X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_httpd.cpp;h=f3ec3298bd8823b154b4c9fb5017159ba7bea800;hb=HEAD;hp=7b2487d1c14d4c208a4ee6f98ba68924e1bc4058;hpb=0e7e1ea3935e48a5093be4ccf2371a344f30bba0;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_httpd.cpp b/src/modules/m_httpd.cpp index 7b2487d1c..f3ec3298b 100644 --- a/src/modules/m_httpd.cpp +++ b/src/modules/m_httpd.cpp @@ -3,9 +3,9 @@ * * Copyright (C) 2019 linuxdaemon * Copyright (C) 2018 edef - * Copyright (C) 2013-2014, 2017-2019 Sadie Powell + * Copyright (C) 2013-2014, 2017-2020 Sadie Powell * Copyright (C) 2012-2016 Attila Molnar - * Copyright (C) 2012, 2019 Robby + * Copyright (C) 2012 Robby * Copyright (C) 2009 Uli Schlachter * Copyright (C) 2009 Daniel De Graaf * Copyright (C) 2008 Robin Burchell @@ -264,14 +264,18 @@ class HttpServerSocket : public BufferedSocket, public Timer, public insp::intru Close(); } - void SendHTTPError(unsigned int response) + void SendHTTPError(unsigned int response, const char* errstr = NULL) { + if (!errstr) + errstr = http_status_str((http_status)response); + + ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Sending HTTP error %u: %s", response, errstr); static HTTPHeaders empty; std::string data = InspIRCd::Format( "" "

Error %u

%s

" "Powered by InspIRCd", - response, http_status_str((http_status)response)); + response, errstr); Page(data, response, &empty); } @@ -289,7 +293,7 @@ class HttpServerSocket : public BufferedSocket, public Timer, public insp::intru else rheaders.RemoveHeader("Content-Type"); - /* Supporting Connection: keep-alive causes a whole world of hurt syncronizing timeouts, + /* Supporting Connection: keep-alive causes a whole world of hurt synchronizing timeouts, * so remove it, its not essential for what we need. */ rheaders.SetHeader("Connection", "Close"); @@ -303,8 +307,10 @@ class HttpServerSocket : public BufferedSocket, public Timer, public insp::intru if (parser.upgrade || HTTP_PARSER_ERRNO(&parser)) return; http_parser_execute(&parser, &parser_settings, recvq.data(), recvq.size()); - if (parser.upgrade || HTTP_PARSER_ERRNO(&parser)) + if (parser.upgrade) SendHTTPError(status_code ? status_code : 400); + else if (HTTP_PARSER_ERRNO(&parser)) + SendHTTPError(status_code ? status_code : 400, http_errno_description((http_errno)parser.http_errno)); } void ServeData() @@ -345,7 +351,32 @@ class HttpServerSocket : public BufferedSocket, public Timer, public insp::intru return false; if (url.field_set & (1 << UF_PATH)) - out.path = uri.substr(url.field_data[UF_PATH].off, url.field_data[UF_PATH].len); + { + // Normalise the path. + std::vector pathsegments; + irc::sepstream pathstream(uri.substr(url.field_data[UF_PATH].off, url.field_data[UF_PATH].len), '/'); + for (std::string pathsegment; pathstream.GetToken(pathsegment); ) + { + if (pathsegment == ".") + { + // Stay at the current level. + continue; + } + + if (pathsegment == "..") + { + // Traverse up to the previous level. + if (!pathsegments.empty()) + pathsegments.pop_back(); + continue; + } + + pathsegments.push_back(pathsegment); + } + + out.path.reserve(url.field_data[UF_PATH].len); + out.path.append("/").append(stdalgo::string::join(pathsegments, '/')); + } if (url.field_set & (1 << UF_FRAGMENT)) out.fragment = uri.substr(url.field_data[UF_FRAGMENT].off, url.field_data[UF_FRAGMENT].len); @@ -451,7 +482,7 @@ class ModuleHttpServer : public Module Version GetVersion() CXX11_OVERRIDE { - return Version("Provides HTTP serving facilities to modules", VF_VENDOR); + return Version("Allows the server administrator to serve various useful resources over HTTP.", VF_VENDOR); } };