webmcp
diff framework/env/request/handler.lua @ 358:545ec2e3eafa
Code cleanup in request.handler(...) and request.default_router(...)
author | jbe |
---|---|
date | Thu Mar 26 20:19:54 2015 +0100 (2015-03-26) |
parents | 2b5bdf9028fb |
children | 4e03ecb28665 |
line diff
1.1 --- a/framework/env/request/handler.lua Thu Mar 26 20:09:13 2015 +0100 1.2 +++ b/framework/env/request/handler.lua Thu Mar 26 20:19:54 2015 +0100 1.3 @@ -4,7 +4,7 @@ 1.4 http_request -- HTTP request object 1.5 ) 1.6 1.7 -Called by mcp.lua to process an HTTP request. Calls request.router(), and handles the request. Note: request initializers will have to be (automatically) executed before this function is invoked by mcp.lua. 1.8 +Called by mcp.lua to process an HTTP request. Calls request.router() and handles the request. Note: request initializers (see request.initialize()) are to be executed by mcp.lua before this function is invoked by mcp.lua. 1.9 1.10 --]]-- 1.11 1.12 @@ -46,32 +46,39 @@ 1.13 end 1.14 1.15 if request._route.static then 1.16 - local filename = WEBMCP_BASE_PATH .. "static/" .. request._route.static 1.17 - -- TODO: move sanitizer from request.default_router(...) to request.handler(...) 1.18 + local subpath = request._route.static 1.19 + for element in string.gmatch(subpath, "[^/]+") do 1.20 + if element == "." or element == ".." then 1.21 + subpath = nil 1.22 + break 1.23 + end 1.24 + end 1.25 local fstat, f, errmsg 1.26 - fstat, errmsg = extos.stat(filename) 1.27 - if fstat then 1.28 - if fstat.isdir then 1.29 - errmsg = "Is a directory" 1.30 - elseif not fstat.isreg then 1.31 - errmsg = "Not a regular file" 1.32 - else 1.33 - f, errmsg = io.open(filename, "r") 1.34 + if subpath then 1.35 + local filename = WEBMCP_BASE_PATH .. "static/" .. subpath 1.36 + fstat, errmsg = extos.stat(filename) 1.37 + if fstat then 1.38 + if fstat.isdir then 1.39 + errmsg = "Is a directory" 1.40 + elseif not fstat.isreg then 1.41 + errmsg = "Not a regular file" 1.42 + else 1.43 + f, errmsg = io.open(filename, "r") 1.44 + end 1.45 end 1.46 end 1.47 if not f then 1.48 - request.set_status("404 Not Found") 1.49 if request.get_404_route() then 1.50 request.set_status("404 Not Found") 1.51 request.forward(request.get_404_route()) 1.52 else 1.53 - error('Could not open static file "' .. request._route.static .. '": ' .. errmsg) 1.54 + error('Could not open static file "' .. subpath .. '": ' .. errmsg) 1.55 end 1.56 else 1.57 local d = assert(f:read("*a")) 1.58 f:close() 1.59 slot.put_into("data", d) 1.60 - local filename_extension = string.match(request._route.static, "%.([^.]+)$") 1.61 + local filename_extension = string.match(subpath, "%.([^.]+)$") 1.62 slot.set_layout(nil, request._mime_types[filename_extension] or "application/octet-stream") 1.63 request.allow_caching() 1.64 return 1.65 @@ -94,12 +101,12 @@ 1.66 action = request.get_action() 1.67 } 1.68 if 1.69 - request.get_404_route() and 1.70 not execute.action{ 1.71 module = request.get_module(), 1.72 action = request.get_action(), 1.73 test_existence = true 1.74 - } 1.75 + } and 1.76 + request.get_404_route() 1.77 then 1.78 request.set_status("404 Not Found") 1.79 request.forward(request.get_404_route()) 1.80 @@ -159,12 +166,11 @@ 1.81 view = request.get_view() 1.82 } 1.83 if 1.84 - request.get_404_route() and 1.85 not execute.view{ 1.86 module = request.get_module(), 1.87 view = request.get_view(), 1.88 test_existence = true 1.89 - } 1.90 + } and request.get_404_route() 1.91 then 1.92 request.set_status("404 Not Found") 1.93 request.forward(request.get_404_route()) 1.94 @@ -198,9 +204,6 @@ 1.95 1.96 if not success then trace.error{} end 1.97 1.98 - -- TODO: extend trace system to generally monitor execution time 1.99 - -- trace.exectime{ real = extos.monotonic_hires_time(), cpu = os.clock() } 1.100 - 1.101 slot.select('trace', trace.render) -- render trace information 1.102 1.103 local redirect_data = request.get_redirect_data()