void WebProcessor::Dispatch() { if (*m_szUrl != '/') { SendErrorResponse(ERR_HTTP_BAD_REQUEST); return; } if (XmlRpcProcessor::IsRpcRequest(m_szUrl)) { XmlRpcProcessor processor; processor.SetRequest(m_szRequest); processor.SetHttpMethod(m_eHttpMethod == hmGet ? XmlRpcProcessor::hmGet : XmlRpcProcessor::hmPost); processor.SetUserAccess((XmlRpcProcessor::EUserAccess)m_eUserAccess); processor.SetUrl(m_szUrl); processor.Execute(); SendBodyResponse(processor.GetResponse(), strlen(processor.GetResponse()), processor.GetContentType()); return; } if (Util::EmptyStr(g_pOptions->GetWebDir())) { SendErrorResponse(ERR_HTTP_SERVICE_UNAVAILABLE); return; } if (m_eHttpMethod != hmGet) { SendErrorResponse(ERR_HTTP_BAD_REQUEST); return; } // for security reasons we allow only characters "0..9 A..Z a..z . - _ /" in the URLs // we also don't allow ".." in the URLs for (char *p = m_szUrl; *p; p++) { if (!((*p >= '0' && *p <= '9') || (*p >= 'A' && *p <= 'Z') || (*p >= 'a' && *p <= 'z') || *p == '.' || *p == '-' || *p == '_' || *p == '/') || (*p == '.' && p[1] == '.')) { SendErrorResponse(ERR_HTTP_NOT_FOUND); return; } } const char *szDefRes = ""; if (m_szUrl[strlen(m_szUrl)-1] == '/') { // default file in directory (if not specified) is "index.html" szDefRes = "index.html"; } char disk_filename[1024]; snprintf(disk_filename, sizeof(disk_filename), "%s%s%s", g_pOptions->GetWebDir(), m_szUrl + 1, szDefRes); disk_filename[sizeof(disk_filename)-1] = '\0'; SendFileResponse(disk_filename); }
void WebProcessor::SendFileResponse(const char* filename) { debug("serving file: %s", filename); CharBuffer body; if (!FileSystem::LoadFileIntoBuffer(filename, body, false)) { // do not print warnings "404 not found" for certain files bool ignorable = !strcmp(filename, "package-info.json") || !strcmp(filename, "favicon.ico") || !strncmp(filename, "apple-touch-icon", 16); SendErrorResponse(ERR_HTTP_NOT_FOUND, ignorable); return; } SendBodyResponse(body, body.Size(), DetectContentType(filename)); }
void WebProcessor::SendFileResponse(const char* szFilename) { debug("serving file: %s", szFilename); char *szBody; int iBodyLen; if (!Util::LoadFileIntoBuffer(szFilename, &szBody, &iBodyLen)) { SendErrorResponse(ERR_HTTP_NOT_FOUND); return; } // "LoadFileIntoBuffer" adds a trailing NULL, which we don't need here iBodyLen--; SendBodyResponse(szBody, iBodyLen, DetectContentType(szFilename)); free(szBody); }