OLD | NEW |
---|---|
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of http_server; | 5 part of http_server; |
6 | 6 |
7 | 7 |
8 // Used for signal a directory redirecting, where a tailing slash is missing. | 8 // Used for signal a directory redirecting, where a tailing slash is missing. |
9 class _DirectoryRedirect { | 9 class _DirectoryRedirect { |
10 const _DirectoryRedirect(); | 10 const _DirectoryRedirect(); |
(...skipping 237 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
248 var response = request.response; | 248 var response = request.response; |
249 dir.stat().then((stats) { | 249 dir.stat().then((stats) { |
250 if (request.headers.ifModifiedSince != null && | 250 if (request.headers.ifModifiedSince != null && |
251 !stats.modified.isAfter(request.headers.ifModifiedSince)) { | 251 !stats.modified.isAfter(request.headers.ifModifiedSince)) { |
252 response.statusCode = HttpStatus.NOT_MODIFIED; | 252 response.statusCode = HttpStatus.NOT_MODIFIED; |
253 response.close(); | 253 response.close(); |
254 return; | 254 return; |
255 } | 255 } |
256 | 256 |
257 response.headers.set(HttpHeaders.LAST_MODIFIED, stats.modified); | 257 response.headers.set(HttpHeaders.LAST_MODIFIED, stats.modified); |
258 var path = request.uri.path; | 258 var path = Uri.decodeComponent(request.uri.path); |
259 var encodedPath = new HtmlEscape().convert(path); | |
259 var header = | 260 var header = |
260 '''<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" | 261 '''<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
261 http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | 262 http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
262 <html xmlns="http://www.w3.org/1999/xhtml"> | 263 <html xmlns="http://www.w3.org/1999/xhtml"> |
263 <head> | 264 <head> |
264 <title>Index of $path</title> | 265 <title>Index of $encodedPath</title> |
265 </head> | 266 </head> |
266 <body> | 267 <body> |
267 <h1>Index of $path</h1> | 268 <h1>Index of $encodedPath</h1> |
268 <table> | 269 <table> |
269 <tr> | 270 <tr> |
270 <td>Name</td> | 271 <td>Name</td> |
271 <td>Last modified</td> | 272 <td>Last modified</td> |
272 <td>Size</td> | 273 <td>Size</td> |
273 </tr> | 274 </tr> |
274 '''; | 275 '''; |
275 var server = response.headers.value(HttpHeaders.SERVER); | 276 var server = response.headers.value(HttpHeaders.SERVER); |
276 if (server == null) server = ""; | 277 if (server == null) server = ""; |
277 var footer = | 278 var footer = |
278 '''</table> | 279 '''</table> |
279 $server | 280 $server |
280 </body> | 281 </body> |
281 </html> | 282 </html> |
282 '''; | 283 '''; |
283 | 284 |
284 response.write(header); | 285 response.write(header); |
285 | 286 |
286 void add(String name, String modified, var size) { | 287 void add(String name, String modified, var size) { |
287 if (size == null) size = "-"; | 288 if (size == null) size = "-"; |
288 if (modified == null) modified = ""; | 289 if (modified == null) modified = ""; |
289 var p = normalize(join(path, name)); | 290 var encodedLink = new HtmlEscape(HtmlEscapeMode.ATTRIBUTE) |
291 .convert(Uri.encodeComponent(normalize(join(path, name)))); | |
292 var encodedName = new HtmlEscape().convert(name); | |
293 | |
290 var entry = | 294 var entry = |
291 ''' <tr> | 295 ''' <tr> |
292 <td><a href="$p">$name</a></td> | 296 <td><a href="$encodedLink">$encodedName</a></td> |
293 <td>$modified</td> | 297 <td>$modified</td> |
nweiz
2014/04/04 18:06:37
Escape [modified] as well. Even though it doesn't
Anders Johnsen
2014/04/07 07:03:08
Done.
| |
294 <td style="text-align: right">$size</td> | 298 <td style="text-align: right">$size</td> |
295 </tr>'''; | 299 </tr>'''; |
296 response.write(entry); | 300 response.write(entry); |
297 } | 301 } |
298 | 302 |
299 if (path != '/') { | 303 if (path != '/') { |
300 add('../', null, null); | 304 add('../', null, null); |
301 } | 305 } |
302 | 306 |
303 dir.list(followLinks: true).listen((entity) { | 307 dir.list(followLinks: true).listen((entity) { |
(...skipping 20 matching lines...) Expand all Loading... | |
324 } | 328 } |
325 | 329 |
326 void _serveErrorPage(int error, HttpRequest request) { | 330 void _serveErrorPage(int error, HttpRequest request) { |
327 var response = request.response; | 331 var response = request.response; |
328 response.statusCode = error; | 332 response.statusCode = error; |
329 if (_errorCallback != null) { | 333 if (_errorCallback != null) { |
330 _errorCallback(request); | 334 _errorCallback(request); |
331 return; | 335 return; |
332 } | 336 } |
333 // Default error page. | 337 // Default error page. |
334 var path = request.uri.path; | 338 var path = Uri.decodeComponent(request.uri.path); |
339 var encodedPath = new HtmlEscape().convert(path); | |
335 var reason = response.reasonPhrase; | 340 var reason = response.reasonPhrase; |
336 | 341 |
337 var server = response.headers.value(HttpHeaders.SERVER); | 342 var server = response.headers.value(HttpHeaders.SERVER); |
338 if (server == null) server = ""; | 343 if (server == null) server = ""; |
339 var page = | 344 var page = |
340 '''<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" | 345 '''<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
341 http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | 346 http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
342 <html xmlns="http://www.w3.org/1999/xhtml"> | 347 <html xmlns="http://www.w3.org/1999/xhtml"> |
343 <head> | 348 <head> |
344 <title>$reason: $path</title> | 349 <title>$reason: $encodedPath</title> |
345 </head> | 350 </head> |
346 <body> | 351 <body> |
347 <h1>Error $error at \'$path\': $reason</h1> | 352 <h1>Error $error at \'$encodedPath\': $reason</h1> |
nweiz
2014/04/04 18:06:37
Escape [error] and [reason].
Anders Johnsen
2014/04/07 07:03:08
Done.
| |
348 $server | 353 $server |
349 </body> | 354 </body> |
350 </html>'''; | 355 </html>'''; |
351 response.write(page); | 356 response.write(page); |
352 response.close(); | 357 response.close(); |
353 } | 358 } |
354 } | 359 } |
355 | 360 |
356 class _VirtualDirectoryFileStream extends StreamConsumer<List<int>> { | 361 class _VirtualDirectoryFileStream extends StreamConsumer<List<int>> { |
357 final HttpResponse response; | 362 final HttpResponse response; |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
401 | 406 |
402 Future close() => new Future.value(); | 407 Future close() => new Future.value(); |
403 | 408 |
404 void setMimeType(List<int> bytes) { | 409 void setMimeType(List<int> bytes) { |
405 var mimeType = lookupMimeType(path, headerBytes: bytes); | 410 var mimeType = lookupMimeType(path, headerBytes: bytes); |
406 if (mimeType != null) { | 411 if (mimeType != null) { |
407 response.headers.contentType = ContentType.parse(mimeType); | 412 response.headers.contentType = ContentType.parse(mimeType); |
408 } | 413 } |
409 } | 414 } |
410 } | 415 } |
OLD | NEW |