DorianNiemiecSVRJS/svrjs
Archived
1
0
Fork 0
forked from svrjs/svrjs
Code Pull requests Activity

refactor: use config.wwwroot instead of current working directory as a webroot in internal code

Browse source
This commit is contained in:
Dorian Niemiec 2024-11-10 12:14:55 +01:00
parent 847fb46f07
commit 1174a348b6
8 changed files with 105 additions and 68 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
src/handlers/clientErrorHandler.js
View file

@ -12,6 +12,9 @@ let serverconsole = {};
function clientErrorHandler(err, socket) { function clientErrorHandler(err, socket) {
const config = deepClone(process.serverConfig); const config = deepClone(process.serverConfig);
// Determine the webroot from the current working directory if it is not configured
if (config.wwwroot === undefined) config.wwwroot = process.cwd();
config.generateServerString = () => config.generateServerString = () =>
generateServerString(config.exposeServerVersion); generateServerString(config.exposeServerVersion);
@ -182,14 +185,14 @@ function clientErrorHandler(err, socket) {
fs.access(config.page404, fs.constants.F_OK, (err) => { fs.access(config.page404, fs.constants.F_OK, (err) => {
if (err) { if (err) {
fs.access( fs.access(
"." + errorCode.toString(), config.wwwroot + "/." + errorCode.toString(),
fs.constants.F_OK, fs.constants.F_OK,
(err) => { (err) => {
try { try {
if (err) { if (err) {
callback(errorCode.toString() + ".html"); callback(errorCode.toString() + ".html");
} else { } else {
callback("." + errorCode.toString()); callback(config.wwwroot + "/." + errorCode.toString());
} }
} catch (err2) { } catch (err2) {
callServerError(500, err2); callServerError(500, err2);
@ -205,17 +208,21 @@ function clientErrorHandler(err, socket) {
} }
}); });
} else { } else {
fs.access("." + errorCode.toString(), fs.constants.F_OK, (err) => { fs.access(
try { config.wwwroot + "/." + errorCode.toString(),
if (err) { fs.constants.F_OK,
callback(errorCode.toString() + ".html"); (err) => {
} else { try {
callback("." + errorCode.toString()); if (err) {
callback(errorCode.toString() + ".html");
} else {
callback(config.wwwroot + "/." + errorCode.toString());
}
} catch (err2) {
callServerError(500, err2);
} }
} catch (err2) {
callServerError(500, err2);
} }
}); );
} }
} }
}; };
@ -457,15 +464,15 @@ function clientErrorHandler(err, socket) {
} sent invalid request.` } sent invalid request.`
); );
try { try {
head = fs.existsSync("./.head") head = fs.existsSync(`${config.wwwroot}/.head`)
? fs.readFileSync("./.head").toString() ? fs.readFileSync(`${config.wwwroot}/.head`).toString()
: fs.existsSync("./head.html") : fs.existsSync(`${config.wwwroot}/head.html`)
? fs.readFileSync("./head.html").toString() ? fs.readFileSync(`${config.wwwroot}/head.html`).toString()
: ""; // header : ""; // header
foot = fs.existsSync("./.foot") foot = fs.existsSync(`${config.wwwroot}/.foot`)
? fs.readFileSync("./.foot").toString() ? fs.readFileSync(`${config.wwwroot}/.foot`).toString()
: fs.existsSync("./foot.html") : fs.existsSync(`${config.wwwroot}/foot.html`)
? fs.readFileSync("./foot.html").toString() ? fs.readFileSync(`${config.wwwroot}/foot.html`).toString()
: ""; // footer : ""; // footer
if ( if (

3
src/handlers/proxyHandler.js
View file

@ -32,6 +32,9 @@ function proxyHandler(req, socket, head) {
// SVR.JS configuration object (modified) // SVR.JS configuration object (modified)
const config = deepClone(process.serverConfig); const config = deepClone(process.serverConfig);
// Determine the webroot from the current working directory if it is not configured
if (config.wwwroot === undefined) config.wwwroot = process.cwd();
config.generateServerString = () => config.generateServerString = () =>
generateServerString(config.exposeServerVersion); generateServerString(config.exposeServerVersion);

45
src/handlers/requestHandler.js
View file

@ -37,6 +37,9 @@ function requestHandler(req, res) {
config.generateServerString = () => config.generateServerString = () =>
generateServerString(config.exposeServerVersion); generateServerString(config.exposeServerVersion);
// Determine the webroot from the current working directory if it is not configured
if (config.wwwroot === undefined) config.wwwroot = process.cwd();
// getCustomHeaders() in SVR.JS 3.x // getCustomHeaders() in SVR.JS 3.x
config.getCustomHeaders = () => { config.getCustomHeaders = () => {
let ph = Object.assign({}, config.customHeaders); let ph = Object.assign({}, config.customHeaders);
@ -345,14 +348,14 @@ function requestHandler(req, res) {
fs.access(config.page404, fs.constants.F_OK, (err) => { fs.access(config.page404, fs.constants.F_OK, (err) => {
if (err) { if (err) {
fs.access( fs.access(
"." + errorCode.toString(), config.wwwroot + "/." + errorCode.toString(),
fs.constants.F_OK, fs.constants.F_OK,
(err) => { (err) => {
try { try {
if (err) { if (err) {
callback(errorCode.toString() + ".html"); callback(errorCode.toString() + ".html");
} else { } else {
callback("." + errorCode.toString()); callback(config.wwwroot + "/." + errorCode.toString());
} }
} catch (err2) { } catch (err2) {
res.error(500, err2); res.error(500, err2);
@ -368,17 +371,21 @@ function requestHandler(req, res) {
} }
}); });
} else { } else {
fs.access("." + errorCode.toString(), fs.constants.F_OK, (err) => { fs.access(
try { config.wwwroot + "/." + errorCode.toString(),
if (err) { fs.constants.F_OK,
callback(errorCode.toString() + ".html"); (err) => {
} else { try {
callback("." + errorCode.toString()); if (err) {
callback(errorCode.toString() + ".html");
} else {
callback(config.wwwroot + "/." + errorCode.toString());
}
} catch (err2) {
res.error(500, err2);
} }
} catch (err2) {
res.error(500, err2);
} }
}); );
} }
} }
}; };
@ -633,15 +640,15 @@ function requestHandler(req, res) {
}; };
try { try {
res.head = fs.existsSync("./.head") res.head = fs.existsSync(`${config.wwwroot}/.head`)
? fs.readFileSync("./.head").toString() ? fs.readFileSync(`${config.wwwroot}/.head`).toString()
: fs.existsSync("./head.html") : fs.existsSync(`${config.wwwroot}/head.html`)
? fs.readFileSync("./head.html").toString() ? fs.readFileSync(`${config.wwwroot}/head.html`).toString()
: ""; // header : ""; // header
res.foot = fs.existsSync("./.foot") res.foot = fs.existsSync(`${config.wwwroot}/.foot`)
? fs.readFileSync("./.foot").toString() ? fs.readFileSync(`${config.wwwroot}/.foot`).toString()
: fs.existsSync("./foot.html") : fs.existsSync(`${config.wwwroot}/foot.html`)
? fs.readFileSync("./foot.html").toString() ? fs.readFileSync(`${config.wwwroot}/foot.html`).toString()
: ""; // footer : ""; // footer
} catch (err) { } catch (err) {
res.error(500, err); res.error(500, err);

6
src/index.js
View file

@ -812,7 +812,11 @@ if (!disableMods) {
} }
// Determine path of server-side script file // Determine path of server-side script file
let SSJSPath = "./serverSideScript.js"; let SSJSPath = `${
process.serverConfig.wwwroot != undefined
? process.serverConfig.wwwroot
: process.dirname
}/serverSideScript.js`;
if (!process.serverConfig.useWebRootServerSideScript) if (!process.serverConfig.useWebRootServerSideScript)
SSJSPath = process.dirname + "/serverSideScript.js"; SSJSPath = process.dirname + "/serverSideScript.js";

21
src/middleware/checkForbiddenPaths.js
View file

@ -8,8 +8,12 @@ const {
} = require("../utils/forbiddenPaths.js"); } = require("../utils/forbiddenPaths.js");
const svrjsInfo = require("../../svrjs.json"); const svrjsInfo = require("../../svrjs.json");
const { name } = svrjsInfo; const { name } = svrjsInfo;
const wwwroot =
process.serverConfig && process.serverConfig.wwwroot !== undefined
? process.serverConfig.wwwroot
: ".";
forbiddenPaths.config = getInitializePath("./config.json"); forbiddenPaths.config = getInitializePath(`${wwwroot}/config.json`);
forbiddenPaths.certificates = []; forbiddenPaths.certificates = [];
if (process.serverConfig.secure) { if (process.serverConfig.secure) {
forbiddenPaths.certificates.push( forbiddenPaths.certificates.push(
@ -26,7 +30,8 @@ if (process.serverConfig.secure) {
}); });
} }
forbiddenPaths.svrjs = getInitializePath( forbiddenPaths.svrjs = getInitializePath(
"./" + wwwroot +
"/" +
(process.dirname[process.dirname.length - 1] != "/" (process.dirname[process.dirname.length - 1] != "/"
? process.filename.replace(process.dirname + "/", "") ? process.filename.replace(process.dirname + "/", "")
: process.filename.replace(process.dirname, "")) : process.filename.replace(process.dirname, ""))
@ -36,16 +41,18 @@ if (process.serverConfig.useWebRootServerSideScript) {
forbiddenPaths.serverSideScripts.push("/serverSideScript.js"); forbiddenPaths.serverSideScripts.push("/serverSideScript.js");
} else { } else {
forbiddenPaths.serverSideScripts.push( forbiddenPaths.serverSideScripts.push(
getInitializePath("./serverSideScript.js") getInitializePath(`${wwwroot}/serverSideScript.js`)
); );
} }
forbiddenPaths.serverSideScriptDirectories = []; forbiddenPaths.serverSideScriptDirectories = [];
forbiddenPaths.serverSideScriptDirectories.push( forbiddenPaths.serverSideScriptDirectories.push(
getInitializePath("./node_modules") getInitializePath(`${wwwroot}/node_modules`)
); );
forbiddenPaths.serverSideScriptDirectories.push(getInitializePath("./mods")); forbiddenPaths.serverSideScriptDirectories.push(
forbiddenPaths.temp = getInitializePath("./temp"); getInitializePath(wwwroot + "/mods")
forbiddenPaths.log = getInitializePath("./log"); );
forbiddenPaths.temp = getInitializePath(`${wwwroot}/temp`);
forbiddenPaths.log = getInitializePath(`${wwwroot}/log`);
module.exports = (req, res, logFacilities, config, next) => { module.exports = (req, res, logFacilities, config, next) => {
let decodedHrefWithoutDuplicateSlashes = ""; let decodedHrefWithoutDuplicateSlashes = "";

31
src/middleware/redirectTrailingSlashes.js
View file

@ -9,22 +9,25 @@ module.exports = (req, res, logFacilities, config, next) => {
req.originalParsedURL.pathname[req.originalParsedURL.pathname.length - 1] != req.originalParsedURL.pathname[req.originalParsedURL.pathname.length - 1] !=
"/" "/"
) { ) {
fs.stat("." + decodeURIComponent(req.parsedURL.pathname), (err, stats) => { fs.stat(
if (err || !stats.isDirectory()) { config.wwwroot + decodeURIComponent(req.parsedURL.pathname),
try { (err, stats) => {
next(); if (err || !stats.isDirectory()) {
} catch (err) { try {
res.error(500, err); next();
} catch (err) {
res.error(500, err);
}
} else {
res.redirect(
req.originalParsedURL.pathname +
"/" +
(req.parsedURL.search ? req.parsedURL.search : "") +
(req.parsedURL.hash ? req.parsedURL.hash : "")
);
} }
} else {
res.redirect(
req.originalParsedURL.pathname +
"/" +
(req.parsedURL.search ? req.parsedURL.search : "") +
(req.parsedURL.hash ? req.parsedURL.hash : "")
);
} }
}); );
} else { } else {
next(); next();
} }

2
src/middleware/rewriteURL.js
View file

@ -28,7 +28,7 @@ module.exports = (req, res, logFacilities, config, next) => {
!_fileState !_fileState
) { ) {
fs.stat( fs.stat(
"." + decodeURIComponent(req.parsedURL.pathname), config.wwwroot + decodeURIComponent(req.parsedURL.pathname),
(err, stats) => { (err, stats) => {
let _fileState = 3; let _fileState = 3;
if (err) { if (err) {

20
src/middleware/staticFileServingAndDirectoryListings.js
View file

@ -86,7 +86,7 @@ module.exports = (req, res, logFacilities, config, next) => {
res.error(400); res.error(400);
return; return;
} }
let readFrom = "." + dHref; let readFrom = config.wwwroot + dHref;
let dirImagesMissing = false; let dirImagesMissing = false;
fs.stat(readFrom, (err, stats) => { fs.stat(readFrom, (err, stats) => {
if (err) { if (err) {
@ -502,13 +502,16 @@ module.exports = (req, res, logFacilities, config, next) => {
const getCustomDirListingHeader = (callback) => { const getCustomDirListingHeader = (callback) => {
fs.readFile( fs.readFile(
("." + dHref + "/.dirhead").replace(/\/+/g, "/"), (config.wwwroot + dHref + "/.dirhead").replace(/\/+/g, "/"),
(err, data) => { (err, data) => {
if (err) { if (err) {
if (err.code == "ENOENT" || err.code == "EISDIR") { if (err.code == "ENOENT" || err.code == "EISDIR") {
if (os.platform != "win32" || href != "/") { if (os.platform != "win32" || href != "/") {
fs.readFile( fs.readFile(
("." + dHref + "/HEAD.html").replace(/\/+/g, "/"), (config.wwwroot + dHref + "/HEAD.html").replace(
/\/+/g,
"/"
),
(err, data) => { (err, data) => {
if (err) { if (err) {
if (err.code == "ENOENT" || err.code == "EISDIR") { if (err.code == "ENOENT" || err.code == "EISDIR") {
@ -538,13 +541,16 @@ module.exports = (req, res, logFacilities, config, next) => {
const getCustomDirListingFooter = (callback) => { const getCustomDirListingFooter = (callback) => {
fs.readFile( fs.readFile(
("." + dHref + "/.dirfoot").replace(/\/+/g, "/"), (config.wwwroot + dHref + "/.dirfoot").replace(/\/+/g, "/"),
(err, data) => { (err, data) => {
if (err) { if (err) {
if (err.code == "ENOENT" || err.code == "EISDIR") { if (err.code == "ENOENT" || err.code == "EISDIR") {
if (os.platform != "win32" || href != "/") { if (os.platform != "win32" || href != "/") {
fs.readFile( fs.readFile(
("." + dHref + "/FOOT.html").replace(/\/+/g, "/"), (config.wwwroot + dHref + "/FOOT.html").replace(
/\/+/g,
"/"
),
(err, data) => { (err, data) => {
if (err) { if (err) {
if (err.code == "ENOENT" || err.code == "EISDIR") { if (err.code == "ENOENT" || err.code == "EISDIR") {
@ -646,7 +652,7 @@ module.exports = (req, res, logFacilities, config, next) => {
if ( if (
fs.existsSync( fs.existsSync(
"." + config.wwwroot +
decodeURIComponent(href) + decodeURIComponent(href) +
"/.maindesc".replace(/\/+/g, "/") "/.maindesc".replace(/\/+/g, "/")
) )
@ -654,7 +660,7 @@ module.exports = (req, res, logFacilities, config, next) => {
htmlFoot = htmlFoot =
"</table><hr/>" + "</table><hr/>" +
fs.readFileSync( fs.readFileSync(
"." + config.wwwroot +
decodeURIComponent(href) + decodeURIComponent(href) +
"/.maindesc".replace(/\/+/g, "/") "/.maindesc".replace(/\/+/g, "/")
) + ) +