UNPKG

cody

Version:

Cody CMS

github.com/jcoppieters/cody

jcoppieters/cody

87 lines (70 loc) 2.44 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
// // Johan Coppieters - jan 2013 - jWorks // // console.log("loading " + module.id); var libpath = require("path"), http = require("http"), fs = require("fs"), url = require("url"), mime = require("mime"), cody = require("../index.js"); var maxCacheAge = 600; // 10 minutes ??? function generate404(resp) { resp.writeHead(404, { "Content-Type": "text/plain" }); resp.write("404 Not Found\n"); resp.end(); } function Dynamic(req, res, path, prefix) { this.request = req; this.response = res; this.path = path; this.prefix = prefix || ""; } module.exports = Dynamic; Dynamic.prototype.serve = function () { var self = this; var uri = url.parse(self.request.url).pathname; // remove prefix if (self.prefix && (uri.indexOf("/"+self.prefix) === 0)) { uri = uri.substring(self.prefix.length+1); } var ip = self.request.headers['x-forwarded-for'] || self.request.connection.remoteAddress || self.request.socket.remoteAddress || self.request.connection.socket.remoteAddress; console.log("--LOG--D--|" + ip + "|" + new Date() + "|" + self.request.headers['host'] + "|" + self.request._parsedUrl.pathname); uri = uri.replace("data/", ""); var filename = libpath.normalize(libpath.join(this.path, uri)); // check for malicious paths -- thanks to Tom Hunkapiller if (filename.indexOf(this.path) !== 0) { console.log("Dynamic.serve -> malicious path: " + uri); generate404(self.response); return; } // check if this file exists fs.exists(filename, function (exists) { if (!exists) { console.log("Dynamic.serve -> file not found: " + filename); generate404(self.response); return; } fs.readFile(filename, "binary", function (err, file) { if (err) { console.log("Dynamic.serve -> error reading: " + filename + " - " + err); self.response.writeHead(500, { "Content-Type": "text/plain" }); self.response.write(err + "\n"); self.response.end(); return; } var type = mime.lookup(filename); console.log("Dynamic.serve -> reading: " + filename + " - " + file.length + " bytes as " + type); self.response.writeHead(200, { "Content-Type": type, "Cache-Control": "public, max-age=" + maxCacheAge }); self.response.write(file, "binary"); self.response.end(); }); }); };