-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhttp-server-static.js
100 lines (78 loc) · 2.92 KB
/
http-server-static.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
// https://adrianmejia.com/building-a-node-js-static-file-server-files-over-http-using-es6/
const http = require('http');
const url = require('url');
const fs = require('fs');
const path = require('path');
const open = require('open');
const portscanner = require('portscanner');
//var port = process.argv[2] || 4001;
portscanner.findAPortNotInUse(3000,3999, '127.0.0.1', function(error, port) {
console.log('AVAILABLE PORT AT: ' + port)
// you can pass the parameter in the command line. e.g. node static_server.js 3000
// maps file extention to MIME types
// full list can be found here: https://www.freeformatter.com/mime-types-list.html
const mimeType = {
'.ico': 'image/x-icon'
,'.html': 'text/html'
,'.js': 'text/javascript'
,'.cjs': 'application/javascript'
,'.json': 'application/json'
,'.css': 'text/css'
,'.png': 'image/png'
,'.jpg': 'image/jpeg'
,'.wav': 'audio/wav'
,'.mp3': 'audio/mpeg'
,'.svg': 'image/svg+xml'
,'.pdf': 'application/pdf'
,'.zip': 'application/zip'
,'.doc': 'application/msword'
,'.eot': 'application/vnd.ms-fontobject'
,'.ttf': 'application/x-font-ttf'
//'.fit': 'application/octet-stream' // not needed. fit extension must be added as binary
};
http.createServer(function (req, res) {
console.log(`${req.method} ${req.url}`);
// parse URL
const parsedUrl = url.parse(req.url);
// extract URL path
// Avoid https://en.wikipedia.org/wiki/Directory_traversal_attack
// e.g curl --path-as-is http://localhost:9000/../fileInDanger.txt
// by limiting the path to current directory only
const sanitizePath = path.normalize(parsedUrl.pathname).replace(/^(\.\.[\/\\])+/, '');
let pathname = path.join(__dirname, sanitizePath);
//console.log("before: " + pathname);
pathname = pathname.replace(/LevelUp/g, '/../');
//console.log("after:" + pathname);
// the simplest, nο sanitizePath. does not work ?
//let pathname = path.join(__dirname, parsedUrl.pathname);
//dirty way
//if (path.parse(pathname).ext === ".fit")
// pathname = path.join(__dirname, '..', '..', sanitizePath);
fs.exists(pathname, function (exist) {
if(!exist) {
// if the file is not found, return 404
res.statusCode = 404;
res.end(`File ${pathname} not found!`);
return;
}
// if is a directory, then look for index.html
if (fs.statSync(pathname).isDirectory()) {
pathname += './index.html';
}
// read file from file system
fs.readFile(pathname, function(err, data){
if(err){
res.statusCode = 500;
res.end(`Error getting the file: ${err}.`);
} else {
// based on the URL path, extract the file extention. e.g. .js, .doc, ...
const ext = path.parse(pathname).ext;
res.setHeader('Content-type', mimeType[ext] || 'text/plain' );
res.end(data);
}
});
});
}).listen(parseInt(port));
console.log(`Server listening on port ${port}`);
open(`http://127.0.0.1:${port}/`)
})