Mercurial > lxmppd-hg-xmllex / file comparison
comparison: plugins/mod_httpserver.lua
plugins/mod_httpserver.lua
- changeset 1770
- 3e17002221eb
- parent 1552
- 334b66f614a6
- child 1771
- 39e6b986ef01
- child 1811
- e32593074602
equal
deleted
inserted
replaced
| 1732:f1282fad2f99 | 1770:3e17002221eb |
|---|---|
| 9 | 9 |
| 10 local httpserver = require "net.httpserver"; | 10 local httpserver = require "net.httpserver"; |
| 11 | 11 |
| 12 local open = io.open; | 12 local open = io.open; |
| 13 local t_concat = table.concat; | 13 local t_concat = table.concat; |
| 14 local check_http_path; | |
| 14 | 15 |
| 15 local http_base = "www_files"; | 16 local http_base = "www_files"; |
| 16 | 17 |
| 18 local response_403 = { status = "403 Forbidden", body = "<h1>Invalid URL</h1>Sorry, we couldn't find what you were looking for :(" }; | |
| 17 local response_404 = { status = "404 Not Found", body = "<h1>Page Not Found</h1>Sorry, we couldn't find what you were looking for :(" }; | 19 local response_404 = { status = "404 Not Found", body = "<h1>Page Not Found</h1>Sorry, we couldn't find what you were looking for :(" }; |
| 18 | 20 |
| 19 local http_path = { http_base }; | 21 local http_path = { http_base }; |
| 20 local function handle_request(method, body, request) | 22 local function handle_request(method, body, request) |
| 21 local path = request.url.path:gsub("%.%.%/", ""):gsub("^/[^/]+", ""); | 23 local path = check_http_path(request.url.path:gsub("^/[^/]+%.*", "")); |
| 24 if not path then | |
| 25 return response_403; | |
| 26 end | |
| 22 http_path[2] = path; | 27 http_path[2] = path; |
| 23 local f, err = open(t_concat(http_path), "r"); | 28 local f, err = open(t_concat(http_path), "r"); |
| 24 if not f then return response_404; end | 29 if not f then return response_404; end |
| 25 local data = f:read("*a"); | 30 local data = f:read("*a"); |
| 26 f:close(); | 31 f:close(); |
| 27 return data; | 32 return data; |
| 28 end | 33 end |
| 29 | 34 |
| 30 local ports = config.get(module.host, "core", "http_ports") or { 5280 }; | 35 local ports = config.get(module.host, "core", "http_ports") or { 5280 }; |
| 31 httpserver.new_from_config(ports, "files", handle_request); | 36 httpserver.new_from_config(ports, "files", handle_request); |
| 37 | |
| 38 function check_http_path(url) | |
| 39 if url:sub(1,1) ~= "/" then | |
| 40 url = "/"..url; | |
| 41 end | |
| 42 | |
| 43 local level = 0; | |
| 44 for part in url:gmatch("%/([^/]+)") do | |
| 45 if part == ".." then | |
| 46 level = level - 1; | |
| 47 elseif part ~= "." then | |
| 48 level = level + 1; | |
| 49 end | |
| 50 if level < 0 then | |
| 51 return nil; | |
| 52 end | |
| 53 end | |
| 54 return url; | |
| 55 end |
