jyapayne/Simple-Web-Server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Cleanup of the default_resource check that ensures that the request path is within the given web_root_path

Browse source
This commit is contained in:
eidheim 2016-03-10 16:25:12 +01:00
commit 359bad9862
3 changed files with 70 additions and 75 deletions
Download patch file Download diff file Expand all files Collapse all files

72
http_examples.cpp
View file

@ -84,46 +84,44 @@ int main() {
//Default file: index.html //Default file: index.html
//Can for instance be used to retrieve an HTML 5 client that uses REST-resources on this server //Can for instance be used to retrieve an HTML 5 client that uses REST-resources on this server
server.default_resource["GET"]=[](HttpServer::Response& response, shared_ptr<HttpServer::Request> request) { server.default_resource["GET"]=[](HttpServer::Response& response, shared_ptr<HttpServer::Request> request) {
boost::filesystem::path web_root_path("web"); string web_root_path=boost::filesystem::canonical("web").string();
if(!boost::filesystem::exists(web_root_path)) boost::filesystem::path path=web_root_path;
cerr << "Could not find web root." << endl; path/=request->path;
else { if(boost::filesystem::exists(path)) {
auto path=web_root_path; auto path_str=boost::filesystem::canonical(path).string();
path+=request->path; if(path_str.substr(0, web_root_path.size())==web_root_path) {
if(boost::filesystem::exists(path)) { if(boost::filesystem::is_directory(path))
if(boost::filesystem::canonical(web_root_path)<=boost::filesystem::canonical(path)) { path/="index.html";
if(boost::filesystem::is_directory(path)) if(boost::filesystem::exists(path) && boost::filesystem::is_regular_file(path)) {
path+="/index.html"; cout << "test" << endl;
if(boost::filesystem::exists(path) && boost::filesystem::is_regular_file(path)) { ifstream ifs;
ifstream ifs; ifs.open(path.string(), ifstream::in | ios::binary);
ifs.open(path.string(), ifstream::in | ios::binary);
if(ifs) {
ifs.seekg(0, ios::end);
size_t length=ifs.tellg();
if(ifs) { ifs.seekg(0, ios::beg);
ifs.seekg(0, ios::end);
size_t length=ifs.tellg(); response << "HTTP/1.1 200 OK\r\nContent-Length: " << length << "\r\n\r\n";
ifs.seekg(0, ios::beg); //read and send 128 KB at a time
size_t buffer_size=131072;
response << "HTTP/1.1 200 OK\r\nContent-Length: " << length << "\r\n\r\n"; vector<char> buffer;
buffer.reserve(buffer_size);
//read and send 128 KB at a time size_t read_length;
size_t buffer_size=131072; try {
vector<char> buffer; while((read_length=ifs.read(&buffer[0], buffer_size).gcount())>0) {
buffer.reserve(buffer_size); response.write(&buffer[0], read_length);
size_t read_length; response.flush();
try {
while((read_length=ifs.read(&buffer[0], buffer_size).gcount())>0) {
response.write(&buffer[0], read_length);
response.flush();
}
} }
catch(const exception &e) {
cerr << "Connection interrupted, closing file" << endl;
}
ifs.close();
return;
} }
catch(const exception &e) {
cerr << "Connection interrupted, closing file" << endl;
}
ifs.close();
return;
} }
} }
} }

72
https_examples.cpp
View file

@ -84,46 +84,44 @@ int main() {
//Default file: index.html //Default file: index.html
//Can for instance be used to retrieve an HTML 5 client that uses REST-resources on this server //Can for instance be used to retrieve an HTML 5 client that uses REST-resources on this server
server.default_resource["GET"]=[](HttpsServer::Response& response, shared_ptr<HttpsServer::Request> request) { server.default_resource["GET"]=[](HttpsServer::Response& response, shared_ptr<HttpsServer::Request> request) {
boost::filesystem::path web_root_path("web"); string web_root_path=boost::filesystem::canonical("web").string();
if(!boost::filesystem::exists(web_root_path)) boost::filesystem::path path=web_root_path;
cerr << "Could not find web root." << endl; path/=request->path;
else { if(boost::filesystem::exists(path)) {
auto path=web_root_path; auto path_str=boost::filesystem::canonical(path).string();
path+=request->path; if(path_str.substr(0, web_root_path.size())==web_root_path) {
if(boost::filesystem::exists(path)) { if(boost::filesystem::is_directory(path))
if(boost::filesystem::canonical(web_root_path)<=boost::filesystem::canonical(path)) { path/="index.html";
if(boost::filesystem::is_directory(path)) if(boost::filesystem::exists(path) && boost::filesystem::is_regular_file(path)) {
path+="/index.html"; cout << "test" << endl;
if(boost::filesystem::exists(path) && boost::filesystem::is_regular_file(path)) { ifstream ifs;
ifstream ifs; ifs.open(path.string(), ifstream::in | ios::binary);
ifs.open(path.string(), ifstream::in | ios::binary);
if(ifs) {
ifs.seekg(0, ios::end);
size_t length=ifs.tellg();
if(ifs) { ifs.seekg(0, ios::beg);
ifs.seekg(0, ios::end);
size_t length=ifs.tellg(); response << "HTTP/1.1 200 OK\r\nContent-Length: " << length << "\r\n\r\n";
ifs.seekg(0, ios::beg); //read and send 128 KB at a time
size_t buffer_size=131072;
response << "HTTP/1.1 200 OK\r\nContent-Length: " << length << "\r\n\r\n"; vector<char> buffer;
buffer.reserve(buffer_size);
//read and send 128 KB at a time size_t read_length;
size_t buffer_size=131072; try {
vector<char> buffer; while((read_length=ifs.read(&buffer[0], buffer_size).gcount())>0) {
buffer.reserve(buffer_size); response.write(&buffer[0], read_length);
size_t read_length; response.flush();
try {
while((read_length=ifs.read(&buffer[0], buffer_size).gcount())>0) {
response.write(&buffer[0], read_length);
response.flush();
}
} }
catch(const exception &e) {
cerr << "Connection interrupted, closing file" << endl;
}
ifs.close();
return;
} }
catch(const exception &e) {
cerr << "Connection interrupted, closing file" << endl;
}
ifs.close();
return;
} }
} }
} }

1
server_http.hpp
View file

@ -312,7 +312,6 @@ namespace SimpleWeb {
else else
return false; return false;
getline(stream, line); getline(stream, line);
size_t param_end; size_t param_end;
while((param_end=line.find(':'))!=std::string::npos) { while((param_end=line.find(':'))!=std::string::npos) {