FileServerHandler update

This commit is contained in:
Gravit 2018-10-02 19:20:57 +07:00
parent 275305b16c
commit 111ebd2f19

View file

@ -31,6 +31,7 @@
import java.io.RandomAccessFile; import java.io.RandomAccessFile;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.net.URLDecoder; import java.net.URLDecoder;
import java.nio.file.Path;
import java.text.SimpleDateFormat; import java.text.SimpleDateFormat;
import java.util.Calendar; import java.util.Calendar;
import java.util.Date; import java.util.Date;
@ -47,15 +48,16 @@ public class FileServerHandler extends SimpleChannelInboundHandler<FullHttpReque
public static final String HTTP_DATE_FORMAT = "EEE, dd MMM yyyy HH:mm:ss zzz"; public static final String HTTP_DATE_FORMAT = "EEE, dd MMM yyyy HH:mm:ss zzz";
public static final String HTTP_DATE_GMT_TIMEZONE = "GMT"; public static final String HTTP_DATE_GMT_TIMEZONE = "GMT";
public static final String READ = "r";
public static final int HTTP_CACHE_SECONDS = 60; public static final int HTTP_CACHE_SECONDS = 60;
private final File base; private final Path base;
private final boolean fullOut; private final boolean fullOut;
public FileServerHandler(Path base, boolean fullOut) {
this.base = base;
this.fullOut = fullOut;
}
public FileServerHandler(File base, boolean fullOut) {
this.base = base;
this.fullOut = fullOut;
}
@Override @Override
public void channelRead0(ChannelHandlerContext ctx, FullHttpRequest request) throws Exception { public void channelRead0(ChannelHandlerContext ctx, FullHttpRequest request) throws Exception {
if (!request.decoderResult().isSuccess()) { if (!request.decoderResult().isSuccess()) {
@ -75,20 +77,20 @@ public void channelRead0(ChannelHandlerContext ctx, FullHttpRequest request) thr
return; return;
} }
File file = new File(base, path); File file = base.resolve(path).toFile();
if (file.isHidden() || !file.exists()) { if (file.isHidden() || !file.exists()) {
sendError(ctx, NOT_FOUND); sendError(ctx, NOT_FOUND);
return; return;
} }
if (file.isDirectory()) { if (file.isDirectory()) {
if (fullOut) { if (fullOut) {
if (uri.endsWith("/")) { if (uri.endsWith("/")) {
sendListing(ctx, file, uri); sendListing(ctx, file, uri);
} else { } else {
sendRedirect(ctx, uri + '/'); sendRedirect(ctx, uri + '/');
} }
} else sendError(ctx, FORBIDDEN); } else sendError(ctx, FORBIDDEN);
return; return;
} }
@ -115,7 +117,7 @@ public void channelRead0(ChannelHandlerContext ctx, FullHttpRequest request) thr
RandomAccessFile raf; RandomAccessFile raf;
try { try {
raf = new RandomAccessFile(file, "r"); raf = new RandomAccessFile(file, READ);
} catch (FileNotFoundException ignore) { } catch (FileNotFoundException ignore) {
sendError(ctx, NOT_FOUND); sendError(ctx, NOT_FOUND);
return; return;
@ -200,9 +202,9 @@ private static String sanitizeUri(String uri) {
// Simplistic dumb security check. // Simplistic dumb security check.
// You will have to do something serious in the production environment. // You will have to do something serious in the production environment.
if (uri.contains(File.separator + '.') || if (uri.contains(File.separator + '.') ||
uri.contains('.' + File.separator) || uri.contains('.' + File.separator) ||
uri.charAt(0) == '.' || uri.charAt(uri.length() - 1) == '.' || uri.charAt(0) == '.' || uri.charAt(uri.length() - 1) == '.' ||
INSECURE_URI.matcher(uri).matches()) { INSECURE_URI.matcher(uri).matches()) {
return null; return null;
} }
@ -217,18 +219,18 @@ private static void sendListing(ChannelHandlerContext ctx, File dir, String dirP
response.headers().set(HttpHeaderNames.CONTENT_TYPE, "text/html; charset=UTF-8"); response.headers().set(HttpHeaderNames.CONTENT_TYPE, "text/html; charset=UTF-8");
StringBuilder buf = new StringBuilder() StringBuilder buf = new StringBuilder()
.append("<!DOCTYPE html>\r\n") .append("<!DOCTYPE html>\r\n")
.append("<html><head><meta charset='utf-8' /><title>") .append("<html><head><meta charset='utf-8' /><title>")
.append("Listing of: ") .append("Listing of: ")
.append(dirPath) .append(dirPath)
.append("</title></head><body>\r\n") .append("</title></head><body>\r\n")
.append("<h3>Listing of: ") .append("<h3>Listing of: ")
.append(dirPath) .append(dirPath)
.append("</h3>\r\n") .append("</h3>\r\n")
.append("<ul>") .append("<ul>")
.append("<li><a href=\"../\">..</a></li>\r\n"); .append("<li><a href=\"../\">..</a></li>\r\n");
for (File f: dir.listFiles()) { for (File f: dir.listFiles()) {
if (f.isHidden() || !f.canRead()) { if (f.isHidden() || !f.canRead()) {
@ -241,10 +243,10 @@ private static void sendListing(ChannelHandlerContext ctx, File dir, String dirP
} }
buf.append("<li><a href=\"") buf.append("<li><a href=\"")
.append(name) .append(name)
.append("\">") .append("\">")
.append(name) .append(name)
.append("</a></li>\r\n"); .append("</a></li>\r\n");
} }
buf.append("</ul></body></html>\r\n"); buf.append("</ul></body></html>\r\n");