diff --git a/LaunchServer/src/main/java/ru/gravit/launchserver/fileserver/FileServerHandler.java b/LaunchServer/src/main/java/ru/gravit/launchserver/fileserver/FileServerHandler.java index 5127fdfb..2aa9f169 100644 --- a/LaunchServer/src/main/java/ru/gravit/launchserver/fileserver/FileServerHandler.java +++ b/LaunchServer/src/main/java/ru/gravit/launchserver/fileserver/FileServerHandler.java @@ -90,7 +90,7 @@ public void channelRead0(ChannelHandlerContext ctx, FullHttpRequest request) thr } else { sendRedirect(ctx, uri + '/'); } - } else sendError(ctx, FORBIDDEN); + } else sendError(ctx, NOT_FOUND); // can not handle dirs return; } @@ -197,7 +197,7 @@ private static String sanitizeUri(String uri) { } // Convert file separators. - uri = uri.replace('/', File.separatorChar); + uri = uri.replace(File.separatorChar, '/'); // Simplistic dumb security check. // You will have to do something serious in the production environment. @@ -207,9 +207,7 @@ private static String sanitizeUri(String uri) { INSECURE_URI.matcher(uri).matches()) { return null; } - - // Convert to absolute path. - return SystemPropertyUtil.get("user.dir") + File.separator + uri; + return uri.substring(1); } private static final Pattern ALLOWED_FILE_NAME = Pattern.compile("[^-\\._]?[^<>&\\\"]*");