fix the file httpserver to support hash-id blob hosting as well

This commit is contained in:
Paul Frazee 2015-07-21 11:05:17 -05:00
parent 99752271fe
commit 27a985a4bc
3 changed files with 45 additions and 68 deletions

View File

@ -18,8 +18,8 @@ app.on('ready', function ready () {
// setup blob and file serving // setup blob and file serving
var blobs = require('./lib/blobs')(sbot, app.getPath('userDesktop')) var blobs = require('./lib/blobs')(sbot, app.getPath('userDesktop'))
require('protocol').registerProtocol('blob', blobs.protocol) require('protocol').registerProtocol('blob', blobs.protocol)
http.createServer(blobs.server).listen(7777) http.createServer(blobs.server({ serveFiles: false })).listen(7777)
http.createServer(require('./lib/files').server).listen(7778) http.createServer(blobs.server({ serveFiles: true })).listen(7778)
// open main window // open main window
var mainWindow = windows.open( var mainWindow = windows.open(

View File

@ -71,42 +71,51 @@ module.exports = function (sbot, checkout_dir) {
}) })
}, },
server: function (req, res) { server: function (opts) {
// function toBuffer() { opts = opts || {}
// return pull.map(function (s) { return Buffer.isBuffer(s) ? s : new Buffer(s, 'base64') }) return function (req, res) {
// } // local-host only
if (req.socket.remoteAddress != '127.0.0.1' &&
// local-host only req.socket.remoteAddress != '::ffff:127.0.0.1' &&
if (req.socket.remoteAddress != '127.0.0.1' && req.socket.remoteAddress != '::1') {
req.socket.remoteAddress != '::ffff:127.0.0.1' && console.log('Remote access attempted by', req.socket.remoteAddress)
req.socket.remoteAddress != '::1') { res.writeHead(403)
console.log('Remote access attempted by', req.socket.remoteAddress) return res.end('Remote access forbidden')
res.writeHead(403)
return res.end('Remote access forbidden')
}
// restrict the CSP
res.setHeader('Content-Security-Policy',
"default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; "+
"connect-src 'self'; "+
"object-src 'none'; "+
"frame-src 'none'; "+
"sandbox allow-same-origin allow-scripts"
)
var hash = req.url.slice(1)
sbot.blobs.has(hash, function(err, has) {
if (!has) {
res.writeHead(404)
res.end('File not found')
return
} }
pull(
sbot.blobs.get(hash), // restrict the CSP
// toBuffer(), res.setHeader('Content-Security-Policy',
toPull(res) "default-src 'self' 'unsafe-inline' 'unsafe-eval' data:; "+
"connect-src 'self'; "+
"object-src 'none'; "+
"frame-src 'none'; "+
"sandbox allow-same-origin allow-scripts"
) )
})
if (req.url.slice(-7) != '.sha256' && opts.serveFiles) {
// try to serve from local FS if the path is not a supported hash
return fs.createReadStream(req.url)
.on('error', function () {
res.writeHead(404)
res.end('File not found')
})
.pipe(res)
}
// serve blob
var hash = req.url.slice(-51) // hash ids are 51 chars long
sbot.blobs.has(hash, function(err, has) {
if (!has) {
res.writeHead(404)
res.end('File not found')
return
}
pull(
sbot.blobs.get(hash),
toPull(res)
)
})
}
} }
} }

View File

@ -1,32 +0,0 @@
var path = require('path')
var fs = require('fs')
exports.server = function (req, res) {
// function toBuffer() {
// return pull.map(function (s) { return Buffer.isBuffer(s) ? s : new Buffer(s, 'base64') })
// }
// local-host only
if (req.socket.remoteAddress != '127.0.0.1' &&
req.socket.remoteAddress != '::ffff:127.0.0.1' &&
req.socket.remoteAddress != '::1') {
console.log('Remote access attempted by', req.socket.remoteAddress)
res.writeHead(403)
return res.end('Remote access forbidden')
}
// restrict the CSP
res.setHeader('Content-Security-Policy',
"default-src 'self' localhost:7777 'unsafe-inline' 'unsafe-eval' data:; "+
"connect-src 'self'; "+
"object-src 'none'; "+
"frame-src 'none'; "+
"sandbox allow-same-origin allow-scripts"
)
fs.createReadStream(req.url)
.on('error', function () {
res.writeHead(404)
res.end('File not found')
})
.pipe(res)
}