2015-09-20 10:34:23 +08:00
|
|
|
package middleware
|
2015-03-25 11:55:51 +08:00
|
|
|
|
|
|
|
import (
|
2016-04-02 05:24:04 +08:00
|
|
|
"fmt"
|
2015-03-25 11:55:51 +08:00
|
|
|
"net/http"
|
2015-03-29 06:49:42 +08:00
|
|
|
"os"
|
2015-03-25 11:55:51 +08:00
|
|
|
"path"
|
2016-03-11 22:39:13 +08:00
|
|
|
"path/filepath"
|
2015-03-25 11:55:51 +08:00
|
|
|
"strings"
|
|
|
|
)
|
|
|
|
|
2015-09-20 10:34:23 +08:00
|
|
|
// This file contains a standard way for Caddy middleware
|
|
|
|
// to load files from the file system given a request
|
|
|
|
// URI and path to site root. Other middleware that load
|
|
|
|
// files should use these facilities.
|
|
|
|
|
|
|
|
// FileServer implements a production-ready file server
|
|
|
|
// and is the 'default' handler for all requests to Caddy.
|
|
|
|
// It simply loads and serves the URI requested. If Caddy is
|
|
|
|
// run without any extra configuration/directives, this is the
|
|
|
|
// only middleware handler that runs. It is not in its own
|
|
|
|
// folder like most other middleware handlers because it does
|
|
|
|
// not require a directive. It is a special case.
|
|
|
|
//
|
2015-05-25 10:52:34 +08:00
|
|
|
// FileServer is adapted from the one in net/http by
|
2015-04-13 07:44:02 +08:00
|
|
|
// the Go authors. Significant modifications have been made.
|
|
|
|
//
|
2015-09-20 10:34:23 +08:00
|
|
|
// Original license:
|
2015-03-25 11:55:51 +08:00
|
|
|
//
|
|
|
|
// Copyright 2009 The Go Authors. All rights reserved.
|
|
|
|
// Use of this source code is governed by a BSD-style
|
|
|
|
// license that can be found in the LICENSE file.
|
2015-09-20 10:34:23 +08:00
|
|
|
func FileServer(root http.FileSystem, hide []string) Handler {
|
2015-04-13 07:44:02 +08:00
|
|
|
return &fileHandler{root: root, hide: hide}
|
2015-03-25 11:55:51 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
type fileHandler struct {
|
|
|
|
root http.FileSystem
|
2015-04-13 07:44:02 +08:00
|
|
|
hide []string // list of files to treat as "Not Found"
|
2015-03-25 11:55:51 +08:00
|
|
|
}
|
|
|
|
|
2015-05-25 10:52:34 +08:00
|
|
|
func (fh *fileHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) {
|
2015-03-25 11:55:51 +08:00
|
|
|
upath := r.URL.Path
|
|
|
|
if !strings.HasPrefix(upath, "/") {
|
|
|
|
upath = "/" + upath
|
|
|
|
r.URL.Path = upath
|
|
|
|
}
|
2016-03-12 06:11:21 +08:00
|
|
|
return fh.serveFile(w, r, path.Clean(upath))
|
2015-03-25 11:55:51 +08:00
|
|
|
}
|
|
|
|
|
2015-05-25 10:52:34 +08:00
|
|
|
// serveFile writes the specified file to the HTTP response.
|
2015-03-25 11:55:51 +08:00
|
|
|
// name is '/'-separated, not filepath.Separator.
|
2015-04-13 07:44:02 +08:00
|
|
|
func (fh *fileHandler) serveFile(w http.ResponseWriter, r *http.Request, name string) (int, error) {
|
2016-03-12 06:11:21 +08:00
|
|
|
// Prevent absolute path access on Windows.
|
|
|
|
// TODO remove when stdlib http.Dir fixes this.
|
|
|
|
if runtimeGoos == "windows" {
|
|
|
|
if filepath.IsAbs(name[1:]) {
|
|
|
|
return http.StatusNotFound, nil
|
|
|
|
}
|
|
|
|
}
|
2015-04-13 07:44:02 +08:00
|
|
|
f, err := fh.root.Open(name)
|
2015-03-25 11:55:51 +08:00
|
|
|
if err != nil {
|
2015-05-01 00:14:58 +08:00
|
|
|
if os.IsNotExist(err) {
|
|
|
|
return http.StatusNotFound, nil
|
2015-05-01 01:58:38 +08:00
|
|
|
} else if os.IsPermission(err) {
|
|
|
|
return http.StatusForbidden, err
|
2015-03-29 06:49:42 +08:00
|
|
|
}
|
2015-05-01 00:14:58 +08:00
|
|
|
// Likely the server is under load and ran out of file descriptors
|
|
|
|
w.Header().Set("Retry-After", "5") // TODO: 5 seconds enough delay? Or too much?
|
|
|
|
return http.StatusServiceUnavailable, err
|
2015-03-25 11:55:51 +08:00
|
|
|
}
|
|
|
|
defer f.Close()
|
|
|
|
|
2015-10-21 06:25:38 +08:00
|
|
|
d, err := f.Stat()
|
|
|
|
if err != nil {
|
2015-05-01 01:58:38 +08:00
|
|
|
if os.IsNotExist(err) {
|
2015-05-01 00:14:58 +08:00
|
|
|
return http.StatusNotFound, nil
|
2015-05-01 01:58:38 +08:00
|
|
|
} else if os.IsPermission(err) {
|
|
|
|
return http.StatusForbidden, err
|
2015-03-29 06:49:42 +08:00
|
|
|
}
|
2015-05-01 00:14:58 +08:00
|
|
|
// Return a different status code than above so as to distinguish these cases
|
|
|
|
return http.StatusInternalServerError, err
|
2015-03-25 11:55:51 +08:00
|
|
|
}
|
|
|
|
|
2015-04-19 03:24:54 +08:00
|
|
|
// redirect to canonical path
|
|
|
|
url := r.URL.Path
|
|
|
|
if d.IsDir() {
|
|
|
|
// Ensure / at end of directory url
|
|
|
|
if url[len(url)-1] != '/' {
|
|
|
|
redirect(w, r, path.Base(url)+"/")
|
|
|
|
return http.StatusMovedPermanently, nil
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
// Ensure no / at end of file url
|
|
|
|
if url[len(url)-1] == '/' {
|
|
|
|
redirect(w, r, "../"+path.Base(url))
|
|
|
|
return http.StatusMovedPermanently, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-03-25 11:55:51 +08:00
|
|
|
// use contents of an index file, if present, for directory
|
|
|
|
if d.IsDir() {
|
2015-09-20 10:34:23 +08:00
|
|
|
for _, indexPage := range IndexPages {
|
2015-03-25 11:55:51 +08:00
|
|
|
index := strings.TrimSuffix(name, "/") + "/" + indexPage
|
2015-04-13 07:44:02 +08:00
|
|
|
ff, err := fh.root.Open(index)
|
2015-03-25 11:55:51 +08:00
|
|
|
if err == nil {
|
2016-03-13 07:32:12 +08:00
|
|
|
// this defer does not leak fds because previous iterations
|
|
|
|
// of the loop must have had an err, so nothing to close
|
2015-03-25 11:55:51 +08:00
|
|
|
defer ff.Close()
|
|
|
|
dd, err := ff.Stat()
|
|
|
|
if err == nil {
|
|
|
|
name = index
|
|
|
|
d = dd
|
|
|
|
f = ff
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Still a directory? (we didn't find an index file)
|
2015-03-29 06:49:42 +08:00
|
|
|
// Return 404 to hide the fact that the folder exists
|
2015-03-25 11:55:51 +08:00
|
|
|
if d.IsDir() {
|
2015-03-29 06:49:42 +08:00
|
|
|
return http.StatusNotFound, nil
|
2015-03-25 11:55:51 +08:00
|
|
|
}
|
|
|
|
|
2016-03-12 06:11:21 +08:00
|
|
|
// If file is on hide list.
|
2016-03-13 00:47:53 +08:00
|
|
|
if fh.isHidden(d) {
|
2016-03-12 06:11:21 +08:00
|
|
|
return http.StatusNotFound, nil
|
|
|
|
}
|
|
|
|
|
2016-04-02 05:24:04 +08:00
|
|
|
// Add ETag header
|
2016-04-04 03:14:10 +08:00
|
|
|
e := fmt.Sprintf(`W/"%x-%x"`, d.ModTime().Unix(), d.Size())
|
|
|
|
w.Header().Set("ETag", e)
|
2016-04-02 05:24:04 +08:00
|
|
|
|
2016-03-12 06:11:21 +08:00
|
|
|
// Note: Errors generated by ServeContent are written immediately
|
|
|
|
// to the response. This usually only happens if seeking fails (rare).
|
|
|
|
http.ServeContent(w, r, d.Name(), d.ModTime(), f)
|
|
|
|
|
|
|
|
return http.StatusOK, nil
|
|
|
|
}
|
|
|
|
|
2016-03-13 00:47:53 +08:00
|
|
|
// isHidden checks if file with FileInfo d is on hide list.
|
|
|
|
func (fh fileHandler) isHidden(d os.FileInfo) bool {
|
2015-04-13 07:44:02 +08:00
|
|
|
// If the file is supposed to be hidden, return a 404
|
|
|
|
// (TODO: If the slice gets large, a set may be faster)
|
|
|
|
for _, hiddenPath := range fh.hide {
|
2016-03-13 00:47:53 +08:00
|
|
|
// Check if the served file is exactly the hidden file.
|
|
|
|
if hFile, err := fh.root.Open(hiddenPath); err == nil {
|
|
|
|
fs, _ := hFile.Stat()
|
|
|
|
hFile.Close()
|
|
|
|
if os.SameFile(d, fs) {
|
|
|
|
return true
|
|
|
|
}
|
2015-04-13 07:44:02 +08:00
|
|
|
}
|
|
|
|
}
|
2016-03-12 06:11:21 +08:00
|
|
|
return false
|
2015-03-25 11:55:51 +08:00
|
|
|
}
|
2015-04-19 03:24:54 +08:00
|
|
|
|
|
|
|
// redirect is taken from http.localRedirect of the std lib. It
|
|
|
|
// sends an HTTP redirect to the client but will preserve the
|
|
|
|
// query string for the new path.
|
|
|
|
func redirect(w http.ResponseWriter, r *http.Request, newPath string) {
|
|
|
|
if q := r.URL.RawQuery; q != "" {
|
|
|
|
newPath += "?" + q
|
|
|
|
}
|
|
|
|
http.Redirect(w, r, newPath, http.StatusMovedPermanently)
|
|
|
|
}
|
2015-09-20 10:34:23 +08:00
|
|
|
|
|
|
|
// IndexPages is a list of pages that may be understood as
|
|
|
|
// the "index" files to directories.
|
|
|
|
var IndexPages = []string{
|
|
|
|
"index.html",
|
|
|
|
"index.htm",
|
|
|
|
"index.txt",
|
|
|
|
"default.html",
|
|
|
|
"default.htm",
|
|
|
|
"default.txt",
|
|
|
|
}
|