[英]Handling query string in url with res.sendFile()
I am in the process of learning node.js so that I can work on my personal project. 我正在学习node.js,以便可以进行自己的个人项目。 I am also trying to get started on it "for real".
我还试图“真正”开始使用它。 In fact, my first big feature I am trying to get up is login feature.
实际上,我要尝试启动的第一个重要功能是登录功能。 For some reason, it's not working properly anytime
?
由于某种原因,它随时无法正常工作
?
pops up in URL. 在URL中弹出。
My code in appServer.js
is something like: 我在
appServer.js
代码是这样的:
var express = require('express');
var app = express();
var bodyParser = require('body-parser');
var session = require('client-sessions');
var users = require('./helpers/users.js'),
helpers = require('./helpers/helpers.js');
var fs = require('fs'),
path = require('path');
var https = require('https');
function handleIncomingRequest(req, res)
{
console.log("INCOMING REQUEST: " + req.method + " " + req.url);
console.log("req.url == " + req.url);
var questionMarkIndex = req.url.indexOf('?');
console.log("questionMarkIndex == " + questionMarkIndex);
var filename = req.url;
if (questionMarkIndex != -1) filename = req.url.substr(0, questionMarkIndex);
serveStaticFile(filename,
res);
//serveStaticFile(req.url, res);
}
app//.use(express.logger('dev'))
.use(bodyParser.urlencoded({ extended: true }))
.use(session({
cookieName: 'session',
secret: 'ckwtngqjqerrafourhpvi',
duration: 30 * 60 * 1000,
activeDuration: 15 * 60 * 1000,
httpOnly: true,
secure: true,
ephemeral: true
}))
.get("/YALApp/*",
requirePageLogin,
function(req, res)
{
handleIncomingRequest(req, res);
}
)
.get("/YALApp",
function (req, res) {
res.redirect('/YALApp/');
}
)
.post('/service/login', users.login)
.get("*",
function(req, res)
{
res.writeHead(404, { "Content-Type" : "application/json" });
res.end(JSON.stringify(helpers.makeError("file_not_found",
"The requested file cannot be accessed: " + req.url), null, '\t') + '\n');
}
);
app.listen(8080);
/*https.createServer(options, app).listen(8080, function()
{
console.log("server listening on port 8080");
});
*/
function serveStaticFile(file, res)
{
console.log("file == " + file);
var url = '/var/www/html' + file;
if (url.charAt(url.length - 1) == '/' || url.lastIndexOf('.') == -1)
{
console.log(res.sendFile);
res.sendFile(url + '/index.html');
return;
}
res.sendFile(url);
}
Initial static page (URL: /YALApp/loginPage.html
) loads just fine, but its dependencies don't (and thus page doesn't work) Here is that static page: 初始静态页面(URL:
/YALApp/loginPage.html
)可以很好地加载,但是其依赖项不起作用(因此该页面不起作用)这是该静态页面:
<!DOCTYPE html>
<html>
<head>
<!-- Linking to define the colors (up one level, and in theme) -->
<script src="../jQueryLib/theme/external/jquery/jquery.js"></script>
<link href="../jQueryLib/theme/jquery-ui.css" rel="stylesheet" >
<!-- Linking to setup the page -->
<link href="css/loginPage.css" rel="stylesheet">
<!-- Providing UI functionality -->
<script type="text/javascript" src="../jQueryLib/theme/jquery-ui.js"></script>
<!-- jQuery UI touch-punch -->
<script type="text/javascript" src="../jQueryLib/theme/jquery.ui.touch-punch.min.js"></script>
<!-- page functionality -->
<script src="js/loginPage.js"></script>
<title>Group Management Login Page</title>
</head>
<body>
<h1 class="center">Group Management Tool</h1>
<div id="login" class="pageCenter">
<form id="loginForm">
<h2 class="ui-widget-header row">Login</h2>
<span class="row">
<label for="loginUserName" class="third">User name</label>
<input type="text" id="loginUserName" class="twoThirds"></input>
</span>
<span class="rowTight">
<label for="loginPassword" class="third">Password</label>
<input type="password" id="loginPassword" class="twoThirds"></input>
</span>
<span class="rowTight">
<!-- TODO: implement "forgot username" feature -->
<a id="forgotUsernameLink" class="center half" href="">Forgot username?</a>
<!-- TODO: implement "forgot password" feature -->
<a id="forgotPasswordLink" class="center half" href="">Forgot password?</a>
</span>
<span class="row">
<input type="submit" id="loginBtn" class="third" value="Login" />
<!--<button id="protoLogin" title="Populates login form with login data for the prototype" value="Prototype"-->
</span>
</form>
</div>
</body>
</html>
What is happening here?!?!? 这里发生了什么?!?!?
I think I found the error: I was trying to avoid a security catastrophe by my handling of GET
requests for every other request. 我想我发现了错误:我正在通过处理每个其他请求的
GET
请求来避免安全灾难。 Namely, when I "back out" of YALApp
folder, I am able to access at least the phpMyAdmin
folder, and by merely requesting a file from it, downloading that file. 即,当我“退出”
YALApp
文件夹时,我至少可以访问phpMyAdmin
文件夹,并且只需从中请求一个文件,然后下载该文件即可。 I made it serve up 404 error. 我让它提供了404错误。
This was simple to fix, in that all I had to do was add a route for /jQueryLib/*
requests, and repeat what I did for /YALApp/*
. 这很容易解决,因为我要做的就是为
/jQueryLib/*
请求添加一条路由,然后重复对/YALApp/*
做的/YALApp/*
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.