From 7fb40a1be937898900bca5209023d432e66781d0 Mon Sep 17 00:00:00 2001
From: eidheim <eidheim@gmail.com>
Date: Wed, 19 Oct 2016 10:19:51 +0200
Subject: [PATCH] Reverted e50f0b597f99e91b0e0d829387d2f8367d553739

---
 http_examples.cpp  | 4 +++-
 https_examples.cpp | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/http_examples.cpp b/http_examples.cpp
index f8533b1..dbea3a6 100644
--- a/http_examples.cpp
+++ b/http_examples.cpp
@@ -106,7 +106,7 @@ int main() {
     //Can for instance be used to retrieve an HTML 5 client that uses REST-resources on this server
     server.default_resource["GET"]=[&server](shared_ptr<HttpServer::Response> response, shared_ptr<HttpServer::Request> request) {
         try {
-            static auto web_root_path=boost::filesystem::canonical("web");
+            auto web_root_path=boost::filesystem::canonical("web");
             auto path=boost::filesystem::canonical(web_root_path/request->path);
             //Check if path is within web_root_path
             if(distance(web_root_path.begin(), web_root_path.end())>distance(path.begin(), path.end()) ||
@@ -114,6 +114,8 @@ int main() {
                 throw invalid_argument("path must be within root path");
             if(boost::filesystem::is_directory(path))
                 path/="index.html";
+            if(!(boost::filesystem::exists(path) && boost::filesystem::is_regular_file(path)))
+                throw invalid_argument("file does not exist");
             
             auto ifs=make_shared<ifstream>();
             ifs->open(path.string(), ifstream::in | ios::binary);
diff --git a/https_examples.cpp b/https_examples.cpp
index a932d56..8642a42 100644
--- a/https_examples.cpp
+++ b/https_examples.cpp
@@ -106,7 +106,7 @@ int main() {
     //Can for instance be used to retrieve an HTML 5 client that uses REST-resources on this server
     server.default_resource["GET"]=[&server](shared_ptr<HttpsServer::Response> response, shared_ptr<HttpsServer::Request> request) {
         try {
-            static auto web_root_path=boost::filesystem::canonical("web");
+            auto web_root_path=boost::filesystem::canonical("web");
             auto path=boost::filesystem::canonical(web_root_path/request->path);
             //Check if path is within web_root_path
             if(distance(web_root_path.begin(), web_root_path.end())>distance(path.begin(), path.end()) ||
@@ -114,6 +114,8 @@ int main() {
                 throw invalid_argument("path must be within root path");
             if(boost::filesystem::is_directory(path))
                 path/="index.html";
+            if(!(boost::filesystem::exists(path) && boost::filesystem::is_regular_file(path)))
+                throw invalid_argument("file does not exist");
             
             auto ifs=make_shared<ifstream>();
             ifs->open(path.string(), ifstream::in | ios::binary);