# HG changeset patch
# User jbe
# Date 1427397594 -3600
# Node ID 545ec2e3eafa5f3f094528876ae4fa63407df35c
# Parent  ffdd32b48296044dd19bb520027bb0138edb6051
Code cleanup in request.handler(...) and request.default_router(...)

diff -r ffdd32b48296 -r 545ec2e3eafa framework/env/request/default_router.lua
--- a/framework/env/request/default_router.lua	Thu Mar 26 20:09:13 2015 +0100
+++ b/framework/env/request/default_router.lua	Thu Mar 26 20:19:54 2015 +0100
@@ -17,15 +17,7 @@
   end
   local static = string.match(path, "^static/([-./0-9A-Z_a-z]*)$")
   if static then
-    -- TODO: move sanitizer to request.handler(...)
-    if string.match(static, "^/") or string.match(static, "//") then
-      return nil
-    end
-    for element in string.gmatch(static, "[^/]+") do
-      if element == "." or element == ".." then
-        return nil
-      end
-    end
+    -- Note: sanitizer is in request.handler(...)
     return {static = static}
   end
   local module, action, view, id, suffix
diff -r ffdd32b48296 -r 545ec2e3eafa framework/env/request/handler.lua
--- a/framework/env/request/handler.lua	Thu Mar 26 20:09:13 2015 +0100
+++ b/framework/env/request/handler.lua	Thu Mar 26 20:19:54 2015 +0100
@@ -4,7 +4,7 @@
   http_request    -- HTTP request object
 )
 
-Called by mcp.lua to process an HTTP request. Calls request.router(), and handles the request. Note: request initializers will have to be (automatically) executed before this function is invoked by mcp.lua.
+Called by mcp.lua to process an HTTP request. Calls request.router() and handles the request. Note: request initializers (see request.initialize()) are to be executed by mcp.lua before this function is invoked by mcp.lua.
 
 --]]--
 
@@ -46,32 +46,39 @@
       end
 
       if request._route.static then
-        local filename = WEBMCP_BASE_PATH .. "static/" .. request._route.static
-        -- TODO: move sanitizer from request.default_router(...) to request.handler(...)
+        local subpath = request._route.static
+        for element in string.gmatch(subpath, "[^/]+") do
+          if element == "." or element == ".." then
+            subpath = nil
+            break
+          end
+        end
         local fstat, f, errmsg
-        fstat, errmsg = extos.stat(filename)
-        if fstat then
-          if fstat.isdir then
-            errmsg = "Is a directory"
-          elseif not fstat.isreg then
-            errmsg = "Not a regular file"
-          else
-            f, errmsg = io.open(filename, "r")
+        if subpath then
+          local filename = WEBMCP_BASE_PATH .. "static/" .. subpath
+          fstat, errmsg = extos.stat(filename)
+          if fstat then
+            if fstat.isdir then
+              errmsg = "Is a directory"
+            elseif not fstat.isreg then
+              errmsg = "Not a regular file"
+            else
+              f, errmsg = io.open(filename, "r")
+            end
           end
         end
         if not f then
-          request.set_status("404 Not Found")
           if request.get_404_route() then
             request.set_status("404 Not Found")
             request.forward(request.get_404_route())
           else
-            error('Could not open static file "' .. request._route.static .. '": ' .. errmsg)
+            error('Could not open static file "' .. subpath .. '": ' .. errmsg)
           end
         else
           local d = assert(f:read("*a"))
           f:close()
           slot.put_into("data", d)
-          local filename_extension = string.match(request._route.static, "%.([^.]+)$")
+          local filename_extension = string.match(subpath, "%.([^.]+)$")
           slot.set_layout(nil, request._mime_types[filename_extension] or "application/octet-stream")
           request.allow_caching()
           return
@@ -94,12 +101,12 @@
           action = request.get_action()
         }
         if
-          request.get_404_route() and
           not execute.action{
             module = request.get_module(),
             action = request.get_action(),
             test_existence = true
-          }
+          } and
+          request.get_404_route()
         then
           request.set_status("404 Not Found")
           request.forward(request.get_404_route())
@@ -159,12 +166,11 @@
           view   = request.get_view()
         }
         if
-          request.get_404_route() and
           not execute.view{
             module = request.get_module(),
             view   = request.get_view(),
             test_existence = true
-          }
+          } and request.get_404_route()
         then
           request.set_status("404 Not Found")
           request.forward(request.get_404_route())
@@ -198,9 +204,6 @@
 
   if not success then trace.error{} end
 
-  -- TODO: extend trace system to generally monitor execution time
-  -- trace.exectime{ real = extos.monotonic_hires_time(), cpu = os.clock() }
-
   slot.select('trace', trace.render)  -- render trace information
 
   local redirect_data = request.get_redirect_data()
diff -r ffdd32b48296 -r 545ec2e3eafa framework/env/request/initialize.lua
--- a/framework/env/request/initialize.lua	Thu Mar 26 20:09:13 2015 +0100
+++ b/framework/env/request/initialize.lua	Thu Mar 26 20:19:54 2015 +0100
@@ -5,7 +5,7 @@
 
 --]]--
 function request.initialize()
-  _G.app = {}  -- may be overwritten or modified by request initializers
+  _G.app = {}  -- may be filled and modified by request initializers
   do
     request._in_progress = true  -- NOTE: must be set to true before initializer functions are called
     for i, func in ipairs(request._initializers) do