wip - static file server

[laduke]

this lets you host web apps out of

:9993/app/{app_name} :9993/app/{other_app} etc

from $ZT_HOME/app/{app_name}

[laduke]

waiting on #2220

[dch]

hmm liking the look of this

[joseph-henry]

Tested and this seems to work. Ready to merge?

[laduke]

thanks for checking. let me remove all these per-request printfs actually.

[laduke]

If you're interested in checking on a specific platform:

(start zerotier-one)

cd $ZT_HOME
sudo mkdir  app/hello
echo "hello" | sudo tee app/hello/index.html
curl -L localhost:9993/app/hello

[dch]

LGTM too here. I'm interested to know what the original & intended use case for this.

Some comments, for docs:

• the dir only needs to be readable by root, so you can chown dch $ZT_HOME/app and it still works just fine

• when no index.html is found, please return 404 instead of 500 e.g.GET /app/missing/ should return 404

• please consider documenting/allowing the the directory location configurable. I tested it with a softlink and it seeems to work, but a nice config option would be great, you know we will be asking for it anyway ;-)

• I did basic path traversal checks, what (if any) security guarantees are on offer here?

• It seems urls with .. or %2e%2e are resolved "safely", and trying to escape with http://localhost:9994/app/../../usr/share/doc/ntp/index.html or http://localhost:9994/app/%2e%2e/%2e%2e/usr/share/doc/ntp/index.html all fail which is great

• you have some support for MIME types, e.g. index.json is returned as `application/json, nice

[laduke]

Thanks for testing it out! We're relying on https://github.com/yhirose/cpp-httplib for the heavy lifting, including not allow traversal. It was already included in this codebase.

More news and info Coming Soon