fix the file httpserver to support hash-id blob hosting as well

2015-07-21 11:05:17 -05:00 · 2015-07-21 11:05:17 -05:00 · 27a985a4bc
commit 27a985a4bc
parent 99752271fe
3 changed files with 45 additions and 68 deletions
--- a/app/index.js
+++ b/app/index.js
@ -18,8 +18,8 @@ app.on('ready', function ready () {
    // setup blob and file serving
    var blobs = require('./lib/blobs')(sbot, app.getPath('userDesktop'))
    require('protocol').registerProtocol('blob', blobs.protocol)
-    http.createServer(blobs.server).listen(7777)
-    http.createServer(require('./lib/files').server).listen(7778)
+    http.createServer(blobs.server({ serveFiles: false })).listen(7777)
+    http.createServer(blobs.server({ serveFiles: true })).listen(7778)

    // open main window
    var mainWindow = windows.open(
--- a/app/lib/blobs.js
+++ b/app/lib/blobs.js
@ -71,11 +71,9 @@ module.exports = function (sbot, checkout_dir) {
      })
    },

-    server: function (req, res) {
-      // function toBuffer() {
-      //   return pull.map(function (s) { return Buffer.isBuffer(s) ? s : new Buffer(s, 'base64') })
-      // }
-
+    server: function (opts) {
+      opts = opts || {}
+      return function (req, res) {
        // local-host only
        if (req.socket.remoteAddress != '127.0.0.1' &&
            req.socket.remoteAddress != '::ffff:127.0.0.1' &&
@ -94,7 +92,18 @@ module.exports = function (sbot, checkout_dir) {
          "sandbox allow-same-origin allow-scripts"
        )

-      var hash = req.url.slice(1)
+        if (req.url.slice(-7) != '.sha256' && opts.serveFiles) {
+          // try to serve from local FS if the path is not a supported hash
+          return fs.createReadStream(req.url)
+            .on('error', function () {
+              res.writeHead(404)
+              res.end('File not found')
+            })
+            .pipe(res)
+        }
+
+        // serve blob
+        var hash = req.url.slice(-51) // hash ids are 51 chars long
        sbot.blobs.has(hash, function(err, has) {
          if (!has) {
            res.writeHead(404)
@ -103,12 +112,12 @@ module.exports = function (sbot, checkout_dir) {
          }
          pull(
            sbot.blobs.get(hash),
-          // toBuffer(),
            toPull(res)
          )
        })
      }
    }
+  }

  // helper to create a filename in checkout_dir that isnt already in use
  // - cb(err, filepath, nocopy) - if nocopy==true, no need to do the copy operation
--- a/app/lib/files.js
+++ b/app/lib/files.js
@ -1,32 +0,0 @@
-var path = require('path')
-var fs   = require('fs')
-
-exports.server = function (req, res) {
-  // function toBuffer() {
-  //   return pull.map(function (s) { return Buffer.isBuffer(s) ? s : new Buffer(s, 'base64') })
-  // }
-  // local-host only
-  if (req.socket.remoteAddress != '127.0.0.1' &&
-      req.socket.remoteAddress != '::ffff:127.0.0.1' &&
-      req.socket.remoteAddress != '::1') {
-    console.log('Remote access attempted by', req.socket.remoteAddress)
-    res.writeHead(403)
-    return res.end('Remote access forbidden')
-  }
-
-  // restrict the CSP
-  res.setHeader('Content-Security-Policy', 
-    "default-src 'self' localhost:7777 'unsafe-inline' 'unsafe-eval' data:; "+
-    "connect-src 'self'; "+
-    "object-src 'none'; "+
-    "frame-src 'none'; "+
-    "sandbox allow-same-origin allow-scripts"
-  )
-
-  fs.createReadStream(req.url)
-    .on('error', function () {
-      res.writeHead(404)
-      res.end('File not found')
-    })
-    .pipe(res)
-}