A quick update to config for more clarity

This commit is contained in:
2025-03-10 15:17:57 +01:00
parent d044538abd
commit 5a92243bcb
2 changed files with 46 additions and 17 deletions

View File

@@ -1,17 +1,31 @@
# Using NSCL 1.3
# Port defenition. What ports to use.
# port is the HTTP port, port-https is the HTTPS port
port:8080
directory:/home/nova/Documents/html
host:localhost
# DANGER: NEVER EVER TURN THIS ON IN PROD!!!!!!!!!!!!
allow-all:1
# DANGER!!
port-https:8443
# Here you choose what directory PyWebServer looks in for files.
directory:<Enter directory here>
# Host defenition, what hosts you can connect via.
# You can use FQDNs, IP-addresses and localhost,
# Support for multiple hosts is coming.
host:localhost
# Ignores the host parameter (except for localhost) and allows everything.
# DANGER! For obvious reasons this isn't recommended.
allow-all:0
# Enables HTTP support. (Only enables/disables the HTTP port.)
http:1
# Enables HTTPS support. (Only enables/disables the HTTPS port.)
https:1
allow-localhost:0
# for use in libraries
# disable-autocertgen:0
# Allows the use of localhost to connect.
# The default is on, this is seperate of the host defenition.
allow-localhost:1
# If you're using the webserver in a library form,
# you can disable the AutoCertGen and never trigger it.
disable-autocertgen:0
# If you wish to block IP-addresses, this function is coming though.
# block-ip:0.0.0.0,1.1.1.1,2.2.2.2
# If you wish to block User-Agents, this function is coming though.
# block-ua:(NULL)
# This function is deprecated, allows a connection with no Host header.
# You should NEVER have to enable this! It can pose a risk to security!
# allow-nohost:0
# In libraries you can disable everything you don't need.

View File

@@ -95,6 +95,7 @@ class FileHandler:
"https",
"port-https",
"allow-all",
"allow-nohost",
"allow-localhost",
"disable-autocertgen",
]
@@ -121,10 +122,8 @@ class FileHandler:
or option == "allow-all"
or option == "allow-localhost"
or option == "disable-autocertgen"
or option == "allow-nohost"
):
print(
f"option: {option}, val: {value}, ret: {bool(int(value))}"
)
return bool(int(value))
return value
return None
@@ -240,6 +239,22 @@ class WebServer:
self.https_socket, server_side=True
)
self.http_404_html = (
"<html><head><title>HTTP 404 - PyWebServer</title></head>"
"<body><center><h1>HTTP 404 - Not Found!</h1><p>Running PyWebServer/1.1</p>"
"</center></body></html>"
)
self.http_403_html = (
"<html><head><title>HTTP 403 - PyWebServer</title></head>"
"<body><center><h1>HTTP 403 - Forbidden</h1><p>Running PyWebServer/1.1</p>"
"</center></body></html>"
)
self.http_405_html = (
"<html><head><title>HTTP 405 - PyWebServer</title></head>"
"<body><center><h1>HTTP 404 - Method not allowed</h1><p>Running PyWebServer/1.1</p>"
"</center></body></html>"
)
self.running = True
def start(self, http, https):
@@ -334,15 +349,15 @@ class WebServer:
if not all([method, path, version]) or not self.parser.is_method_allowed(
method
):
return self.build_response(405, "Method Not Allowed")
return self.build_response(405, self.http_405_html)
file_content = self.file_handler.read_file(path)
if file_content == 403:
print("WARN: Directory traversal attack prevented.") # look ma, security!!
return self.build_response(403, "Forbidden")
return self.build_response(403, self.http_403_html)
if file_content == 404:
return self.build_response(404, "Not Found")
return self.build_response(404, self.http_404_html)
if file_content == 500:
return self.build_response(
500,
@@ -381,7 +396,7 @@ class WebServer:
headers = (
f"HTTP/1.1 {status_code} {status_message}\r\n"
f"Server: PyWebServer/1.0\r\n"
f"Server: PyWebServer/1.1\r\n"
f"Content-Type: {content_type}\r\n"
f"Content-Length: {len(binary_data)}\r\n"
f"Connection: close\r\n\r\n" # connection close bcuz im lazy
@@ -406,7 +421,7 @@ class WebServer:
headers = (
f"HTTP/1.1 {status_code} {status_message}\r\n"
f"Server: PyWebServer/1.0\r\n"
f"Server: PyWebServer/1.1\r\n"
f"Content-Length: {len(body)}\r\n"
f"Connection: close\r\n\r\n"
).encode()