Sakurai/pdf.js
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Modernize the webserver's handler method

Browse Source 
This commit converts `var` to `const`/`let`, gives the variables more
readable names and annotates the code to make the flow clearer.
This commit is contained in:
Tim van der Meij 2024-02-11 20:03:23 +01:00
parent 6ef813af01
commit 0015eb2431
No known key found for this signature in database
GPG Key ID: 8C3FD2925A5F2762
1 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
test/webserver.mjs
View File

@ -82,44 +82,46 @@ class WebServer {
} }
} }
async #handler(req, res) { async #handler(request, response) {
var url = req.url.replaceAll("//", "/"); // Validate and parse the request URL.
var urlParts = /([^?]*)((?:\?(.*))?)/.exec(url); const url = request.url.replaceAll("//", "/");
const urlParts = /([^?]*)((?:\?(.*))?)/.exec(url);
let pathPart;
try { try {
// Guard against directory traversal attacks such as // Guard against directory traversal attacks such as
// `/../../../../../../../etc/passwd`, which let you make GET requests // `/../../../../../../../etc/passwd`, which let you make GET requests
// for files outside of `this.root`. // for files outside of `this.root`.
var pathPart = path.normalize(decodeURI(urlParts[1])); pathPart = path.normalize(decodeURI(urlParts[1]));
// path.normalize returns a path on the basis of the current platform. // `path.normalize` returns a path on the basis of the current platform.
// Windows paths cause issues in statFile and serverDirectoryIndex. // Windows paths cause issues in `checkRequest` and underlying methods.
// Converting to unix path would avoid platform checks in said functions. // Converting to a Unix path avoids platform checks in said functions.
pathPart = pathPart.replaceAll("\\", "/"); pathPart = pathPart.replaceAll("\\", "/");
} catch { } catch {
// If the URI cannot be decoded, a `URIError` is thrown. This happens for // If the URI cannot be decoded, a `URIError` is thrown. This happens for
// malformed URIs such as `http://localhost:8888/%s%s` and should be // malformed URIs such as `http://localhost:8888/%s%s` and should be
// handled as a bad request. // handled as a bad request.
res.writeHead(400); response.writeHead(400);
res.end("Bad request", "utf8"); response.end("Bad request", "utf8");
return; return;
} }
var methodHooks = this.hooks[req.method]; // Validate the request method and execute method hooks.
const methodHooks = this.hooks[request.method];
if (!methodHooks) { if (!methodHooks) {
res.writeHead(405); response.writeHead(405);
res.end("Unsupported request method", "utf8"); response.end("Unsupported request method", "utf8");
return; return;
} }
var handled = methodHooks.some(function (hook) { const handled = methodHooks.some(hook => hook(request, response));
return hook(req, res);
});
if (handled) { if (handled) {
return; return;
} }
// Check the request and serve the file/folder contents.
if (pathPart === "/favicon.ico") { if (pathPart === "/favicon.ico") {
pathPart = "test/resources/favicon.ico"; pathPart = "test/resources/favicon.ico";
} }
await this.#checkRequest(req, res, url, urlParts, pathPart); await this.#checkRequest(request, response, url, urlParts, pathPart);
} }
async #checkRequest(request, response, url, urlParts, pathPart) { async #checkRequest(request, response, url, urlParts, pathPart) {