From 1e82f7b36ff6d708cd285310eb090d58f9da855c Mon Sep 17 00:00:00 2001
From: Roland Reichwein <mail@reichwein.it>
Date: Tue, 14 Apr 2020 19:44:55 +0200
Subject: Fix webbox: m_path

---
 plugins/webbox/webbox.cpp | 37 +++++++++++++++++++++----------------
 1 file changed, 21 insertions(+), 16 deletions(-)

(limited to 'plugins/webbox')

diff --git a/plugins/webbox/webbox.cpp b/plugins/webbox/webbox.cpp
index 78be007..142345a 100644
--- a/plugins/webbox/webbox.cpp
+++ b/plugins/webbox/webbox.cpp
@@ -56,10 +56,11 @@ namespace {
  };
 
  std::unordered_map<std::string, std::string> status_map {
+  { "301", "Moved Permanently" },
   { "400", "Bad Request"},
   { "403", "Forbidden" },
   { "404", "Not Found" },
-  { "505", "Internal Server Error" },
+  { "500", "Internal Server Error" }
  };
 
  std::unordered_map<std::string, std::string> ParseQueryString(std::string s)
@@ -68,7 +69,7 @@ namespace {
 
   size_t pos = s.find('?');
   if (pos != s.npos) {
-   auto list {split(s.substr(pos), "&")};
+   auto list {split(s.substr(pos + 1), "&")};
    for (auto i: list) {
     pos = i.find('=');
     if (pos != i.npos) {
@@ -143,14 +144,18 @@ public:
 
   // Set parameters from FastCGI request environment
   m_pathInfo = p.m_GetRequestParam("rel_target");
-  if (m_pathInfo == "") {
-   m_pathInfo = "/";
+  size_t pos {m_pathInfo.find('?')};
+  if (pos != m_pathInfo.npos) {
+   m_pathInfo = m_pathInfo.substr(0, pos);
   }
+
   if (m_pathInfo.find("..") != m_pathInfo.npos) {
    return HttpStatus("403", "Bad path: "s + m_pathInfo, p);
   }
 
-  m_path = p.webboxPath + m_pathInfo;
+  m_path = p.webboxPath;
+  if (!m_pathInfo.empty())
+   m_path /= m_pathInfo;
 
   return this->start(p);
  }
@@ -173,7 +178,7 @@ protected:
 
  // calculated during start of execute()
  std::string m_pathInfo; // path inside webbox, derived from request
- std::string m_path; // complete path, TODO: fs::path
+ fs::path m_path; // local filesystem path
 };
 
 class GetCommand: public Command
@@ -347,7 +352,7 @@ protected:
   std::string dirname = tree.get<std::string>("dirname");
 
   try {
-   if (fs::create_directory(fs::path(m_path) / dirname))
+   if (fs::create_directory(m_path / dirname))
     return "Successfully created directory";
    else
     return "Error creating directory";
@@ -383,7 +388,7 @@ protected:
    for (const auto& element: elements) {
     if (element.first == "file"s) {
      std::string filename{element.second.data()};
-     fs::path path {fs::path(m_path) / filename};
+     fs::path path {m_path / filename};
 
      auto filesize {fs::file_size(path)};
 
@@ -498,7 +503,7 @@ protected:
     if (element.first == "file"s) {
      std::string filename{element.second.data()};
 
-     fs::path path{fs::path(m_path) / filename};
+     fs::path path{m_path / filename};
 
      if (fs::is_directory(path)) {
       try {
@@ -555,10 +560,10 @@ protected:
    auto elements {tree.get_child("request")};
    for (const auto& element: elements) {
     if (element.first == "target") {
-     targetDir = fs::path{m_path} / element.second.data();
+     targetDir = m_path / element.second.data();
     } else if (element.first == "file") {
      std::string filename{element.second.data()};
-     fs::path old_path{fs::path{m_path} / filename};
+     fs::path old_path{m_path / filename};
      fs::path new_path{targetDir / filename};
      try {
       fs::rename(old_path, new_path);
@@ -604,8 +609,8 @@ protected:
   std::string oldname{tree.get<std::string>("request.oldname")};
   std::string newname{tree.get<std::string>("request.newname")};
 
-  fs::path oldpath{fs::path(m_path) / oldname};
-  fs::path newpath{fs::path(m_path) / newname};
+  fs::path oldpath{m_path / oldname};
+  fs::path newpath{m_path / newname};
   
   try {
    fs::rename(oldpath, newpath);
@@ -683,7 +688,7 @@ protected:
         } else {
          filecontent = filecontent.substr(start + "\r\n\r\n"s.size());
 
-         fs::path path{ fs::path{m_path} / filename};
+         fs::path path{ m_path / filename};
          try {
           File::setFile(path, filecontent);
          } catch (const std::exception& ex) {
@@ -716,12 +721,12 @@ protected:
   try {
    std::string result{File::getFile(m_path)};
 
-   p.m_SetResponseHeader("content_disposition", "attachment; filename=\""s + fs::path{m_path}.filename().string() + "\""s);
+   p.m_SetResponseHeader("content_disposition", "attachment; filename=\""s + m_path.filename().string() + "\""s);
    p.m_SetResponseHeader("content_type", "application/octet-stream");
 
    return result;
   } catch (const std::exception& ex) {
-   return HttpStatus("500", "Bad file: "s + fs::path{m_path}.filename().string(), p);
+   return HttpStatus("500", "Bad file: "s + m_path.filename().string(), p);
   }
  }
 };
-- 
cgit v1.2.3