-
Notifications
You must be signed in to change notification settings - Fork 0
/
logic.js
117 lines (105 loc) · 3.81 KB
/
logic.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
const url = require('url')
const fs = require('fs')
const path = require('path')
const etag = require('etag')
// maps file extention to MIME types
const mimeType = {
'.ico': 'image/x-icon',
'.html': 'text/html',
'.js': 'text/javascript',
'.json': 'application/json',
'.css': 'text/css',
'.png': 'image/png',
'.jpg': 'image/jpeg',
'.wav': 'audio/wav',
'.mp3': 'audio/mpeg',
'.svg': 'image/svg+xml',
'.pdf': 'application/pdf',
'.doc': 'application/msword',
'.eot': 'appliaction/vnd.ms-fontobject',
'.ttf': 'aplication/font-sfnt'
}
exports.logic = function (req, res) {
res.setHeader('Access-Control-Allow-Origin', '*')
// parse URL
const parsedUrl = url.parse(req.url)
// extract URL path
// Avoid https://en.wikipedia.org/wiki/Directory_traversal_attack
// e.g curl --path-as-is http://localhost:9000/../fileInDanger.txt
// by limiting the path to current directory only
/* eslint-disable */
const sanitizePath = path.normalize(parsedUrl.pathname).replace(/^(\.\.[\/\\])+/, '')
/* eslint-enable */
let pathname = path.join(__dirname, sanitizePath)
// Upload bundle.js logic TODO remove this, not used anymore
if (req.url === '/fileupload' && req.method.toLowerCase() === 'post') {
require('./util').upload(req, res)
return ;
}
// Upload split bundle.js logic for Production
if (req.url === '/uploadSplitBundle' && req.method.toLowerCase() === 'post') {
require('./util').uploadSplitBundle(req, res)
return ;
}
if (req.url === '/completedBundleUpload' && req.method.toLowerCase() === 'post') {
require('./util').completedBundleUpload(req, res)
return ;
}
// Upload split bundle.js logic for Staging
if (req.url === '/uploadSplitBundleStaging' && req.method.toLowerCase() === 'post') {
require('./util').uploadSplitBundleStaging(req, res)
return ;
}
if (req.url === '/completedBundleUploadStaging' && req.method.toLowerCase() === 'post') {
require('./util').completedBundleUploadStaging(req, res)
return ;
}
fs.access(pathname, fs.constants.F_OK, (err) => {
if (err) {
// if the file is not found, return 404
res.statusCode = 404
res.end(`File ${req.url} not found!`)
return
}
// if is a directory, then look for index.html
let stats = fs.statSync(pathname)
if (stats.isDirectory()) {
// pathname += '/index.html'
res.statusCode = 404
res.end(`Please provide file name as well.`)
return
}
// read file from file system
fs.readFile(pathname, (err, data) => {
if (err) {
res.statusCode = 500
res.end(`Error getting the file: ${err}.`)
} else {
// based on the URL path, extract the file extention. e.g. .js, .doc, ...
const ext = path.parse(pathname).ext
// if the file is found, set Content-type and prepare to send data
res.setHeader('Content-type', mimeType[ext] || 'text/plain')
res.setHeader('ETag', etag(data))
if (req.headers.hasOwnProperty('if-none-match')) {
// if required file is not changed, ask browser to use cache
if (req.headers['if-none-match'] === etag(data)) {
res.statusCode = 304;
res.end();
return ;
}
}
// setting up the cache policy and sending the actual file
if (req.url === '/public/bundle.js' || req.url === '/public/bundle_staging.js') {
// set cache duration for 1 minute, and revalidate from server about expiry
res.setHeader('Cache-Control', 'max-age=60, must-revalidate')
} else {
// set cache duration for 1 hour, and revalidate from server about expiry
res.setHeader('Cache-Control', 'max-age=3600, must-revalidate')
}
res.setHeader('Content-Length', stats.size)
res.write(data)
res.end()
}
})
})
}