public static boolean saveFile(
HttpServlet servlet,
String contentPath,
String path,
HttpServletRequest req,
HttpServletResponse res) {
// @todo Need to use logServerAccess() below here.
boolean debugRequest = Debug.isSet("SaveFile");
if (debugRequest) log.debug(" saveFile(): path= " + path);
String filename = contentPath + path; // absolute path
File want = new File(filename);
// backup current version if it exists
int version = getBackupVersion(want.getParent(), want.getName());
String fileSave = filename + "~" + version;
File file = new File(filename);
if (file.exists()) {
try {
IO.copyFile(filename, fileSave);
} catch (IOException e) {
log.error(
"saveFile(): Unable to save copy of file "
+ filename
+ " to "
+ fileSave
+ "\n"
+ e.getMessage());
return false;
}
}
// save new file
try {
OutputStream out = new BufferedOutputStream(new FileOutputStream(filename));
IO.copy(req.getInputStream(), out);
out.close();
if (debugRequest) log.debug("saveFile(): ok= " + filename);
res.setStatus(HttpServletResponse.SC_CREATED);
log.info(UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_CREATED, -1));
return true;
} catch (IOException e) {
log.error(
"saveFile(): Unable to PUT file " + filename + " to " + fileSave + "\n" + e.getMessage());
return false;
}
}
/**
* Write a file to the response stream.
*
* @param servlet called from here
* @param contentPath file root path
* @param path file path reletive to the root
* @param req the request
* @param res the response
* @param contentType content type, or null
* @throws IOException on write error
*/
public static void returnFile(
HttpServlet servlet,
String contentPath,
String path,
HttpServletRequest req,
HttpServletResponse res,
String contentType)
throws IOException {
String filename = ServletUtil.formFilename(contentPath, path);
log.debug("returnFile(): returning file <" + filename + ">.");
// No file, nothing to view
if (filename == null) {
log.info(
"returnFile(): "
+ UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_NOT_FOUND, 0));
res.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
}
// dontallow ..
if (filename.indexOf("..") != -1) {
log.info(
"returnFile(): "
+ UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_FORBIDDEN, 0));
res.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
// dont allow access to WEB-INF or META-INF
String upper = filename.toUpperCase();
if (upper.indexOf("WEB-INF") != -1 || upper.indexOf("META-INF") != -1) {
log.info(
"returnFile(): "
+ UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_FORBIDDEN, 0));
res.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
returnFile(servlet, req, res, new File(filename), contentType);
}
/**
* Write a file to the response stream. Handles Range requests.
*
* @param req request
* @param res response
* @param file must exists and not be a directory
* @param contentType must not be null
* @throws IOException or error
*/
public static void returnFile(
HttpServletRequest req, HttpServletResponse res, File file, String contentType)
throws IOException {
res.setContentType(contentType);
// see if its a Range Request
boolean isRangeRequest = false;
long startPos = 0, endPos = Long.MAX_VALUE;
String rangeRequest = req.getHeader("Range");
if (rangeRequest != null) { // bytes=12-34 or bytes=12-
int pos = rangeRequest.indexOf("=");
if (pos > 0) {
int pos2 = rangeRequest.indexOf("-");
if (pos2 > 0) {
String startString = rangeRequest.substring(pos + 1, pos2);
String endString = rangeRequest.substring(pos2 + 1);
startPos = Long.parseLong(startString);
if (endString.length() > 0) endPos = Long.parseLong(endString) + 1;
isRangeRequest = true;
}
}
}
// set content length
long fileSize = file.length();
long contentLength = fileSize;
if (isRangeRequest) {
endPos = Math.min(endPos, fileSize);
contentLength = endPos - startPos;
}
if (contentLength > Integer.MAX_VALUE)
res.addHeader(
"Content-Length", Long.toString(contentLength)); // allow content length > MAX_INT
else res.setContentLength((int) contentLength); // note HEAD only allows this
String filename = file.getPath();
boolean debugRequest = Debug.isSet("returnFile");
if (debugRequest)
log.debug(
"returnFile(): filename = "
+ filename
+ " contentType = "
+ contentType
+ " contentLength = "
+ contentLength);
// indicate we allow Range Requests
res.addHeader("Accept-Ranges", "bytes");
if (req.getMethod().equals("HEAD")) {
log.info(
"returnFile(): "
+ UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_OK, 0));
return;
}
try {
if (isRangeRequest) {
// set before content is sent
res.addHeader("Content-Range", "bytes " + startPos + "-" + (endPos - 1) + "/" + fileSize);
res.setStatus(HttpServletResponse.SC_PARTIAL_CONTENT);
FileCacheRaf.Raf craf = null;
try {
craf = fileCacheRaf.acquire(filename);
IO.copyRafB(
craf.getRaf(), startPos, contentLength, res.getOutputStream(), new byte[60000]);
log.info(
"returnFile(): "
+ UsageLog.closingMessageForRequestContext(
HttpServletResponse.SC_PARTIAL_CONTENT, contentLength));
return;
} finally {
if (craf != null) fileCacheRaf.release(craf);
}
}
// Return the file
ServletOutputStream out = res.getOutputStream();
IO.copyFileB(file, out, 60000);
res.flushBuffer();
out.close();
if (debugRequest) log.debug("returnFile(): returnFile ok = " + filename);
log.info(
"returnFile(): "
+ UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_OK, contentLength));
}
// @todo Split up this exception handling: those from file access vs those from dealing with
// response
// File access: catch and res.sendError()
// response: don't catch (let bubble up out of doGet() etc)
catch (FileNotFoundException e) {
log.error("returnFile(): FileNotFoundException= " + filename);
log.info(
"returnFile(): "
+ UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_NOT_FOUND, 0));
if (!res.isCommitted()) res.sendError(HttpServletResponse.SC_NOT_FOUND);
} catch (java.net.SocketException e) {
log.info("returnFile(): SocketException sending file: " + filename + " " + e.getMessage());
log.info("returnFile(): " + UsageLog.closingMessageForRequestContext(STATUS_CLIENT_ABORT, 0));
} catch (IOException e) {
String eName =
e.getClass().getName(); // dont want compile time dependency on ClientAbortException
if (eName.equals("org.apache.catalina.connector.ClientAbortException")) {
log.info(
"returnFile(): ClientAbortException while sending file: "
+ filename
+ " "
+ e.getMessage());
log.info(
"returnFile(): " + UsageLog.closingMessageForRequestContext(STATUS_CLIENT_ABORT, 0));
return;
}
log.error("returnFile(): IOException (" + e.getClass().getName() + ") sending file ", e);
log.error(
"returnFile(): "
+ UsageLog.closingMessageForRequestContext(HttpServletResponse.SC_NOT_FOUND, 0));
if (!res.isCommitted())
res.sendError(HttpServletResponse.SC_NOT_FOUND, "Problem sending file: " + e.getMessage());
}
}