Nova/PyWebServer
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 7 Wiki Activity

Compare commits

base: Nova:1.0+u2
Branches Tags
Nova:main Nova:backport-1.0-issue4
Nova:1.3.0 Nova:1.2.1 Nova:1.2 Nova:1.0+u2 Nova:1.1+u2 Nova:1.1 Nova:1.0
...
compare: Nova:1.1
Branches Tags
Nova:main Nova:backport-1.0-issue4
Nova:1.3.0 Nova:1.2.1 Nova:1.2 Nova:1.0+u2 Nova:1.1+u2 Nova:1.1 Nova:1.0

1 Commits
1.0+u2 ... 1.1

Author SHA1 Message Date
Nova
5a92243bcb A quick update to config for more clarity 2025-03-10 15:17:57 +01:00
2 changed files with 46 additions and 17 deletions
Expand all files Collapse all files

32
pywebsrv.conf
View File

@@ -1,17 +1,31 @@
# Using NSCL 1.3 # Using NSCL 1.3
# Port defenition. What ports to use.
# port is the HTTP port, port-https is the HTTPS port
port:8080 port:8080
directory:/home/nova/Documents/html
host:localhost
# DANGER: NEVER EVER TURN THIS ON IN PROD!!!!!!!!!!!!
allow-all:1
# DANGER!!
port-https:8443 port-https:8443
# Here you choose what directory PyWebServer looks in for files.
directory:<Enter directory here>
# Host defenition, what hosts you can connect via.
# You can use FQDNs, IP-addresses and localhost,
# Support for multiple hosts is coming.
host:localhost
# Ignores the host parameter (except for localhost) and allows everything.
# DANGER! For obvious reasons this isn't recommended.
allow-all:0
# Enables HTTP support. (Only enables/disables the HTTP port.)
http:1 http:1
# Enables HTTPS support. (Only enables/disables the HTTPS port.)
https:1 https:1
allow-localhost:0 # Allows the use of localhost to connect.
# for use in libraries # The default is on, this is seperate of the host defenition.
# disable-autocertgen:0 allow-localhost:1
# If you're using the webserver in a library form,
# you can disable the AutoCertGen and never trigger it.
disable-autocertgen:0
# If you wish to block IP-addresses, this function is coming though.
# block-ip:0.0.0.0,1.1.1.1,2.2.2.2 # block-ip:0.0.0.0,1.1.1.1,2.2.2.2
# If you wish to block User-Agents, this function is coming though.
# block-ua:(NULL) # block-ua:(NULL)
# This function is deprecated, allows a connection with no Host header.
# You should NEVER have to enable this! It can pose a risk to security!
# allow-nohost:0 # allow-nohost:0
# In libraries you can disable everything you don't need.

31
pywebsrv.py
View File

@@ -95,6 +95,7 @@ class FileHandler:
"https", "https",
"port-https", "port-https",
"allow-all", "allow-all",
"allow-nohost",
"allow-localhost", "allow-localhost",
"disable-autocertgen", "disable-autocertgen",
] ]
@@ -121,10 +122,8 @@ class FileHandler:
or option == "allow-all" or option == "allow-all"
or option == "allow-localhost" or option == "allow-localhost"
or option == "disable-autocertgen" or option == "disable-autocertgen"
or option == "allow-nohost"
): ):
print(
f"option: {option}, val: {value}, ret: {bool(int(value))}"
)
return bool(int(value)) return bool(int(value))
return value return value
return None return None
@@ -240,6 +239,22 @@ class WebServer:
self.https_socket, server_side=True self.https_socket, server_side=True
) )
self.http_404_html = (
"<html><head><title>HTTP 404 - PyWebServer</title></head>"
"<body><center><h1>HTTP 404 - Not Found!</h1><p>Running PyWebServer/1.1</p>"
"</center></body></html>"
)
self.http_403_html = (
"<html><head><title>HTTP 403 - PyWebServer</title></head>"
"<body><center><h1>HTTP 403 - Forbidden</h1><p>Running PyWebServer/1.1</p>"
"</center></body></html>"
)
self.http_405_html = (
"<html><head><title>HTTP 405 - PyWebServer</title></head>"
"<body><center><h1>HTTP 404 - Method not allowed</h1><p>Running PyWebServer/1.1</p>"
"</center></body></html>"
)
self.running = True self.running = True
def start(self, http, https): def start(self, http, https):
@@ -334,15 +349,15 @@ class WebServer:
if not all([method, path, version]) or not self.parser.is_method_allowed( if not all([method, path, version]) or not self.parser.is_method_allowed(
method method
): ):
return self.build_response(405, "Method Not Allowed") return self.build_response(405, self.http_405_html)
file_content = self.file_handler.read_file(path) file_content = self.file_handler.read_file(path)
if file_content == 403: if file_content == 403:
print("WARN: Directory traversal attack prevented.") # look ma, security!! print("WARN: Directory traversal attack prevented.") # look ma, security!!
return self.build_response(403, "Forbidden") return self.build_response(403, self.http_403_html)
if file_content == 404: if file_content == 404:
return self.build_response(404, "Not Found") return self.build_response(404, self.http_404_html)
if file_content == 500: if file_content == 500:
return self.build_response( return self.build_response(
500, 500,
@@ -381,7 +396,7 @@ class WebServer:
headers = ( headers = (
f"HTTP/1.1 {status_code} {status_message}\r\n" f"HTTP/1.1 {status_code} {status_message}\r\n"
f"Server: PyWebServer/1.0\r\n" f"Server: PyWebServer/1.1\r\n"
f"Content-Type: {content_type}\r\n" f"Content-Type: {content_type}\r\n"
f"Content-Length: {len(binary_data)}\r\n" f"Content-Length: {len(binary_data)}\r\n"
f"Connection: close\r\n\r\n" # connection close bcuz im lazy f"Connection: close\r\n\r\n" # connection close bcuz im lazy
@@ -406,7 +421,7 @@ class WebServer:
headers = ( headers = (
f"HTTP/1.1 {status_code} {status_message}\r\n" f"HTTP/1.1 {status_code} {status_message}\r\n"
f"Server: PyWebServer/1.0\r\n" f"Server: PyWebServer/1.1\r\n"
f"Content-Length: {len(body)}\r\n" f"Content-Length: {len(body)}\r\n"
f"Connection: close\r\n\r\n" f"Connection: close\r\n\r\n"
).encode() ).encode()