From 9fe54e1c6025a45cdd531c093bb94d193a8b91a0 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Sat, 16 Nov 2019 10:44:45 -0700 Subject: file_server: Use HTTPS port when a qualifying domain is specified Also little comment cleanups --- modules/caddyhttp/fileserver/command.go | 17 ++++++++++++----- modules/caddyhttp/fileserver/staticfiles.go | 5 +---- 2 files changed, 13 insertions(+), 9 deletions(-) (limited to 'modules') diff --git a/modules/caddyhttp/fileserver/command.go b/modules/caddyhttp/fileserver/command.go index 17274da..b861a99 100644 --- a/modules/caddyhttp/fileserver/command.go +++ b/modules/caddyhttp/fileserver/command.go @@ -18,12 +18,14 @@ import ( "encoding/json" "flag" "log" + "strconv" "github.com/caddyserver/caddy/v2" "github.com/caddyserver/caddy/v2/caddyconfig" "github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile" caddycmd "github.com/caddyserver/caddy/v2/cmd" "github.com/caddyserver/caddy/v2/modules/caddyhttp" + "github.com/mholt/certmagic" ) func init() { @@ -36,12 +38,13 @@ func init() { A simple but production-ready file server. Useful for quick deployments, demos, and development. -If a qualifying hostname is specified with --domain, the server will use -HTTPS if domain validation succeeds. Ensure A/AAAA records are properly -configured before using this option. - The listener's socket address can be customized with the --listen flag. +If a qualifying hostname is specified with --domain, the default listener +address will be changed to the HTTPS port and the server will use HTTPS +if domain validation succeeds. Ensure A/AAAA records are properly +configured before using this option. + If --browse is enabled, requests for folders without an index file will respond with a file listing.`, Flags: func() *flag.FlagSet { @@ -83,7 +86,11 @@ func cmdFileServer(fs caddycmd.Flags) (int, error) { Routes: caddyhttp.RouteList{route}, } if listen == "" { - listen = ":" + httpcaddyfile.DefaultPort + if certmagic.HostQualifies(domain) { + listen = ":" + strconv.Itoa(certmagic.HTTPSPort) + } else { + listen = ":" + httpcaddyfile.DefaultPort + } } server.Listen = []string{listen} diff --git a/modules/caddyhttp/fileserver/staticfiles.go b/modules/caddyhttp/fileserver/staticfiles.go index d1791db..732894d 100644 --- a/modules/caddyhttp/fileserver/staticfiles.go +++ b/modules/caddyhttp/fileserver/staticfiles.go @@ -150,9 +150,6 @@ func (fsrv *FileServer) ServeHTTP(w http.ResponseWriter, r *http.Request, next c return fsrv.notFound(w, r, next) } - // TODO: maybe there should be a way to serve the next handler - // instead of returning 404 if a file is not found? - // TODO: content negotiation (brotli sidecar files, etc...) // one last check to ensure the file isn't hidden (we might @@ -193,7 +190,7 @@ func (fsrv *FileServer) ServeHTTP(w http.ResponseWriter, r *http.Request, next c if mtyp == "" { // do not allow Go to sniff the content-type; see // https://www.youtube.com/watch?v=8t8JYpt0egE - // TODO: Consider writing a default mime type of application/octet-stream - this is secure but violates spec + // TODO: If we want a Content-Type, consider writing a default of application/octet-stream - this is secure but violates spec w.Header()["Content-Type"] = nil } else { w.Header().Set("Content-Type", mtyp) -- cgit v1.2.3