Mercurial Hosting > luan
annotate src/luan/host/WebHandler.java @ 1425:b6030fa18839
hosting fix
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Sun, 24 Nov 2019 16:04:58 -0700 |
parents | 9ab267b9427c |
children | 219f2b937f2b |
rev | line source |
---|---|
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
1 package luan.host; |
1135 | 2 |
3 import java.io.File; | |
1402
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
4 import goodjava.logging.Logger; |
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
5 import goodjava.logging.LoggerFactory; |
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
6 import goodjava.webserver.Handler; |
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
7 import goodjava.webserver.Request; |
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
8 import goodjava.webserver.Response; |
27efb1fcbcb5
move luan.lib to goodjava
Franklin Schmidt <fschmidt@gmail.com>
parents:
1400
diff
changeset
|
9 import goodjava.webserver.handlers.DomainHandler; |
1330 | 10 import luan.Luan; |
1135 | 11 import luan.LuanException; |
12 import luan.LuanTable; | |
1330 | 13 import luan.LuanFunction; |
14 import luan.LuanClosure; | |
1335 | 15 import luan.LuanRuntimeException; |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
16 import luan.modules.http.LuanHandler; |
1332 | 17 import luan.modules.logging.Log4j; |
1135 | 18 |
19 | |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
20 public class WebHandler implements Handler { |
1135 | 21 private static final Logger logger = LoggerFactory.getLogger(WebHandler.class); |
22 | |
1315 | 23 private static final DomainHandler.Factory factory = new DomainHandler.Factory() { |
24 public Handler newHandler(String domain) { | |
25 File dir = new File(sitesDir,domain); | |
1400
221eedb0f54e
fix inner class gc bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1392
diff
changeset
|
26 if( !dir.exists() ) |
1315 | 27 return null; |
28 String dirStr = dir.toString(); | |
1230 | 29 |
1315 | 30 String logDir = dirStr + "/site/private/local/logs/web"; |
31 new File(logDir).mkdirs(); | |
1230 | 32 |
1333
25746915a241
merge Luan and LuanState
Franklin Schmidt <fschmidt@gmail.com>
parents:
1332
diff
changeset
|
33 Luan luan = new Luan(); |
1336 | 34 Log4j.newLoggerRepository(luan); |
1392 | 35 initLuan(luan,dirStr,domain); |
1400
221eedb0f54e
fix inner class gc bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1392
diff
changeset
|
36 return new LuanHandler(luan,domain); |
1230 | 37 } |
1315 | 38 }; |
1230 | 39 |
1330 | 40 public static String securityPassword = "password"; // change for security |
1315 | 41 private static final DomainHandler domainHandler = new DomainHandler(factory); |
1202 | 42 private static String sitesDir = null; |
1135 | 43 |
1185
94cf2576a922
implement WebHandler for nginx
Franklin Schmidt <fschmidt@gmail.com>
parents:
1182
diff
changeset
|
44 public WebHandler(String dir) { |
1135 | 45 if( sitesDir != null ) |
46 throw new RuntimeException("already set"); | |
47 if( !new File(dir).exists() ) | |
48 throw new RuntimeException(); | |
1230 | 49 sitesDir = dir; |
1135 | 50 } |
51 | |
1315 | 52 @Override public Response handle(Request request) { |
53 return domainHandler.handle(request); | |
1135 | 54 } |
55 | |
56 public static Object callSite(String domain,String fnName,Object... args) throws LuanException { | |
1315 | 57 LuanHandler luanHandler = (LuanHandler)domainHandler.getHandler(domain); |
58 return luanHandler.call_rpc(fnName,args); | |
1135 | 59 } |
60 | |
1392 | 61 private static void initLuan(Luan luan,String dir,String domain) { |
1135 | 62 try { |
1424 | 63 LuanFunction fn = Luan.loadClasspath(luan,"luan/host/init.luan"); |
1392 | 64 fn.call(dir,domain); |
1135 | 65 } catch(LuanException e) { |
1330 | 66 throw new LuanRuntimeException(e); |
1135 | 67 } |
1425 | 68 security(luan,dir); |
1135 | 69 } |
70 | |
1315 | 71 public static void removeHandler(String domain) { |
72 domainHandler.removeHandler(domain); | |
1135 | 73 } |
74 | |
1330 | 75 public static void loadHandler(String domain) throws LuanException { |
76 try { | |
77 domainHandler.getHandler(domain); | |
78 } catch(LuanRuntimeException e) { | |
1335 | 79 throw (LuanException)e.getCause(); |
1330 | 80 } |
1135 | 81 } |
82 | |
1333
25746915a241
merge Luan and LuanState
Franklin Schmidt <fschmidt@gmail.com>
parents:
1332
diff
changeset
|
83 private static final void security(Luan luan,String dir) { |
1174
bdf27aa2a65c
fix luanhost security bug
Franklin Schmidt <fschmidt@gmail.com>
parents:
1136
diff
changeset
|
84 final String siteUri = "file:" + dir + "/site"; |
1330 | 85 Luan.Security security = new Luan.Security() { |
1333
25746915a241
merge Luan and LuanState
Franklin Schmidt <fschmidt@gmail.com>
parents:
1332
diff
changeset
|
86 public void check(Luan luan,LuanClosure closure,String op,Object... args) |
1330 | 87 throws LuanException |
88 { | |
89 if( op.equals("uri") ) { | |
90 String name = (String)args[0]; | |
91 if( name.startsWith("file:") ) { | |
92 if( name.contains("..") ) | |
93 throw new LuanException("Security violation - '"+name+"' contains '..'"); | |
94 if( !(name.equals(siteUri) || name.startsWith(siteUri+"/")) ) | |
95 throw new LuanException("Security violation - '"+name+"' outside of site dir"); | |
96 } | |
97 else if( name.startsWith("classpath:luan/host/") ) { | |
98 throw new LuanException("Security violation"); | |
99 } | |
100 else if( name.startsWith("os:") || name.startsWith("bash:") ) { | |
101 throw new LuanException("Security violation"); | |
102 } | |
103 } else { | |
104 String name = closure.sourceName; | |
105 if( !( | |
106 name.startsWith("luan:") | |
107 || name.startsWith("classpath:") | |
108 || name.matches("^file:[^/]+$") | |
109 ) ) | |
110 throw new LuanException("Security violation - only luan:* modules can load Java"); | |
111 if( name.equals("luan:logging/Logging") ) | |
112 throw new LuanException("Security violation - cannot reload Logging"); | |
1135 | 113 } |
114 } | |
115 }; | |
1330 | 116 Luan.setSecurity(luan,security); |
1135 | 117 } |
118 | |
119 } |