diff options
| author | Érico Nogueira <erico.erc@gmail.com> | 2021-08-09 10:38:48 -0300 |
|---|---|---|
| committer | Leah Neukirchen <leah@vuxu.org> | 2021-08-09 15:45:11 +0200 |
| commit | 9ef7db6ff9767a594869790f1868288a495d471a (patch) | |
| tree | e703b000114ee7a59e1a3ef6a64bd48f6a873656 | |
| parent | cdb096d59660c19d00f7326fd5afd31d8e1727d7 (diff) | |
| download | hittpd-9ef7db6ff9767a594869790f1868288a495d471a.tar.gz hittpd-9ef7db6ff9767a594869790f1868288a495d471a.tar.xz hittpd-9ef7db6ff9767a594869790f1868288a495d471a.zip | |
fix mimetype for "GET /" requests
index.html was being sent as "application/octet-stream", which broke it for browsers. using strcat is safe, because we check the length before writing. we can't use strcpy because subdirs can also be requested this way.
| -rw-r--r-- | hittpd.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/hittpd.c b/hittpd.c index 2404e47..64e552a 100644 --- a/hittpd.c +++ b/hittpd.c @@ -93,6 +93,7 @@ char mimetypes[] = ":.ico=image/x-icon"; const char *default_mimetype = "application/octet-stream"; +const char index_html[] = "index.html"; char default_vhost[] = "_default"; char default_port[] = "80"; @@ -599,7 +600,11 @@ on_message_complete(http_parser *p) { if (S_ISDIR(st.st_mode)) { int x; if (path[strlen(path)-1] == '/' && - (x = openat(stream_fd, "index.html", O_RDONLY)) >= 0) { + (x = openat(stream_fd, index_html, O_RDONLY)) >= 0) { + if (strlen(path) > PATH_MAX - sizeof index_html) { + return send_error(p, 413, "Payload Too Large"); + } + strcat(path, index_html); close(stream_fd); stream_fd = x; if (fstat(stream_fd, &st) < 0) |