Esempio n. 1
0
  protected void setCaching(HttpExchange he, String type, File f) {
    if (Settings.getInstance().enable("Caching.Enabled")) {
      // We're cool, so cache publically by default
      he.setResponseHeader("Last-Modified", HttpFields.formatDate(f.lastModified()));

      if (type.startsWith("text/") || Settings.getInstance().enable("Caching.MandatoryRecheck")) {
        he.setResponseHeader("Cache-Control", "public, max-age=0");
      } else {
        // Content files do not need to be rechecked every time
        he.setResponseHeader("Cache-Control", "public, max-age=86400");
      }
    }
  }
Esempio n. 2
0
  @Override
  public void handle(HttpExchange he) throws IOException {
    String requestMethod = he.getRequestMethod();

    if (requestMethod.equalsIgnoreCase("GET")) {
      try (OutputStream responseBody = he.getResponseBody()) {
        String requestURI = "";
        if (ppi != null) {
          requestURI = ppi.getRewrittenPath(he.getRequestURI());
        } else {
          requestURI = he.getRequestURI();
        }

        if (requestURI.equals("/") && searchForIndex) {
          requestURI += "index.html";
        }
        String filePath = getRootFolder() + requestURI;

        // Strip out ../ and ./
        Path normalized = Paths.get(filePath);
        normalized = normalized.normalize();
        path = normalized.toString();

        File f = new File(filePath);
        if (!f.exists() || f.isDirectory()) {
          Logger.getLogger(getClass()).log(Level.INFO, "404 " + filePath);
          he.sendResponseHeaders(404);
          he.close();
          return;
        }

        Session session = Sessions.getInstance().getSession(he.getRequest().getSession().getId());
        boolean authorized = false;
        if (session != null) {
          authorized = Authorize.path(requestURI, session.getTicket());
        } else {
          authorized = Authorize.path(requestURI, null);
        }

        if (!authorized) {
          Logger.getLogger(getClass()).log(Level.INFO, "403 " + filePath);
          he.sendResponseHeaders(403);
          he.close();
          return;
        }

        if (Settings.getInstance().enable("Caching.Enabled")
            && he.getRequest().getHeader("If-Modified-Since") != null) {
          long lms = HttpFields.parseDate(he.getRequestHeader("If-Modified-Since"));
          if (f.lastModified() <= lms) {
            he.sendResponseHeaders(304);
            return;
          }
        }

        // Try to determine MIME type in a way that does not blow up in our face
        MagicMatch match = null;
        String type = "";
        try {
          match = Magic.getMagicMatch(f, true);
        } catch (MagicParseException | MagicMatchNotFoundException | MagicException ex) {
          // Magic failed - but well just ignore this for the time being
        } finally {
          if (match != null) {
            type = match.getMimeType();
          } else {
            type = "text/html";
          }
        }

        byte[] file = null;
        type = reconsiderType(type, f);

        if (type.equals("text/markdown")) {
          file = Processor.process(f).getBytes("UTF-8");
        }

        if (file == null) {
          file = getBytesFromFile(f);
        }

        // file = tryToDeflate(he, type, file);

        he.setResponseHeader("Content-Type", type + "; charset=UTF-8");
        he.setResponseHeader("Server", "W Application Server");

        setCaching(he, type, f);

        // X-tra headers
        he.setResponseHeader("X-Pandas-FTW", "true");
        he.setResponseHeader("X-UA-Compatible", "IE=edge,chrome=1");
        he.setResponseHeader("X-XSS-Protection", "1; mode=block");
        he.sendResponseHeaders(200);

        responseBody.write(file);

        file = null;
      } catch (IOException ex) {
        Logger.getLogger(DefaultApplication.class.getName()).log(Level.INFO, "Response failed", ex);
      }
    }
  }