forked from svrjs/svrjs
Update to SVR.JS 3.14.13
This commit is contained in:
parent
4a1a59f15d
commit
1c6e707f58
4 changed files with 27 additions and 45 deletions
|
|
@ -1,7 +1,7 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
<title>SVR.JS 3.14.12</title>
|
<title>SVR.JS 3.14.13</title>
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||||
<meta charset="UTF-8" />
|
<meta charset="UTF-8" />
|
||||||
<style>
|
<style>
|
||||||
|
|
@ -12,7 +12,7 @@
|
||||||
</style>
|
</style>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<h1>Welcome to SVR.JS 3.14.12</h1>
|
<h1>Welcome to SVR.JS 3.14.13</h1>
|
||||||
<br/>
|
<br/>
|
||||||
<img src="/logo.png" style="width: 256px; max-width: 100%;" />
|
<img src="/logo.png" style="width: 256px; max-width: 100%;" />
|
||||||
<br/>
|
<br/>
|
||||||
|
|
@ -84,7 +84,8 @@
|
||||||
</code>
|
</code>
|
||||||
<p>Changes:</p>
|
<p>Changes:</p>
|
||||||
<ul style="display: inline-block; margin: 0;">
|
<ul style="display: inline-block; margin: 0;">
|
||||||
<li>Fix ".dirimages" directory returning an 500 error, if it is not present in the web root.</li>
|
<li>Optimized code.</li>
|
||||||
|
<li>SVR.JS now uses <i>os.availableParallelism()</i> function for determining amount of processes to fork, when it is available.</li>
|
||||||
</ul>
|
</ul>
|
||||||
<p>
|
<p>
|
||||||
<a href="/tests.html">Tests</a><br/>
|
<a href="/tests.html">Tests</a><br/>
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
<title>SVR.JS 3.14.12 Licenses</title>
|
<title>SVR.JS 3.14.13 Licenses</title>
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||||
<meta charset="UTF-8" />
|
<meta charset="UTF-8" />
|
||||||
<style>
|
<style>
|
||||||
|
|
@ -12,8 +12,8 @@
|
||||||
</style>
|
</style>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<h1>SVR.JS 3.14.12 Licenses</h1>
|
<h1>SVR.JS 3.14.13 Licenses</h1>
|
||||||
<h2>SVR.JS 3.14.12</h2>
|
<h2>SVR.JS 3.14.13</h2>
|
||||||
<div style="display: inline-block; text-align: left; border-width: 2px; border-style: solid; border-color: gray; padding: 8px;">
|
<div style="display: inline-block; text-align: left; border-width: 2px; border-style: solid; border-color: gray; padding: 8px;">
|
||||||
MIT License<br/>
|
MIT License<br/>
|
||||||
<br/>
|
<br/>
|
||||||
|
|
@ -37,7 +37,7 @@
|
||||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE<br/>
|
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE<br/>
|
||||||
SOFTWARE.<br/>
|
SOFTWARE.<br/>
|
||||||
</div>
|
</div>
|
||||||
<h2>Packages used by SVR.JS 3.14.12</h2>
|
<h2>Packages used by SVR.JS 3.14.13</h2>
|
||||||
<div style="width: 100%; max-width: 1280px; margin: auto">
|
<div style="width: 100%; max-width: 1280px; margin: auto">
|
||||||
<div style="width: 100%; background-color: #ccc; border: 1px solid green; text-align: left; margin: 10px 0;">
|
<div style="width: 100%; background-color: #ccc; border: 1px solid green; text-align: left; margin: 10px 0;">
|
||||||
<div style="float: right;">License: MIT</div>
|
<div style="float: right;">License: MIT</div>
|
||||||
|
|
|
||||||
39
svr.js
39
svr.js
|
|
@ -69,7 +69,7 @@ function deleteFolderRecursive(path) {
|
||||||
}
|
}
|
||||||
|
|
||||||
var os = require("os");
|
var os = require("os");
|
||||||
var version = "3.14.12";
|
var version = "3.14.13";
|
||||||
var singlethreaded = false;
|
var singlethreaded = false;
|
||||||
|
|
||||||
if (process.versions) process.versions.svrjs = version; // Inject SVR.JS into process.versions
|
if (process.versions) process.versions.svrjs = version; // Inject SVR.JS into process.versions
|
||||||
|
|
@ -2954,9 +2954,9 @@ if (!cluster.isPrimary) {
|
||||||
} else {
|
} else {
|
||||||
headWritten = true;
|
headWritten = true;
|
||||||
}
|
}
|
||||||
if (code >= 400 && code <= 499) err4xxcounter++;
|
|
||||||
if (code >= 500 && code <= 599) err5xxcounter++;
|
|
||||||
if (code >= 400 && code <= 599) {
|
if (code >= 400 && code <= 599) {
|
||||||
|
if (code >= 400 && code <= 499) err4xxcounter++;
|
||||||
|
else if (code >= 500 && code <= 599) err5xxcounter++;
|
||||||
serverconsole.errmessage("Server responded with " + code.toString() + " code.");
|
serverconsole.errmessage("Server responded with " + code.toString() + " code.");
|
||||||
} else {
|
} else {
|
||||||
serverconsole.resmessage("Server responded with " + code.toString() + " code.");
|
serverconsole.resmessage("Server responded with " + code.toString() + " code.");
|
||||||
|
|
@ -2984,7 +2984,7 @@ if (!cluster.isPrimary) {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
var isProxy = false;
|
var isProxy = false;
|
||||||
if (req.url.indexOf("/") != 0 && req.url != "*") isProxy = true;
|
if (req.url[0] != "/" && req.url != "*") isProxy = true;
|
||||||
serverconsole.locmessage("Somebody connected to " + (secure && fromMain ? ((typeof sport == "number" ? "port " : "socket ") + sport) : ((typeof port == "number" ? "port " : "socket ") + port)) + "...");
|
serverconsole.locmessage("Somebody connected to " + (secure && fromMain ? ((typeof sport == "number" ? "port " : "socket ") + sport) : ((typeof port == "number" ? "port " : "socket ") + port)) + "...");
|
||||||
|
|
||||||
if (req.socket == null) {
|
if (req.socket == null) {
|
||||||
|
|
@ -3314,7 +3314,7 @@ if (!cluster.isPrimary) {
|
||||||
if (uobject.href != "") nuobject.href = uobject.href;
|
if (uobject.href != "") nuobject.href = uobject.href;
|
||||||
|
|
||||||
// Adjust the pathname and href properties if the URI doesn't start with "/"
|
// Adjust the pathname and href properties if the URI doesn't start with "/"
|
||||||
if (preparedURI.indexOf("/") != 0) {
|
if (preparedURI[0] != "/") {
|
||||||
if (nuobject.pathname) {
|
if (nuobject.pathname) {
|
||||||
nuobject.pathname = nuobject.pathname.substring(1);
|
nuobject.pathname = nuobject.pathname.substring(1);
|
||||||
nuobject.href = nuobject.pathname + (nuobject.search ? nuobject.search : "");
|
nuobject.href = nuobject.pathname + (nuobject.search ? nuobject.search : "");
|
||||||
|
|
@ -3404,11 +3404,6 @@ if (!cluster.isPrimary) {
|
||||||
vresCalled = true;
|
vresCalled = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (req.socket == null) {
|
|
||||||
serverconsole.errmessage("Client socket is null!!!");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Function to check the level of a path relative to the web root
|
// Function to check the level of a path relative to the web root
|
||||||
function checkPathLevel(path) {
|
function checkPathLevel(path) {
|
||||||
// Split the path into an array of components based on "/"
|
// Split the path into an array of components based on "/"
|
||||||
|
|
@ -3865,10 +3860,9 @@ if (!cluster.isPrimary) {
|
||||||
fs.stat((prefix + "/" + fileList[index]).replace(/\/+/g, "/"), function (err, stats) {
|
fs.stat((prefix + "/" + fileList[index]).replace(/\/+/g, "/"), function (err, stats) {
|
||||||
if (err) {
|
if (err) {
|
||||||
fs.lstat((prefix + "/" + fileList[index]).replace(/\/+/g, "/"), function (err, stats) {
|
fs.lstat((prefix + "/" + fileList[index]).replace(/\/+/g, "/"), function (err, stats) {
|
||||||
if (err) {
|
|
||||||
pushArray.push({
|
pushArray.push({
|
||||||
name: fileList[index],
|
name: fileList[index],
|
||||||
stats: null,
|
stats: err ? null : stats,
|
||||||
errored: true
|
errored: true
|
||||||
});
|
});
|
||||||
if (index < fileList.length - 1) {
|
if (index < fileList.length - 1) {
|
||||||
|
|
@ -3876,18 +3870,6 @@ if (!cluster.isPrimary) {
|
||||||
} else {
|
} else {
|
||||||
callback(pushArray);
|
callback(pushArray);
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
pushArray.push({
|
|
||||||
name: fileList[index],
|
|
||||||
stats: stats,
|
|
||||||
errored: true
|
|
||||||
});
|
|
||||||
if (index < fileList.length - 1) {
|
|
||||||
getStatsForAllFilesI(fileList, callback, prefix, pushArray, index + 1);
|
|
||||||
} else {
|
|
||||||
callback(pushArray);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
pushArray.push({
|
pushArray.push({
|
||||||
|
|
@ -3918,8 +3900,7 @@ if (!cluster.isPrimary) {
|
||||||
var estats = filelist[i].stats;
|
var estats = filelist[i].stats;
|
||||||
var ename = filelist[i].name;
|
var ename = filelist[i].name;
|
||||||
var eext = ename.match(/\.([^.]+)$/);
|
var eext = ename.match(/\.([^.]+)$/);
|
||||||
if (eext) eext = eext[1];
|
eext = eext ? eext[1] : "";
|
||||||
else eext = "";
|
|
||||||
var emime = eext ? mime.contentType(eext) : false;
|
var emime = eext ? mime.contentType(eext) : false;
|
||||||
if (filelist[i].errored) {
|
if (filelist[i].errored) {
|
||||||
directoryListingRows.push(
|
directoryListingRows.push(
|
||||||
|
|
@ -4919,7 +4900,7 @@ function start(init) {
|
||||||
if (!process.isBun && /^v(?:[0-9]\.|1[0-7]\.|18\.(?:[0-9]|1[0-8])\.|18\.19\.0|20\.(?:[0-9]|10)\.|20\.11\.0|21\.[0-5]\.|21\.6\.0|21\.6\.1(?![0-9]))/.test(process.version)) serverconsole.locwarnmessage("Your Node.JS version is vulnerable to HTTP server DoS (CVE-2024-22019).");
|
if (!process.isBun && /^v(?:[0-9]\.|1[0-7]\.|18\.(?:[0-9]|1[0-8])\.|18\.19\.0|20\.(?:[0-9]|10)\.|20\.11\.0|21\.[0-5]\.|21\.6\.0|21\.6\.1(?![0-9]))/.test(process.version)) serverconsole.locwarnmessage("Your Node.JS version is vulnerable to HTTP server DoS (CVE-2024-22019).");
|
||||||
if (!process.isBun && /^v(?:[0-9]\.|1[0-7]\.|18\.(?:1?[0-9])\.|18\.20\.0|20\.(?:[0-9]|1[01])\.|20\.12\.0|21\.[0-6]\.|21\.7\.0|21\.7\.1(?![0-9]))/.test(process.version)) serverconsole.locwarnmessage("Your Node.JS version is vulnerable to HTTP server request smuggling (CVE-2024-27982).");
|
if (!process.isBun && /^v(?:[0-9]\.|1[0-7]\.|18\.(?:1?[0-9])\.|18\.20\.0|20\.(?:[0-9]|1[01])\.|20\.12\.0|21\.[0-6]\.|21\.7\.0|21\.7\.1(?![0-9]))/.test(process.version)) serverconsole.locwarnmessage("Your Node.JS version is vulnerable to HTTP server request smuggling (CVE-2024-27982).");
|
||||||
if (process.getuid && process.getuid() == 0) serverconsole.locwarnmessage("You're running SVR.JS as root. It's recommended to run SVR.JS as an non-root user. Running SVR.JS as root may increase the risks of OS command execution vulnerabilities.");
|
if (process.getuid && process.getuid() == 0) serverconsole.locwarnmessage("You're running SVR.JS as root. It's recommended to run SVR.JS as an non-root user. Running SVR.JS as root may increase the risks of OS command execution vulnerabilities.");
|
||||||
if (secure && process.versions && process.versions.openssl && process.versions.openssl.substring(0, 2) == "1.") {
|
if (!process.isBun && secure && process.versions && process.versions.openssl && process.versions.openssl.substring(0, 2) == "1.") {
|
||||||
if (new Date() > new Date("11 September 2023")) {
|
if (new Date() > new Date("11 September 2023")) {
|
||||||
serverconsole.locwarnmessage("OpenSSL 1.x is no longer receiving security updates after 11th September 2023. Your HTTPS communication might be vulnerable. It is recommended to update to a newer version of Node.JS that includes OpenSSL 3.0 or higher to ensure the security of your server and data.");
|
serverconsole.locwarnmessage("OpenSSL 1.x is no longer receiving security updates after 11th September 2023. Your HTTPS communication might be vulnerable. It is recommended to update to a newer version of Node.JS that includes OpenSSL 3.0 or higher to ensure the security of your server and data.");
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -5305,7 +5286,7 @@ function start(init) {
|
||||||
if (stopError) serverconsole.climessage("Some SVR.JS workers might not be stopped.");
|
if (stopError) serverconsole.climessage("Some SVR.JS workers might not be stopped.");
|
||||||
SVRJSInitialized = false;
|
SVRJSInitialized = false;
|
||||||
closedMaster = true;
|
closedMaster = true;
|
||||||
var cpus = os.cpus().length;
|
var cpus = os.availableParallelism ? os.availableParallelism() : os.cpus().length;
|
||||||
if (cpus > 16) cpus = 16;
|
if (cpus > 16) cpus = 16;
|
||||||
try {
|
try {
|
||||||
var useAvailableCores = Math.round((os.freemem()) / 50000000) - 1; // 1 core deleted for safety...
|
var useAvailableCores = Math.round((os.freemem()) / 50000000) - 1; // 1 core deleted for safety...
|
||||||
|
|
@ -5376,7 +5357,7 @@ function start(init) {
|
||||||
if (cluster.isPrimary || cluster.isPrimary === undefined) {
|
if (cluster.isPrimary || cluster.isPrimary === undefined) {
|
||||||
// Cluster forking code
|
// Cluster forking code
|
||||||
if (cluster.isPrimary !== undefined && init) {
|
if (cluster.isPrimary !== undefined && init) {
|
||||||
var cpus = os.cpus().length;
|
var cpus = os.availableParallelism ? os.availableParallelism() : os.cpus().length;
|
||||||
if (cpus > 16) cpus = 16;
|
if (cpus > 16) cpus = 16;
|
||||||
try {
|
try {
|
||||||
var useAvailableCores = Math.round((os.freemem()) / 50000000) - 1; // 1 core deleted for safety...
|
var useAvailableCores = Math.round((os.freemem()) / 50000000) - 1; // 1 core deleted for safety...
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
<title>SVR.JS 3.14.12 Tests</title>
|
<title>SVR.JS 3.14.13 Tests</title>
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||||||
<meta charset="UTF-8" />
|
<meta charset="UTF-8" />
|
||||||
<style>
|
<style>
|
||||||
|
|
@ -12,7 +12,7 @@
|
||||||
</style>
|
</style>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<h1>SVR.JS 3.14.12 Tests</h1>
|
<h1>SVR.JS 3.14.13 Tests</h1>
|
||||||
<h2>Directory (without trailing slash)</h2>
|
<h2>Directory (without trailing slash)</h2>
|
||||||
<iframe src="/testdir" width="50%" height="300px"></iframe>
|
<iframe src="/testdir" width="50%" height="300px"></iframe>
|
||||||
<h2>Directory (with query)</h2>
|
<h2>Directory (with query)</h2>
|
||||||
|
|
|
||||||
Reference in a new issue