b57d9f307f
- write() now accepts a ChannelPromise and returns ChannelFuture as most users expected. It makes the user's life much easier because it is now much easier to get notified when a specific message has been written. - flush() does not create a ChannelPromise nor returns ChannelFuture. It is now similar to what read() looks like.
365 lines
13 KiB
Java
365 lines
13 KiB
Java
/*
|
|
* Copyright 2012 The Netty Project
|
|
*
|
|
* The Netty Project licenses this file to you under the Apache License,
|
|
* version 2.0 (the "License"); you may not use this file except in compliance
|
|
* with the License. You may obtain a copy of the License at:
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
* License for the specific language governing permissions and limitations
|
|
* under the License.
|
|
*/
|
|
package io.netty.example.http.file;
|
|
|
|
import io.netty.buffer.Unpooled;
|
|
import io.netty.channel.ChannelFuture;
|
|
import io.netty.channel.ChannelFutureListener;
|
|
import io.netty.channel.ChannelHandlerContext;
|
|
import io.netty.channel.SimpleChannelInboundHandler;
|
|
import io.netty.handler.codec.http.DefaultFullHttpResponse;
|
|
import io.netty.handler.codec.http.DefaultHttpResponse;
|
|
import io.netty.handler.codec.http.FullHttpRequest;
|
|
import io.netty.handler.codec.http.FullHttpResponse;
|
|
import io.netty.handler.codec.http.HttpHeaders;
|
|
import io.netty.handler.codec.http.HttpResponse;
|
|
import io.netty.handler.codec.http.HttpResponseStatus;
|
|
import io.netty.handler.codec.http.LastHttpContent;
|
|
import io.netty.handler.stream.ChunkedFile;
|
|
import io.netty.util.CharsetUtil;
|
|
|
|
import javax.activation.MimetypesFileTypeMap;
|
|
import java.io.File;
|
|
import java.io.FileNotFoundException;
|
|
import java.io.RandomAccessFile;
|
|
import java.io.UnsupportedEncodingException;
|
|
import java.net.URLDecoder;
|
|
import java.text.SimpleDateFormat;
|
|
import java.util.Calendar;
|
|
import java.util.Date;
|
|
import java.util.GregorianCalendar;
|
|
import java.util.Locale;
|
|
import java.util.TimeZone;
|
|
import java.util.regex.Pattern;
|
|
|
|
import static io.netty.handler.codec.http.HttpHeaders.Names.*;
|
|
import static io.netty.handler.codec.http.HttpHeaders.*;
|
|
import static io.netty.handler.codec.http.HttpMethod.*;
|
|
import static io.netty.handler.codec.http.HttpResponseStatus.*;
|
|
import static io.netty.handler.codec.http.HttpVersion.*;
|
|
|
|
/**
|
|
* A simple handler that serves incoming HTTP requests to send their respective
|
|
* HTTP responses. It also implements {@code 'If-Modified-Since'} header to
|
|
* take advantage of browser cache, as described in
|
|
* <a href="http://tools.ietf.org/html/rfc2616#section-14.25">RFC 2616</a>.
|
|
*
|
|
* <h3>How Browser Caching Works</h3>
|
|
*
|
|
* Web browser caching works with HTTP headers as illustrated by the following
|
|
* sample:
|
|
* <ol>
|
|
* <li>Request #1 returns the content of {@code /file1.txt}.</li>
|
|
* <li>Contents of {@code /file1.txt} is cached by the browser.</li>
|
|
* <li>Request #2 for {@code /file1.txt} does return the contents of the
|
|
* file again. Rather, a 304 Not Modified is returned. This tells the
|
|
* browser to use the contents stored in its cache.</li>
|
|
* <li>The server knows the file has not been modified because the
|
|
* {@code If-Modified-Since} date is the same as the file's last
|
|
* modified date.</li>
|
|
* </ol>
|
|
*
|
|
* <pre>
|
|
* Request #1 Headers
|
|
* ===================
|
|
* GET /file1.txt HTTP/1.1
|
|
*
|
|
* Response #1 Headers
|
|
* ===================
|
|
* HTTP/1.1 200 OK
|
|
* Date: Tue, 01 Mar 2011 22:44:26 GMT
|
|
* Last-Modified: Wed, 30 Jun 2010 21:36:48 GMT
|
|
* Expires: Tue, 01 Mar 2012 22:44:26 GMT
|
|
* Cache-Control: private, max-age=31536000
|
|
*
|
|
* Request #2 Headers
|
|
* ===================
|
|
* GET /file1.txt HTTP/1.1
|
|
* If-Modified-Since: Wed, 30 Jun 2010 21:36:48 GMT
|
|
*
|
|
* Response #2 Headers
|
|
* ===================
|
|
* HTTP/1.1 304 Not Modified
|
|
* Date: Tue, 01 Mar 2011 22:44:28 GMT
|
|
*
|
|
* </pre>
|
|
*/
|
|
public class HttpStaticFileServerHandler extends SimpleChannelInboundHandler<FullHttpRequest> {
|
|
|
|
public static final String HTTP_DATE_FORMAT = "EEE, dd MMM yyyy HH:mm:ss zzz";
|
|
public static final String HTTP_DATE_GMT_TIMEZONE = "GMT";
|
|
public static final int HTTP_CACHE_SECONDS = 60;
|
|
|
|
@Override
|
|
public void channelRead0(
|
|
ChannelHandlerContext ctx, FullHttpRequest request) throws Exception {
|
|
if (!request.getDecoderResult().isSuccess()) {
|
|
sendError(ctx, BAD_REQUEST);
|
|
return;
|
|
}
|
|
|
|
if (request.getMethod() != GET) {
|
|
sendError(ctx, METHOD_NOT_ALLOWED);
|
|
return;
|
|
}
|
|
|
|
final String uri = request.getUri();
|
|
final String path = sanitizeUri(uri);
|
|
if (path == null) {
|
|
sendError(ctx, FORBIDDEN);
|
|
return;
|
|
}
|
|
|
|
File file = new File(path);
|
|
if (file.isHidden() || !file.exists()) {
|
|
sendError(ctx, NOT_FOUND);
|
|
return;
|
|
}
|
|
|
|
if (file.isDirectory()) {
|
|
if (uri.endsWith("/")) {
|
|
sendListing(ctx, file);
|
|
} else {
|
|
sendRedirect(ctx, uri + '/');
|
|
}
|
|
return;
|
|
}
|
|
|
|
if (!file.isFile()) {
|
|
sendError(ctx, FORBIDDEN);
|
|
return;
|
|
}
|
|
|
|
// Cache Validation
|
|
String ifModifiedSince = request.headers().get(IF_MODIFIED_SINCE);
|
|
if (ifModifiedSince != null && !ifModifiedSince.isEmpty()) {
|
|
SimpleDateFormat dateFormatter = new SimpleDateFormat(HTTP_DATE_FORMAT, Locale.US);
|
|
Date ifModifiedSinceDate = dateFormatter.parse(ifModifiedSince);
|
|
|
|
// Only compare up to the second because the datetime format we send to the client
|
|
// does not have milliseconds
|
|
long ifModifiedSinceDateSeconds = ifModifiedSinceDate.getTime() / 1000;
|
|
long fileLastModifiedSeconds = file.lastModified() / 1000;
|
|
if (ifModifiedSinceDateSeconds == fileLastModifiedSeconds) {
|
|
sendNotModified(ctx);
|
|
return;
|
|
}
|
|
}
|
|
|
|
RandomAccessFile raf;
|
|
try {
|
|
raf = new RandomAccessFile(file, "r");
|
|
} catch (FileNotFoundException fnfe) {
|
|
sendError(ctx, NOT_FOUND);
|
|
return;
|
|
}
|
|
long fileLength = raf.length();
|
|
|
|
HttpResponse response = new DefaultHttpResponse(HTTP_1_1, OK);
|
|
setContentLength(response, fileLength);
|
|
setContentTypeHeader(response, file);
|
|
setDateAndCacheHeaders(response, file);
|
|
if (isKeepAlive(request)) {
|
|
response.headers().set(CONNECTION, HttpHeaders.Values.KEEP_ALIVE);
|
|
}
|
|
|
|
// Write the initial line and the header.
|
|
ctx.write(response);
|
|
// Write the content.
|
|
ctx.write(new ChunkedFile(raf, 0, fileLength, 8192));
|
|
// Write the end marker
|
|
ChannelFuture writeFuture = ctx.writeAndFlush(LastHttpContent.EMPTY_LAST_CONTENT);
|
|
|
|
// Decide whether to close the connection or not.
|
|
if (!isKeepAlive(request)) {
|
|
// Close the connection when the whole content is written out.
|
|
writeFuture.addListener(ChannelFutureListener.CLOSE);
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
|
|
cause.printStackTrace();
|
|
if (ctx.channel().isActive()) {
|
|
sendError(ctx, INTERNAL_SERVER_ERROR);
|
|
}
|
|
}
|
|
|
|
private static final Pattern INSECURE_URI = Pattern.compile(".*[<>&\"].*");
|
|
|
|
private static String sanitizeUri(String uri) {
|
|
// Decode the path.
|
|
try {
|
|
uri = URLDecoder.decode(uri, "UTF-8");
|
|
} catch (UnsupportedEncodingException e) {
|
|
try {
|
|
uri = URLDecoder.decode(uri, "ISO-8859-1");
|
|
} catch (UnsupportedEncodingException e1) {
|
|
throw new Error();
|
|
}
|
|
}
|
|
|
|
if (!uri.startsWith("/")) {
|
|
return null;
|
|
}
|
|
|
|
// Convert file separators.
|
|
uri = uri.replace('/', File.separatorChar);
|
|
|
|
// Simplistic dumb security check.
|
|
// You will have to do something serious in the production environment.
|
|
if (uri.contains(File.separator + '.') ||
|
|
uri.contains('.' + File.separator) ||
|
|
uri.startsWith(".") || uri.endsWith(".") ||
|
|
INSECURE_URI.matcher(uri).matches()) {
|
|
return null;
|
|
}
|
|
|
|
// Convert to absolute path.
|
|
return System.getProperty("user.dir") + File.separator + uri;
|
|
}
|
|
|
|
private static final Pattern ALLOWED_FILE_NAME = Pattern.compile("[A-Za-z0-9][-_A-Za-z0-9\\.]*");
|
|
|
|
private static void sendListing(ChannelHandlerContext ctx, File dir) {
|
|
FullHttpResponse response = new DefaultFullHttpResponse(HTTP_1_1, OK);
|
|
response.headers().set(CONTENT_TYPE, "text/html; charset=UTF-8");
|
|
|
|
StringBuilder buf = new StringBuilder();
|
|
String dirPath = dir.getPath();
|
|
|
|
buf.append("<!DOCTYPE html>\r\n");
|
|
buf.append("<html><head><title>");
|
|
buf.append("Listing of: ");
|
|
buf.append(dirPath);
|
|
buf.append("</title></head><body>\r\n");
|
|
|
|
buf.append("<h3>Listing of: ");
|
|
buf.append(dirPath);
|
|
buf.append("</h3>\r\n");
|
|
|
|
buf.append("<ul>");
|
|
buf.append("<li><a href=\"../\">..</a></li>\r\n");
|
|
|
|
for (File f: dir.listFiles()) {
|
|
if (f.isHidden() || !f.canRead()) {
|
|
continue;
|
|
}
|
|
|
|
String name = f.getName();
|
|
if (!ALLOWED_FILE_NAME.matcher(name).matches()) {
|
|
continue;
|
|
}
|
|
|
|
buf.append("<li><a href=\"");
|
|
buf.append(name);
|
|
buf.append("\">");
|
|
buf.append(name);
|
|
buf.append("</a></li>\r\n");
|
|
}
|
|
|
|
buf.append("</ul></body></html>\r\n");
|
|
|
|
response.content().writeBytes(Unpooled.copiedBuffer(buf, CharsetUtil.UTF_8));
|
|
|
|
// Close the connection as soon as the error message is sent.
|
|
ctx.writeAndFlush(response).addListener(ChannelFutureListener.CLOSE);
|
|
}
|
|
|
|
private static void sendRedirect(ChannelHandlerContext ctx, String newUri) {
|
|
FullHttpResponse response = new DefaultFullHttpResponse(HTTP_1_1, FOUND);
|
|
response.headers().set(LOCATION, newUri);
|
|
|
|
// Close the connection as soon as the error message is sent.
|
|
ctx.writeAndFlush(response).addListener(ChannelFutureListener.CLOSE);
|
|
}
|
|
|
|
private static void sendError(ChannelHandlerContext ctx, HttpResponseStatus status) {
|
|
FullHttpResponse response = new DefaultFullHttpResponse(
|
|
HTTP_1_1, status, Unpooled.copiedBuffer("Failure: " + status.toString() + "\r\n", CharsetUtil.UTF_8));
|
|
response.headers().set(CONTENT_TYPE, "text/plain; charset=UTF-8");
|
|
|
|
// Close the connection as soon as the error message is sent.
|
|
ctx.writeAndFlush(response).addListener(ChannelFutureListener.CLOSE);
|
|
}
|
|
|
|
/**
|
|
* When file timestamp is the same as what the browser is sending up, send a "304 Not Modified"
|
|
*
|
|
* @param ctx
|
|
* Context
|
|
*/
|
|
private static void sendNotModified(ChannelHandlerContext ctx) {
|
|
FullHttpResponse response = new DefaultFullHttpResponse(HTTP_1_1, NOT_MODIFIED);
|
|
setDateHeader(response);
|
|
|
|
// Close the connection as soon as the error message is sent.
|
|
ctx.writeAndFlush(response).addListener(ChannelFutureListener.CLOSE);
|
|
}
|
|
|
|
/**
|
|
* Sets the Date header for the HTTP response
|
|
*
|
|
* @param response
|
|
* HTTP response
|
|
*/
|
|
private static void setDateHeader(FullHttpResponse response) {
|
|
SimpleDateFormat dateFormatter = new SimpleDateFormat(HTTP_DATE_FORMAT, Locale.US);
|
|
dateFormatter.setTimeZone(TimeZone.getTimeZone(HTTP_DATE_GMT_TIMEZONE));
|
|
|
|
Calendar time = new GregorianCalendar();
|
|
response.headers().set(DATE, dateFormatter.format(time.getTime()));
|
|
}
|
|
|
|
/**
|
|
* Sets the Date and Cache headers for the HTTP Response
|
|
*
|
|
* @param response
|
|
* HTTP response
|
|
* @param fileToCache
|
|
* file to extract content type
|
|
*/
|
|
private static void setDateAndCacheHeaders(HttpResponse response, File fileToCache) {
|
|
SimpleDateFormat dateFormatter = new SimpleDateFormat(HTTP_DATE_FORMAT, Locale.US);
|
|
dateFormatter.setTimeZone(TimeZone.getTimeZone(HTTP_DATE_GMT_TIMEZONE));
|
|
|
|
// Date header
|
|
Calendar time = new GregorianCalendar();
|
|
response.headers().set(DATE, dateFormatter.format(time.getTime()));
|
|
|
|
// Add cache headers
|
|
time.add(Calendar.SECOND, HTTP_CACHE_SECONDS);
|
|
response.headers().set(EXPIRES, dateFormatter.format(time.getTime()));
|
|
response.headers().set(CACHE_CONTROL, "private, max-age=" + HTTP_CACHE_SECONDS);
|
|
response.headers().set(
|
|
LAST_MODIFIED, dateFormatter.format(new Date(fileToCache.lastModified())));
|
|
}
|
|
|
|
/**
|
|
* Sets the content type header for the HTTP Response
|
|
*
|
|
* @param response
|
|
* HTTP response
|
|
* @param file
|
|
* file to extract content type
|
|
*/
|
|
private static void setContentTypeHeader(HttpResponse response, File file) {
|
|
MimetypesFileTypeMap mimeTypesMap = new MimetypesFileTypeMap();
|
|
response.headers().set(CONTENT_TYPE, mimeTypesMap.getContentType(file.getPath()));
|
|
}
|
|
|
|
}
|