diff options
| author | Marvin Borner | 2019-04-02 20:50:02 +0200 |
|---|---|---|
| committer | Marvin Borner | 2019-04-02 20:50:02 +0200 |
| commit | 4aeb6a0ec4c2e51f9d618639f2b0edf6e63da73f (patch) | |
| tree | b39be2d97606f4c9741638391998fce447fec525 | |
| parent | 19c341e4642149b066667f042656a4f045293efd (diff) | |
Preparing for Ajax API
| -rw-r--r-- | build.gradle.kts | 1 | ||||
| -rw-r--r-- | src/main/kotlin/App.kt | 25 |
2 files changed, 13 insertions, 13 deletions
diff --git a/build.gradle.kts b/build.gradle.kts index 17a93a8..c7c5219 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -16,6 +16,7 @@ dependencies { compile("io.javalin:javalin:2.8.0") compile("org.slf4j:slf4j-simple:1.7.26") compile(kotlin("script-runtime")) + compile("com.fasterxml.jackson.core:jackson-databind:2.9.8") } tasks.withType<KotlinCompile> { diff --git a/src/main/kotlin/App.kt b/src/main/kotlin/App.kt index 79c4e83..d7467a4 100644 --- a/src/main/kotlin/App.kt +++ b/src/main/kotlin/App.kt @@ -6,35 +6,34 @@ import java.io.* import java.nio.file.* fun main(args: Array<String>) { - val app = Javalin.create().enableStaticFiles("../resources/").start(7000) val fileHome = "files" + val app = Javalin.create().enableStaticFiles("../resources/").start(7000) - app.get("/") { ctx -> - ctx.result("Hello World") - } - + // TODO: Fix possible security issue with "../" app.get("/files/*") { ctx -> - var files = "" + val files = ArrayList<String>() try { Files.list(Paths.get("$fileHome/${ctx.splats()[0]}/")).forEach { val fileName = it.toString() - .drop(fileHome.length + (if (ctx.splats()[0].isNotEmpty()) ctx.splats()[0].length + 1 else 0)) + .drop(fileHome.length + (if (ctx.splats()[0].isNotEmpty()) ctx.splats()[0].length + 2 else 1)) val filePath = "$fileHome${it.toString().drop(fileHome.length)}" - files += if (File(filePath).isDirectory) "$fileName/\n" else "$fileName\n" + files.add(if (File(filePath).isDirectory) "$fileName/" else fileName) } - ctx.result(files) + ctx.json(files) } catch (_: java.nio.file.NoSuchFileException) { throw NotFoundResponse("Error: File or directory does not exist.") } - - //File("test").writeText(ctx.splat(0)!!) } + app.get("/upload") { ctx -> ctx.redirect("/upload.html") } + + // TODO: Fix possible security issue with "../" app.post("/upload") { ctx -> ctx.uploadedFiles("files").forEach { (contentType, content, name, extension) -> - if (ctx.queryParam("dir") !== null) + if (ctx.queryParam("dir") !== null) { FileUtil.streamToFile(content, "files/${ctx.queryParam("dir")}/$name") - else + ctx.redirect("/upload.html") + } else throw BadRequestResponse("Error: Please enter a filename.") } } |