Express不会在vhosts中提供静态ejs文件
Pix*_*ach 6 ejs vhosts node.js express
我能得到的最接近的是客户端下载它们.它将下载正确的ejs文件.
它让我发疯,因为我觉得它应该有效,但事实并非如此.如果我把html文件放在那里他们服务就好了.这有点乱,因为我一直在尝试各种各样的事情.
var application_root = __dirname;
var express = require('express');
var vhost = require( 'vhost' );
var https = require('https');
var http = require('http');
var fs = require('fs');
var path = require("path");
var forceSSL = require('express-force-ssl');
//do something
var app = express();
var credentials = {};
var config = require('./config.json')[process.env.NODE_ENV || 'dev'];
//Use ejs?
app.set('view engine', 'ejs');
app.engine('html', require('ejs').renderFile);
//Ensure all are going to www.
app.all(/.*/, function(req, res, next) {
var host = req.header("host");
if (host.match(/^www\..*/i)) {
next();
} else {
res.redirect(301, "http://www." + host);
}
});
//Use the virtual hosts
app.use(vhost('*.seq.agency',express.static(path.join(__dirname + '/seq.agency'), {
extensions: ['ejs'],
index: 'index.ejs'
})));
app.get('/', function (req, res) {
res.send('vhosts didn\'t catch this!')
});
var httpServer = http.createServer(app);
if(config.name == "prod"){
/*var options = {
key: fs.readFileSync('/etc/letsencrypt/live/kaleidoscope.wtf/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/kaleidoscope.wtf/fullchain.pem'),
ca: fs.readFileSync('/etc/letsencrypt/live/kaleidoscope.wtf/chain.pem')
}*/
console.log('starting on 443');
//var httpsServer = https.createServer(options, app);
//httpsServer.listen(443);
//httpServer.listen(80);
//app.use(forceSSL);
}
console.log('['+config.name+'] starting on port',config.port);
httpServer.listen(config.port);
问题是您正在考虑渲染静态文件.名称建议的静态文件是静态的,并且不需要动态行为和模板渲染
这就是为什么下面的代码无法工作
app.use(vhost('*.seq.agency',express.static(path.join(__dirname + '/seq.agency'), {
extensions: ['ejs'],
index: 'index.ejs'
})));
因为你要求它提供文件,因为它没有处理.所以我稍微修改了你的代码,向你展示了如何在这方面做些工作的例子
var application_root = __dirname;
var express = require('express');
var vhost = require( 'vhost' );
var https = require('https');
var http = require('http');
var fs = require('fs');
var path = require("path");
var forceSSL = require('express-force-ssl');
//do something
var app = express();
var credentials = {};
var config = require('./config.json')[process.env.NODE_ENV || 'dev'];
//Use ejs?
ejs = require("ejs");
app.set('view engine', 'html');
app.engine('html', ejs.renderFile);
app.engine('ejs', ejs.renderFile);
//Ensure all are going to www.
app.all(/.*/, function(req, res, next) {
var host = req.header("host");
if (host.match(/^www\..*/i)) {
next();
} else {
res.redirect(301, "http://www." + host);
}
});
//Use the virtual hosts
app.use(vhost('*.seq.agency',function (req, res, next)
{
const reqPath = req.path;
const paths =
[
reqPath + ".html",
reqPath + "index.html",
reqPath
]
for (file of paths) {
try {
let checkPath = path.join(__dirname,"seq.agency", file);
if (!fs.existsSync(checkPath))
continue;
let stat = fs.statSync(checkPath);
if (stat && stat.isFile())
{
res.render(checkPath);
return;
}
} finally {
}
}
console.log(file);
}));
app.get('/', function (req, res) {
res.send('vhosts didn\'t catch this!')
});
var httpServer = http.createServer(app);
if(config.name == "prod"){
/*var options = {
key: fs.readFileSync('/etc/letsencrypt/live/kaleidoscope.wtf/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/kaleidoscope.wtf/fullchain.pem'),
ca: fs.readFileSync('/etc/letsencrypt/live/kaleidoscope.wtf/chain.pem')
}*/
console.log('starting on 443');
//var httpsServer = https.createServer(options, app);
//httpsServer.listen(443);
//httpServer.listen(80);
//app.use(forceSSL);
}
console.log('['+config.name+'] starting on port',config.port);
httpServer.listen(config.port);
所以关键是我们按以下顺序检查路径
reqPath + ".html",
reqPath + "index.html",
reqPath
如果它存在,那么我们将其作为回应.这不是生产使用代码,因为它允许你进行目录遍历攻击,但这是为了让你知道你做错了什么以及你应该如何处理它
| 归档时间: |
|
| 查看次数: |
200 次 |
| 最近记录: |