Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rewrite FilesystemHandler, improve file access and directory listing, support caching headers #8

Merged
merged 8 commits into from
Feb 10, 2021
Merged

Rewrite FilesystemHandler, improve file access and directory listing, support caching headers #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
c7200b9
Refactor Filesystem access into FilesystemHandler
clue Dec 31, 2020
1546c44
Improve directory listing with invalid UTF-8 and control bytes
clue Feb 8, 2021
682cc4c
Redirect file with trailing slash to remove superfluous slash
clue Feb 8, 2021
402f626
Reject invalid filesystem paths outside root or with invalid segments
clue Feb 8, 2021
715cc6d
Escape whitespace and special characters in filename listings
clue Feb 8, 2021
a8879e9
Support HTTP caching using `Last-Modified` response header
clue Feb 9, 2021
16eaa87
Use `Content-Type: text/plain` as default to match nginx/Apache
clue Feb 10, 2021
58bdd89
Support files as root for FilesystemHandler
clue Feb 10, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 3 additions & 4 deletions examples/index.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,12 +99,11 @@
);
});

$app->redirect('/test', '/');

//$app->cgi('/adminer.php', __DIR__ . '/adminer.php');

$app->fs('/source/', __DIR__);
//$app->redirect('/source', '/source/');
$app->get('/LICENSE', new Frugal\FilesystemHandler(dirname(__DIR__) . '/LICENSE'));
$app->get('/source/{path:.*}', new Frugal\FilesystemHandler(dirname(__DIR__)));
$app->redirect('/source', '/source/');

$app->run();
$loop->run();
11 changes: 0 additions & 11 deletions src/App.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,17 +86,6 @@ public function redirect($route, $target, $code = 302)
});
}

public function fs(string $route, string $path)
{
$this->get(
rtrim($route, '/') . '[/{path:.*}]',
new RemoveLeadingPath(
$route,
new FsHandler($path)
)
);
}

public function cgi(string $route, string $path)
{
if (\php_sapi_name() === 'cli') {
Expand Down
113 changes: 113 additions & 0 deletions src/FilesystemHandler.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
<?php

namespace Frugal;

use Psr\Http\Message\ServerRequestInterface;
use React\Http\Message\Response;

class FilesystemHandler
{
private $root;

public function __construct(string $root)
{
$this->root = $root;
}

public function __invoke(ServerRequestInterface $request)
{
$local = $request->getAttribute('path', '');
$path = \rtrim($this->root . '/' . $local, '/');

// local path should not contain "./", "../", "//" or null bytes or start with slash
$valid = !\preg_match('#(?:^|/)..?(?:$|/)|^/|//|\x00#', $local);

\clearstatcache();
if ($valid && \is_dir($path)) {
if ($local !== '' && \substr($local, -1) !== '/') {
return new Response(
302,
[
'Location' => \basename($path) . '/'
]
);
}

$response = '<strong>' . $this->escapeHtml($local === '' ? '/' : $local) . '</strong>' . "\n<ul>\n";

if ($local !== '') {
$response .= ' <li><a href="../">../</a></li>' . "\n";
}

$files = \scandir($path);
foreach ($files as $file) {
if ($file === '.' || $file === '..') {
continue;
}

$dir = \is_dir($path . '/' . $file) ? '/' : '';
$response .= ' <li><a href="' . \rawurlencode($file) . $dir . '">' . $this->escapeHtml($file) . $dir . '</a></li>' . "\n";
}
$response .= '</ul>' . "\n";

return new Response(
200,
[
'Content-Type' => 'text/html; charset=utf-8'
],
$response
);
} elseif ($valid && \is_file($path)) {
if ($local !== '' && \substr($local, -1) === '/') {
return new Response(
302,
[
'Location' => '../' . \basename($path)
]
);
}

// Assign default MIME type here (same as nginx/Apache).
// Should use mime database in the future with fallback to given default.
// Browers are pretty good at figuring out the correct type if no charset attribute is given.
$headers = [
'Content-Type' => 'text/plain'
];

$stat = @\stat($path);
if ($stat !== false) {
$headers['Last-Modified'] = \gmdate('D, d M Y H:i:s', $stat['mtime']) . ' GMT';

if ($request->getHeaderLine('If-Modified-Since') === $headers['Last-Modified']) {
return new Response(304);
}
}

return new Response(
200,
$headers,
\file_get_contents($path)
);
} else {
return new Response(
404,
[
'Content-Type' => 'text/plain; charset=utf-8'
],
"Error 404: Not Found\n"
);
}
}

private function escapeHtml(string $s): string
{
return \addcslashes(
\str_replace(
' ',
'&nbsp;',
\htmlspecialchars($s, \ENT_NOQUOTES | \ENT_SUBSTITUTE | \ENT_DISALLOWED, 'utf-8')
),
"\0..\032\\"
);
}
}
84 changes: 0 additions & 84 deletions src/FsHandler.php
View file
Open in desktop

This file was deleted.

28 changes: 0 additions & 28 deletions src/RemoveLeadingPath.php
View file
Open in desktop

This file was deleted.

Loading