| /src/handler.js |
|---|
| @@ -13,26 +13,16 @@ |
|---|
| const util = require('util'); |
| const EventEmitter = require('events').EventEmitter; |
| |
| // Local imports. |
| const Cache = require( |
| path |
| .resolve( |
| path.dirname(require.main.filename), |
| 'src', |
| 'cache' |
| ) |
| ); |
| const was = require( |
| path |
| .resolve( |
| path.dirname(require.main.filename), |
| 'src', |
| 'was' |
| ) |
| ); |
| // Checks whether userPath is a child of rootPath. |
| function isRooted(userPath, rootPath, separator, callback) { |
| userPath = userPath.split(separator).filter(Boolean); |
| rootPath = rootPath.split(separator).filter(Boolean); |
| callback(userPath.length >= rootPath.length && |
| rootPath.every((e, i) => e === userPath[i])); |
| } |
| |
| // Serves files. |
| function files(self, config, file, client, cache) { |
| function files(self, config, file, client) { |
| // Check if the file is accessible. |
| fs.access(file, fs.constants.R_OK, (error) => { |
| if (error) { |
| @@ -55,15 +45,26 @@ |
|---|
| }); |
| return; |
| } |
| |
| cache.process(file, fs.createReadStream(file), mime.lookup(file)) |
| .on('data', (result) => self.emit('data', result)) |
| .on('log', (data) => self.emit('log', data)); |
| self.emit('log', { |
| message: 'Client: ' + |
| client.address + ':' + |
| client.port + |
| ' sent file: ' + |
| file, |
| severity: 'info' |
| }); |
| self.emit('data', { |
| status: 200, |
| data: fs |
| .createReadStream(file), |
| type: mime |
| .lookup(file) |
| }); |
| }); |
| } |
| |
| // Serves a directory listing or the document index in case it exists. |
| function index(self, config, directory, href, client, cache) { |
| function index(self, config, directory, href, client) { |
| const root = path.resolve(directory, config.site.index); |
| fs.stat(root, (error, stats) => { |
| if (error) { |
| @@ -91,15 +92,25 @@ |
|---|
| }); |
| return; |
| } |
| cache.process(directory, new stream.Readable({ |
| self.emit('log', { |
| message: 'Client: ' + |
| client.address + ':' + |
| client.port + |
| ' accessed directory listing: ' + |
| directory, |
| severity: 'info' |
| }); |
| self.emit('data', { |
| status: 200, |
| data: new stream.Readable({ |
| read(size) { |
| this.push(JSON.stringify(paths)); |
| this.push(null); |
| } |
| }), 'application/json') |
| .on('data', (result) => self.emit('data', result)) |
| .on('log', (data) => self.emit('log', data)); |
| }), |
| type: 'application/json' |
| }); |
| }); |
| return; |
| } |
| // Could not access directory index file and directory listing not allowed. |
| @@ -145,15 +156,25 @@ |
|---|
| }); |
| return; |
| } |
| cache.process(root, fs.createReadStream(root), mime.lookup(root)) |
| .on('data', (result) => self.emit('data', result)) |
| .on('log', (data) => self.emit('log', data)); |
| self.emit('log', { |
| message: 'Client: ' + |
| client.address + ':' + |
| client.port + |
| ' sent file: ' + |
| root, |
| severity: 'info' |
| }); |
| self.emit('data', { |
| status: 200, |
| data: fs.createReadStream(root), |
| type: mime.lookup(root) |
| }); |
| }); |
| }); |
| } |
| |
| // Determines whether the requested filesystem request path is a directory or a file. |
| function serve(self, config, local, href, address, cache) { |
| function serve(self, config, local, href, address) { |
| fs.stat(local, (error, stats) => { |
| // Document does not exist. |
| if (error) { |
| @@ -179,7 +200,7 @@ |
|---|
| |
| if (stats.isDirectory()) { |
| // Directory is requested so provide directory indexes. |
| index(self, config, local, href, address, cache); |
| index(self, config, local, href, address); |
| return; |
| } |
| if (stats.isFile()) { |
| @@ -210,7 +231,7 @@ |
|---|
| } |
| |
| // A file was requested so provide the file. |
| files(self, config, local, address, cache); |
| files(self, config, local, address); |
| } |
| }); |
| } |
| @@ -295,7 +316,7 @@ |
|---|
| |
| // Check for path traversals early on and bail if the requested path does not |
| // lie within the specified document root. |
| was.isRooted(resolvedPath, root, path.sep, (rooted) => { |
| isRooted(resolvedPath, root, path.sep, (rooted) => { |
| if (!rooted) { |
| self.emit('log', { |
| message: 'Attempted path traversal: ' + |
| @@ -343,8 +364,7 @@ |
|---|
| config, |
| requestPath, |
| requestURL.pathname, |
| address, |
| new Cache(config, address, request, response) |
| address |
| ) |
| ); |
| }); |
| @@ -365,8 +385,7 @@ |
|---|
| config, |
| requestPath, |
| requestURL.pathname, |
| address, |
| new Cache(config, address, request, response) |
| address |
| ) |
| ); |
| }); |
| @@ -376,5 +395,4 @@ |
|---|
| }; |
| |
| util.inherits(Handler, EventEmitter); |
| util.inherits(Cache, EventEmitter); |
| module.exports = Handler; |
