.cgi/v1/info", u.String(), "ach")
+
+	base := *u
+	assert.Equal(t, "https://l.mro.name/pinboard.cgi/v1/info", base.String(), "ach")
+
+	path_info := "/v1/info"
+	base.Path = base.Path[0:len(base.Path)-len(path_info)] + "/../index.php"
+	assert.Equal(t, "https://l.mro.name/pinboard.cgi/../index.php", base.String(), "ach")
+
+	v := url.Values{}
+	v.Set("post", "uhu")
+	base.RawQuery = v.Encode()
+	assert.Equal(t, "https://l.mro.name/pinboard.cgi/../index.php?post=uhu", base.String(), "ach")
+}
+
+func TestFormValuesFromHtml(t *testing.T) {
+	file, err := os.Open("testdata/v0.10.2/login.html") // curl --location --output testdata/login.html 'https://demo.shaarli.org/?post=https://demo.mro.name/shaarligo'
+	assert.Nil(t, err, "soso")
+	ips, _ := formValuesFromReader(file, "loginform")
+	assert.Equal(t, 40, len(ips["token"][0]), "form.token")
+	// assert.Equal(t, "", ips["returnurl"][0], "form.returnurl")
+	assert.Equal(t, "Login", ips[""][0], "form.")
+	assert.Equal(t, "", ips["login"][0], "form.login")
+	assert.Equal(t, "", ips["password"][0], "form.password")
+	assert.Equal(t, "", ips["longlastingsession"][0], "form.longlastingsession")
+	file.Close()
+
+	file, err = os.Open("testdata/sebsauvage/login.html") // curl --location --output testdata/login.html 'https://demo.shaarli.org/?post=https://demo.mro.name/shaarligo'
+	assert.Nil(t, err, "soso")
+	ips, _ = formValuesFromReader(file, "loginform")
+	assert.Equal(t, 40, len(ips["token"][0]), "form.token")
+	// assert.Equal(t, "", ips["returnurl"][0], "form.returnurl")
+	assert.Equal(t, "Login", ips[""][0], "form.")
+	assert.Equal(t, "", ips["login"][0], "form.login")
+	assert.Equal(t, "", ips["password"][0], "form.password")
+	assert.Equal(t, "", ips["longlastingsession"][0], "form.longlastingsession")
+	file.Close()
+
+	file, err = os.Open("testdata/bookmark/login.html") // curl --location --output testdata/login.html 'https://demo.shaarli.org/?post=https://demo.mro.name/shaarligo'
+	assert.Nil(t, err, "soso")
+	ips, _ = formValuesFromReader(file, "loginform")
+	assert.Equal(t, 40, len(ips["token"][0]), "form.token")
+	// assert.Equal(t, "", ips["returnurl"][0], "form.returnurl")
+	assert.Equal(t, "Login", ips[""][0], "form.")
+	assert.Equal(t, "", ips["login"][0], "form.login")
+	assert.Equal(t, "", ips["password"][0], "form.password")
+	assert.Equal(t, "", ips["longlastingsession"][0], "form.longlastingsession")
+	file.Close()
+
+	file, err = os.Open("testdata/shaarligo/linkform.html") // curl --location --output testdata/login.html 'https://demo.shaarli.org/?post=https://demo.mro.name/shaarligo'
+	assert.Nil(t, err, "soso")
+	ips, _ = formValuesFromReader(file, "linkform")
+	assert.Equal(t, 40, len(ips["token"][0]), "form.token")
+	assert.Equal(t, "", ips["returnurl"][0], "form.returnurl")
+	assert.Equal(t, "20190106_172531", ips["lf_linkdate"][0], "form.lf_linkdate")
+	assert.Equal(t, "", ips["lf_url"][0], "form.lf_url")
+	assert.Equal(t, "uhu", ips["lf_title"][0], "form.lf_title")
+	assert.Equal(t, "", ips["lf_description"][0], "form.lf_description")
+	assert.Equal(t, "", ips["lf_tags"][0], "form.lf_tags")
+	assert.Equal(t, "Save", ips["save_edit"][0], "form.save_edit")
+	file.Close()
+
+	/*
+	   	<?xml version="1.0" encoding="UTF-8"?>
+	   <?xml-stylesheet type='text/xsl' href='./assets/default/de/do-post.xslt'?>
+	   <!--
+	     must be compatible with https://code.mro.name/mro/Shaarli-API-test/src/master/tests/test-post.sh
+	     https://code.mro.name/mro/ShaarliOS/src/1d124e012933d1209d64071a90237dc5ec6372fc/ios/ShaarliOS/API/ShaarliCmd.m#L386
+	   -->
+	   <html xmlns="http://www.w3.org/1999/xhtml" xml:base="https://l.mro.name/">
+	   <head><title>{ 🔗 🐳 🚀 💫  }</title></head>
+	   <body>
+	     <ul id="taglist" style="display:none"></ul>
+	     <form method="post" name="linkform">
+	       <input name="lf_linkdate" type="hidden" value="20190106_172531"/>
+	       <input name="lf_url" type="text" value=""/>
+	       <input name="lf_title" type="text" value="uhu"/>
+	       <textarea name="lf_description" rows="4" cols="25"></textarea>
+	       <input name="lf_tags" type="text" data-multiple="data-multiple" value=""/>
+	       <input name="lf_private" type="checkbox" value=""/>
+	       <input name="save_edit" type="submit" value="Save"/>
+	       <input name="cancel_edit" type="submit" value="Cancel"/>
+	       <input name="token" type="hidden" value="d9aab65f6ca2462449079d72d5321ebae0ec8325"/>
+	       <input name="returnurl" type="hidden" value=""/>
+	       <input name="lf_image" type="hidden" value=""/>
+	     </form>
+	   </body>
+	   </html>
+	*/
+}
+
+func TestRailRoad(t *testing.T) {
+	fa := func(success bool) (ret string, err error) {
+		if !success {
+			return "fail", fmt.Errorf("failure")
+		}
+		return "ok", err
+	}
+	fb := func(s string, err0 error) (int, error) {
+		if err0 != nil {
+			return 0, err0
+		}
+		ret := 1
+		if s == "ok" {
+			ret = 2
+		}
+		return ret, err0
+	}
+	{
+		v, e := fb(fa(true))
+		assert.Equal(t, 2, v, "success")
+		assert.Equal(t, nil, e, "success")
+	}
+	{
+		v, e := fb(fa(false))
+		assert.Equal(t, 0, v, "success")
+		assert.Equal(t, "failure", e.Error(), "success")
+	}
+}
diff --git a/testdata/bookmark/login.html b/testdata/bookmark/login.html
new file mode 100644
index 0000000..8885453
--- /dev/null
+++ b/testdata/bookmark/login.html
@@ -0,0 +1,64 @@
+<!DOCTYPE html>
+<html>
+<head><title>my bookmarks</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="format-detection" content="telephone=no" />
+<meta name="viewport" content="width=device-width,initial-scale=1.0" />
+<meta name="generator" content="https://github.com/mro/Shaarli/tree/release/links.mro.name with https://github.com/mrjovanovic/serious-theme-shaarli" />
+<link rel="alternate" type="application/rss+xml" href="https://bookmark.ripf.de/?do=rss" title="RSS Feed" />
+<link rel="alternate" type="application/atom+xml" href="https://bookmark.ripf.de/?do=atom" title="ATOM Feed" />
+<!-- link href="images/favicon.ico#" rel="shortcut icon" type="image/x-icon" / -->
+<link href="images/favicon-32x32.png" rel="shortcut icon" type="image/png" />
+<link href="images/favicon-128x128.png" rel="apple-touch-icon" type="image/png" />
+<link type="text/css" rel="stylesheet" href="tpl/./../inc/reset.css" />
+<link type="text/css" rel="stylesheet" href="inc/shaarli.css?version=0.0.43beta" />
+<link type="text/css" rel="stylesheet" href="inc/user.css?version=0.0.43beta" />
+</head>
+<body onload="document.loginform.login.focus();">
+<div id="pageheader">
+	
+    <div id="logo" title="Share your links !" onclick="document.location='?';"></div>
+    <div id="linkcount" class="nomobile">Shaare your links...<br>
+        </div>
+    <span id="shaarli_title"><a href="?">my bookmarks</a></span>
+  
+
+    <a href="?" class="nomobile">Home</a>
+    
+        <a href="?do=login">Login</a>
+    
+    <a href="https://bookmark.ripf.de/?do=rss" class="nomobile">RSS Feed</a>
+    
+        <a href="https://bookmark.ripf.de/?do=atom" class="nomobile">ATOM Feed</a>
+    
+    <a href="?do=tagcloud">Tag cloud</a>
+    <a href="?do=picwall">Picture wall</a>
+    <a href="?do=daily">Daily</a>
+
+    <div class="clear"></div>
+
+
+
+
+	<div id="headerform">
+
+    <form method="post" name="loginform">
+    Login: <input type="text" name="login" tabindex="1">&nbsp;&nbsp;&nbsp;
+    Password : <input type="password" name="password" tabindex="2">
+    <input type="submit" value="Login" class="bigbutton" tabindex="4"><br>
+    <input type="checkbox" name="longlastingsession" id="longlastingsession" tabindex="3"><label for="longlastingsession">&nbsp;Stay signed in (Do not check on public computers)</label>
+    <input type="hidden" name="token" value="343829b5f1f318f48c8b4ffea74aacd2f2634bd3">
+    
+    </form>
+
+    </div>
+</div>
+
+<div id="footer">
+    <b><a href="https://github.com/shaarli/Shaarli">Shaarli</a></b> - The personal, minimalist, super-fast, no-database delicious clone by the <a href="https://github.com/shaarli/Shaarli">Shaarli</a> community.
+</div>
+
+
+
+</body>
+</html>
diff --git a/testdata/sebsauvage/login.html b/testdata/sebsauvage/login.html
new file mode 100644
index 0000000..715fd97
--- /dev/null
+++ b/testdata/sebsauvage/login.html
@@ -0,0 +1,51 @@
+<!DOCTYPE html>
+<html>
+<head><title>Liens en vrac de sebsauvage</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="format-detection" content="telephone=no" />
+<meta name="viewport" content="width=device-width,initial-scale=1.0" />
+<link rel="alternate" type="application/rss+xml" href="https://sebsauvage.net/links/?do=rss" title="RSS Feed" />
+<link rel="alternate" type="application/atom+xml" href="https://sebsauvage.net/links/?do=atom" title="ATOM Feed" />
+<link href="images/favicon.ico" rel="shortcut icon" type="image/x-icon" />
+<link type="text/css" rel="stylesheet" href="inc/shaarli.css?version=0.0.41+beta+-+2009-09-27" />
+</head>
+<body onload="document.loginform.login3.focus();">
+<div id="pageheader">
+	    <div id="logo" title="Share your links !" onclick="document.location='?';"></div>
+    <div style="float:right; font-style:italic; color:#bbb; text-align:right; padding:0 5 0 0;" class="nomobile">Shaare your links...<br>
+        </div>
+    <span id="shaarli_title"><a href="?">Liens en vrac de sebsauvage</a></span>
+  
+    <a href="?" class="nomobile">Home</a>
+            <a href="?do=login">Login</a>
+        <a href="https://sebsauvage.net/links/?do=rss" class="nomobile">RSS Feed</a>
+    <a href="https://sebsauvage.net/links/?do=atom" style="padding-left:10px;" class="nomobile">ATOM Feed</a>
+    <a href="?do=tagcloud">Tag cloud</a>
+    <a href="?do=picwall">Picture wall</a>
+    <a href="?do=daily">Daily</a>
+    <div class="clear"></div>
+
+
+
+
+	<div id="headerform">
+
+    <form method="post" name="loginform">
+    Login: <input type="text" name="login" tabindex="2">&nbsp;&nbsp;&nbsp;
+    Password : <input type="password" name="password" tabindex="4">
+    <input type="submit" value="Login" class="bigbutton" tabindex="5"><br>
+    <input style="margin:10 0 0 40;" type="checkbox" name="longlastingsession" id="longlastingsession"  tabindex="6"><label for="longlastingsession">&nbsp;Stay signed in (Do not check on public computers)</label>
+    <input type="hidden" name="token" value="5abfbd2e883dd7e3aa4368e33dfb01f4eb30f706">
+    
+    </form>
+
+    </div>
+</div>
+
+<div id="footer">
+    <b><a href="http://sebsauvage.net/wiki/doku.php?id=php:shaarli">Shaarli 0.0.41 beta - 2009-09-27</a></b> - The personal, minimalist, super-fast, no-database delicious clone. By <a href="http://sebsauvage.net" target="_blank">sebsauvage.net</a>. Theme by <a href="http://blog.idleman.fr" target="_blank">idleman.fr</a>.  I'm on <a rel="me" href="https://framapiaf.org/@sebsauvage">Mastodon</a>.
+    
+</div>
+
+</body>
+</html>
diff --git a/testdata/shaarligo/linkform.html b/testdata/shaarligo/linkform.html
new file mode 100644
index 0000000..1815e57
--- /dev/null
+++ b/testdata/shaarligo/linkform.html
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?xml-stylesheet type='text/xsl' href='./assets/default/de/do-post.xslt'?>
+<!--
+  must be compatible with https://code.mro.name/mro/Shaarli-API-test/src/master/tests/test-post.sh
+  https://code.mro.name/mro/ShaarliOS/src/1d124e012933d1209d64071a90237dc5ec6372fc/ios/ShaarliOS/API/ShaarliCmd.m#L386
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:base="https://l.mro.name/">
+<head><title>{ 🔗 🐳 🚀 💫  }</title></head>
+<body>
+  <ul id="taglist" style="display:none"></ul>
+  <form method="post" name="linkform">
+    <input name="lf_linkdate" type="hidden" value="20190106_172531"/>
+    <input name="lf_url" type="text" value=""/>
+    <input name="lf_title" type="text" value="uhu"/>
+    <textarea name="lf_description" rows="4" cols="25"></textarea>
+    <input name="lf_tags" type="text" data-multiple="data-multiple" value=""/>
+    <input name="lf_private" type="checkbox" value=""/>
+    <input name="save_edit" type="submit" value="Save"/>
+    <input name="cancel_edit" type="submit" value="Cancel"/>
+    <input name="token" type="hidden" value="d9aab65f6ca2462449079d72d5321ebae0ec8325"/>
+    <input name="returnurl" type="hidden" value=""/>
+    <input name="lf_image" type="hidden" value=""/>
+  </form>
+</body>
+</html>
diff --git a/testdata/v0.10.2/login.html b/testdata/v0.10.2/login.html
new file mode 100644
index 0000000..f197f72
--- /dev/null
+++ b/testdata/v0.10.2/login.html
@@ -0,0 +1,201 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Login - Shaarli demo (master)</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="format-detection" content="telephone=no" />
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<meta name="referrer" content="same-origin">
+<link rel="alternate" type="application/atom+xml" href="https://demo.shaarli.org/?do=atom" title="ATOM Feed" />
+<link rel="alternate" type="application/rss+xml" href="https://demo.shaarli.org/?do=rss" title="RSS Feed" />
+<link href="tpl/default/./img/favicon.png" rel="shortcut icon" type="image/png" />
+<link href="tpl/default/./img/apple-touch-icon.png" rel="apple-touch-icon" sizes="180x180" />
+<link type="text/css" rel="stylesheet" href="tpl/default/./css/shaarli.min.css?v=5ada135e9157e4477fd78314662cf56b575d2a938c79c8794e725bf6d712b9d5" />
+
+
+<link rel="search" type="application/opensearchdescription+xml" href="?do=opensearch" title="Shaarli search - Shaarli demo (master)"/>
+
+
+</head>
+<body>
+<div class="shaarli-menu pure-g" id="shaarli-menu">
+  <div class="pure-u-lg-0 pure-u-1">
+    <div class="pure-menu">
+      <a href="?" class="pure-menu-link shaarli-title" id="shaarli-title-mobile">
+        <img src="tpl/default/./img/icon.png" width="16" height="16" class="head-logo" alt="" />
+        Shaarli demo (master)
+      </a>
+      <a href="#" class="menu-toggle" id="menu-toggle"><s class="bar"></s><s class="bar"></s></a>
+    </div>
+  </div>
+  <div class="pure-u-1">
+    <div class="pure-menu menu-transform pure-menu-horizontal pure-g">
+      <ul class="pure-menu-list pure-u-lg-5-6 pure-u-1">
+        <li class="pure-menu-item pure-u-0 pure-u-lg-visible">
+          <a href="?" class="pure-menu-link shaarli-title" id="shaarli-title-desktop">
+            <img src="tpl/default/./img/icon.png" width="16" height="16" class="head-logo" alt="" />
+            Shaarli demo (master)
+          </a>
+        </li>
+        
+        <li class="pure-menu-item" id="shaarli-menu-tags">
+          <a href="?do=tagcloud" class="pure-menu-link">Tag cloud</a>
+        </li>
+        
+          <li class="pure-menu-item" id="shaarli-menu-picwall">
+            <a href="?do=picwall" class="pure-menu-link">Picture wall</a>
+          </li>
+        
+        <li class="pure-menu-item" id="shaarli-menu-daily">
+          <a href="?do=daily" class="pure-menu-link">Daily</a>
+        </li>
+        
+        <li class="pure-menu-item pure-u-lg-0 shaarli-menu-mobile" id="shaarli-menu-mobile-rss">
+            <a href="?do=atom" class="pure-menu-link">RSS Feed</a>
+        </li>
+        
+          <li class="pure-menu-item pure-u-lg-0 shaarli-menu-mobile" id="shaarli-menu-mobile-login">
+            <a href="?do=login" class="pure-menu-link">Login</a>
+          </li>
+        
+      </ul>
+      <div class="header-buttons pure-u-lg-1-6 pure-u-0 pure-u-lg-visible">
+        <ul class="pure-menu-list">
+          <li class="pure-menu-item" id="shaarli-menu-desktop-search">
+            <a href="#" class="pure-menu-link subheader-opener"
+               data-open-id="search"
+               id="search-button" title="Search">
+              <i class="fa fa-search"></i>
+            </a>
+          </li>
+          <li class="pure-menu-item" id="shaarli-menu-desktop-rss">
+            <a href="?do=atom" class="pure-menu-link" title="RSS Feed">
+              <i class="fa fa-rss"></i>
+            </a>
+          </li>
+          
+            <li class="pure-menu-item" id="shaarli-menu-desktop-login">
+              <a href="?do=login" class="pure-menu-link"
+                 data-open-id="header-login-form"
+                 id="login-button" title="Login">
+                <i class="fa fa-user"></i>
+              </a>
+            </li>
+          
+        </ul>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div id="content" class="container">
+  <div id="search" class="subheader-form searchform-block header-search">
+    <form method="GET" class="pure-form searchform" name="searchform">
+      <input type="text" tabindex="1" id="searchform_value" name="searchterm" placeholder="Search text"
+             
+      >
+      <input type="text" tabindex="2" name="searchtags" id="tagfilter_value" placeholder="Filter by tag"
+             
+      autocomplete="off" data-multiple data-autofirst data-minChars="1"
+      data-list="opensource, software, "
+      >
+      <button type="submit" class="search-button"><i class="fa fa-search"></i></button>
+    </form>
+  </div>
+  <div id="actions" class="subheader-form">
+    <div class="pure-g">
+      <div class="pure-u-1">
+        <a href="" id="actions-delete" class="button">Delete</a>
+      </div>
+    </div>
+  </div>
+  
+    <form method="post" name="loginform">
+      <div class="subheader-form header-login-form" id="header-login-form">
+        <input type="text" name="login" placeholder="Username" tabindex="3">
+        <input type="password" name="password" placeholder="Password" tabindex="5">
+        <div class="remember-me">
+          <input type="checkbox" name="longlastingsession" id="longlastingsession" tabindex="6" checked>
+          <label for="longlastingsession">Remember me</label>
+        </div>
+        <input type="hidden" name="token" value="26f8581e78f78f286c7dc11dcc85fda88125c83c">
+        <input type="hidden" name="returnurl">
+        <input type="submit" value="Login" tabindex="7">
+      </div>
+    </form>
+  
+
+
+
+
+
+
+  <div class="clear"></div>
+
+
+  <div class="pure-g">
+    <div class="pure-u-lg-1-3 pure-u-1-24"></div>
+    <div id="login-form" class="page-form page-form-light pure-u-lg-1-3 pure-u-22-24 login-form-container">
+      <form method="post" name="loginform">
+        <h2 class="window-title">Login</h2>
+        <div>
+          <input type="text" name="login" placeholder="Username"
+              class="autofocus" tabindex="20">
+        </div>
+        <div>
+          <input type="password" name="password" placeholder="Password" class="autofocus" tabindex="21">
+        </div>
+        <div class="remember-me">
+          <input type="checkbox" name="longlastingsession" id="longlastingsessionform"
+             checked="checked"
+             tabindex="22">
+          <label for="longlastingsessionform">Remember me</label>
+        </div>
+        <div>
+          <input type="submit" value="Login" class="bigbutton" tabindex="23">
+        </div>
+        <input type="hidden" name="token" value="26f8581e78f78f286c7dc11dcc85fda88125c83c">
+        
+      </form>
+    </div>
+    <div class="pure-u-lg-1-3 pure-u-1-8"></div>
+  </div>
+
+
+</div>
+
+<div class="pure-g">
+  <div class="pure-u-2-24"></div>
+  <div id="footer" class="pure-u-20-24 footer-container">
+    <strong><a href="https://github.com/shaarli/Shaarli">Shaarli</a></strong>
+    
+    &middot;
+    The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community &middot;
+    <a href="doc/html/index.html" rel="nofollow">Documentation</a>
+      
+  </div>
+  <div class="pure-u-2-24"></div>
+</div>
+
+<input type="hidden" name="token" value="26f8581e78f78f286c7dc11dcc85fda88125c83c" id="token" />
+
+
+
+
+
+<div id="js-translations" class="hidden">
+  <span id="translation-fold">Fold</span>
+  <span id="translation-fold-all">Fold all</span>
+  <span id="translation-expand">Expand</span>
+  <span id="translation-expand-all">Expand all</span>
+  <span id="translation-delete-link">Are you sure you want to delete this link?</span>
+  <span id="translation-shaarli-desc">
+    The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community
+  </span>
+</div>
+
+<script src="tpl/default/./js/shaarli.min.js?v=5ada135e9157e4477fd78314662cf56b575d2a938c79c8794e725bf6d712b9d5"></script>
+
+</body>
+</html>
+
diff --git a/version.go b/version.go
new file mode 100644
index 0000000..c3f82fa
--- /dev/null
+++ b/version.go
@@ -0,0 +1,3 @@
+package main
+
+const version = "0.0.1"
-- 
2.11.4.GIT