/*----------------------------------------------------------------------
| PLT_DeviceData::SetURLBase
+---------------------------------------------------------------------*/
NPT_Result
PLT_DeviceData::SetURLBase(NPT_HttpUrl& url)
{
// only http scheme supported
m_URLBase.SetScheme(url.GetScheme());
// update port if any
if (url.GetPort() != NPT_URL_INVALID_PORT) m_URLBase.SetPort(url.GetPort());
// update host if any
if (!url.GetHost().IsEmpty()) m_URLBase.SetHost(url.GetHost());
// update path
NPT_String path = url.GetPath();
// remove trailing file according to RFC 2396
if (!path.EndsWith("/")) {
int index = path.ReverseFind('/');
if (index < 0) return NPT_FAILURE;
path.SetLength(index+1);
}
m_URLBase.SetPath(path, true);
return NPT_SUCCESS;
}
/*----------------------------------------------------------------------
| CUPnPRenderer::ProcessHttpRequest
+---------------------------------------------------------------------*/
NPT_Result
CUPnPRenderer::ProcessHttpGetRequest(NPT_HttpRequest& request,
const NPT_HttpRequestContext& context,
NPT_HttpResponse& response)
{
// get the address of who sent us some data back
NPT_String ip_address = context.GetRemoteAddress().GetIpAddress().ToString();
NPT_String method = request.GetMethod();
NPT_String protocol = request.GetProtocol();
NPT_HttpUrl url = request.GetUrl();
if (url.GetPath() == "/thumb") {
NPT_HttpUrlQuery query(url.GetQuery());
NPT_String filepath = query.GetField("path");
if (!filepath.IsEmpty()) {
NPT_HttpEntity* entity = response.GetEntity();
if (entity == NULL) return NPT_ERROR_INVALID_STATE;
// check the method
if (request.GetMethod() != NPT_HTTP_METHOD_GET &&
request.GetMethod() != NPT_HTTP_METHOD_HEAD) {
response.SetStatus(405, "Method Not Allowed");
return NPT_SUCCESS;
}
// prevent hackers from accessing files outside of our root
if ((filepath.Find("/..") >= 0) || (filepath.Find("\\..") >=0)) {
return NPT_FAILURE;
}
#if 1
std::string path;
//url
#else
// open the file
CStdString path = CURL::Decode((const char*) filepath);
#endif
NPT_File file(path.c_str());
NPT_Result result = file.Open(NPT_FILE_OPEN_MODE_READ);
if (NPT_FAILED(result)) {
response.SetStatus(404, "Not Found");
return NPT_SUCCESS;
}
NPT_InputStreamReference stream;
file.GetInputStream(stream);
entity->SetContentType(GetMimeType(filepath));
entity->SetInputStream(stream, true);
return NPT_SUCCESS;
}
}
return PLT_MediaRenderer::ProcessHttpGetRequest(request, context, response);
}
/*----------------------------------------------------------------------
| PLT_DeviceData::SetURLBase
+---------------------------------------------------------------------*/
NPT_Result
PLT_DeviceData::SetURLBase(NPT_HttpUrl& url)
{
// we're assuming param passed to be relative (Host/port not different than description)
m_URLBasePath = url.GetPath();
// remove trailing file according to RFC 2396
if (!m_URLBasePath.EndsWith("/")) {
int index = m_URLBasePath.ReverseFind('/');
if (index < 0) return NPT_FAILURE;
m_URLBasePath.SetLength(index+1);
}
return NPT_SUCCESS;
}