使用res.sendFile()

时间:2016-07-30 10:21:01

标签: javascript node.js

我正在学习node.js,以便我可以处理我的个人项目。我也试图开始使用它"对于真实的"。事实上,我尝试起床的第一个重要功能是登录功能。出于某种原因,在URL中弹出?时,它无法正常工作。

appServer.js中的代码类似于:

var express = require('express');
var app = express();
var bodyParser = require('body-parser');
var session = require('client-sessions');   

var users = require('./helpers/users.js'),
    helpers = require('./helpers/helpers.js');

var fs = require('fs'),
    path = require('path');

var https = require('https');

function handleIncomingRequest(req, res)
{
    console.log("INCOMING REQUEST: " + req.method + " " + req.url);

    console.log("req.url == " + req.url);
    var questionMarkIndex = req.url.indexOf('?');
    console.log("questionMarkIndex == " + questionMarkIndex);
    var filename = req.url;
    if (questionMarkIndex != -1) filename = req.url.substr(0, questionMarkIndex);
    serveStaticFile(filename,
        res);
    //serveStaticFile(req.url, res);
}

app//.use(express.logger('dev'))
    .use(bodyParser.urlencoded({ extended: true }))
    .use(session({
    cookieName: 'session',
    secret: 'ckwtngqjqerrafourhpvi',
    duration: 30 * 60 * 1000,
    activeDuration: 15 * 60 * 1000,
    httpOnly: true,
    secure: true,
    ephemeral: true
}))
    .get("/YALApp/*", 
        requirePageLogin,
        function(req, res)
        {
            handleIncomingRequest(req, res);
        }
    )
    .get("/YALApp", 
        function (req, res) {
            res.redirect('/YALApp/');
        }
    )
    .post('/service/login', users.login)
    .get("*",
        function(req, res)
        {           
            res.writeHead(404, { "Content-Type" : "application/json" });
            res.end(JSON.stringify(helpers.makeError("file_not_found",
                    "The requested file cannot be accessed: " + req.url), null, '\t') + '\n');
        }
    );
app.listen(8080);
/*https.createServer(options, app).listen(8080, function()
{
    console.log("server listening on port 8080");
});
*/
function serveStaticFile(file, res)
{
    console.log("file == " + file);
    var url = '/var/www/html' + file;
    if (url.charAt(url.length - 1) == '/' || url.lastIndexOf('.') == -1)
    {
        console.log(res.sendFile);
        res.sendFile(url + '/index.html');
        return;
    }
    res.sendFile(url);
}

初始静态页面(网址:/YALApp/loginPage.html)加载得很好,但其依赖关系不适用(因此页面不起作用) 这是静态页面:

<!DOCTYPE html>
<html>
    <head>
        <!-- Linking to define the colors (up one level, and in theme) -->
        <script src="../jQueryLib/theme/external/jquery/jquery.js"></script>
        <link href="../jQueryLib/theme/jquery-ui.css" rel="stylesheet" >
        <!-- Linking to setup the page -->
        <link href="css/loginPage.css" rel="stylesheet">
        <!-- Providing UI functionality -->
        <script type="text/javascript" src="../jQueryLib/theme/jquery-ui.js"></script>
         <!-- jQuery UI touch-punch -->
                <script type="text/javascript" src="../jQueryLib/theme/jquery.ui.touch-punch.min.js"></script>
        <!-- page functionality -->
        <script src="js/loginPage.js"></script>
        <title>Group Management Login Page</title>
    </head>
    <body>
        <h1 class="center">Group Management Tool</h1>
        <div id="login" class="pageCenter">
            <form id="loginForm">
                <h2 class="ui-widget-header row">Login</h2>
                <span class="row">
                    <label for="loginUserName" class="third">User name</label>
                    <input type="text" id="loginUserName" class="twoThirds"></input>
                </span>
                <span class="rowTight">
                    <label for="loginPassword" class="third">Password</label>
                    <input type="password" id="loginPassword" class="twoThirds"></input>
                </span>
                <span class="rowTight">
                    <!-- TODO: implement "forgot username" feature -->
                    <a id="forgotUsernameLink" class="center half" href="">Forgot username?</a>
                    <!-- TODO: implement "forgot password" feature -->
                    <a id="forgotPasswordLink" class="center half" href="">Forgot password?</a>
                </span>
                <span class="row">
                    <input type="submit" id="loginBtn" class="third" value="Login" />
                    <!--<button id="protoLogin" title="Populates login form with login data for the prototype" value="Prototype"-->
                </span>
            </form>
        </div>
    </body>
</html>

尝试的结果:Trying the "smart" sendFile method

这里发生了什么?!?!?

1 个答案:

答案 0 :(得分:0)

我想我发现了错误:我试图通过处理GET对其他所有请求的请求来避免安全灾难。也就是说,当我“退出”YALApp文件夹时,我至少可以访问phpMyAdmin文件夹,只需从中请求文件,即可下载该文件。我提出了404错误。

这很容易解决,因为我所要做的就是为/jQueryLib/*个请求添加路由,并重复我为/YALApp/*所做的操作。

相关问题
最新问题