diff options
| author | Holger Weiss <holger@zedat.fu-berlin.de> | 2015-11-11 22:51:40 +0100 |
|---|---|---|
| committer | Holger Weiss <holger@zedat.fu-berlin.de> | 2015-11-11 22:51:40 +0100 |
| commit | 55a92c2983d220bd56198144e8f0f5d4fef8263f (patch) | |
| tree | e075205aa9fd00e85938aa556ff0a7618c06c10e | |
| parent | mod_http_upload_quota: Don't track all users (diff) | |
mod_http_upload: Log message if URL looks wrong
Log an [info] message if a PUT request looks like the specified
"put_url" contains a path component that doesn't match the
"request_handlers" path, as in the following configuration:
listen:
-
module: ejabberd_http
port: 5444
request_handlers:
"/": mod_http_upload
modules:
mod_http_upload:
put_url: "http://example.com/path/"
| -rw-r--r-- | src/mod_http_upload.erl | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/src/mod_http_upload.erl b/src/mod_http_upload.erl index a0cefde50..d32c5f097 100644 --- a/src/mod_http_upload.erl +++ b/src/mod_http_upload.erl @@ -393,16 +393,16 @@ code_change(_OldVsn, #state{server_host = ServerHost} = State, _Extra) -> -spec process([binary()], #request{}) -> {pos_integer(), [{binary(), binary()}], binary()}. -process(LocalPath, #request{method = 'PUT', host = Host, ip = IP, - data = Data}) -> +process([_UserDir, _RandDir, _FileName] = Slot, + #request{method = 'PUT', host = Host, ip = IP, data = Data}) -> Proc = gen_mod:get_module_proc(Host, ?PROCNAME), - case catch gen_server:call(Proc, {use_slot, LocalPath}) of + case catch gen_server:call(Proc, {use_slot, Slot}) of {ok, Size, Path, FileMode, DirMode, GetPrefix, Thumbnail} when byte_size(Data) == Size -> ?DEBUG("Storing file from ~s for ~s: ~s", [?ADDR_TO_STR(IP), Host, Path]), case store_file(Path, Data, FileMode, DirMode, - GetPrefix, LocalPath, Thumbnail) of + GetPrefix, Slot, Thumbnail) of ok -> http_response(Host, 201); {ok, Headers, OutData} -> @@ -425,17 +425,17 @@ process(LocalPath, #request{method = 'PUT', host = Host, ip = IP, [?ADDR_TO_STR(IP), Host, Error]), http_response(Host, 500) end; -process(LocalPath, #request{method = Method, host = Host, ip = IP}) +process([_UserDir, _RandDir, FileName] = Slot, + #request{method = Method, host = Host, ip = IP}) when Method == 'GET'; Method == 'HEAD' -> Proc = gen_mod:get_module_proc(Host, ?PROCNAME), case catch gen_server:call(Proc, get_docroot) of {ok, DocRoot} -> - Path = str:join([DocRoot | LocalPath], <<$/>>), + Path = str:join([DocRoot | Slot], <<$/>>), case file:read_file(Path) of {ok, Data} -> ?INFO_MSG("Serving ~s to ~s", [Path, ?ADDR_TO_STR(IP)]), - FileName = lists:last(LocalPath), ContentType = guess_content_type(FileName), Headers1 = case ContentType of <<"image/", _SubType/binary>> -> []; @@ -469,6 +469,19 @@ process(LocalPath, #request{method = Method, host = Host, ip = IP}) [Method, ?ADDR_TO_STR(IP), Host, Error]), http_response(Host, 500) end; +process(LocalPath, #request{method = 'PUT', host = Host, ip = IP}) + when length(LocalPath) > 3 -> + ?INFO_MSG("Rejecting PUT request from ~s for ~s: Too many path components", + [?ADDR_TO_STR(IP), Host]), + ?INFO_MSG("Check whether 'request_handlers' path matches 'put_url'", []), + http_response(Host, 404); +process(_LocalPath, #request{method = Method, host = Host, ip = IP}) + when Method == 'PUT'; + Method == 'GET'; + Method == 'HEAD' -> + ?DEBUG("Rejecting ~s request from ~s for ~s: Too few/many path components", + [Method, ?ADDR_TO_STR(IP), Host]), + http_response(Host, 404); process(_LocalPath, #request{method = 'OPTIONS', host = Host, ip = IP}) -> ?DEBUG("Responding to OPTIONS request from ~s for ~s", [?ADDR_TO_STR(IP), Host]), |