simono41/shellinabox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Use JavaScript redirection for attaching the missing slash to

Browse source 
the URL. This should make it easier to use reverse proxies. It was
already possible to run shellinaboxd behind a proxy, but a lot of
users got the configuration wrong.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@152 0da03de8-d603-11dd-86c2-0f8696b7b6f9
This commit is contained in:
zodiac@gmail.com 2009-07-27 18:31:05 +00:00
parent 09386df071
commit 052a47aa08
10 changed files with 55 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ChangeLog
View file

@ -1,3 +1,10 @@
2009-07-27 Markus Gutschke <markus@shellinabox.com>
* Use JavaScript redirection for attaching the missing slash to
the URL. This should make it easier to use reverse proxies. It was
already possible to run shellinaboxd behind a proxy, but a lot of
users got the configuration wrong.
2009-07-08 Markus Gutschke <markus@shellinabox.com> 2009-07-08 Markus Gutschke <markus@shellinabox.com>
* Optionally compress large responses, if the browser accepts * Optionally compress large responses, if the browser accepts

2
config.h
View file

@ -135,7 +135,7 @@
#define STDC_HEADERS 1 #define STDC_HEADERS 1
/* Most recent revision number in the version control system */ /* Most recent revision number in the version control system */
#define VCS_REVISION "149" #define VCS_REVISION "152"
/* Version number of package */ /* Version number of package */
#define VERSION "2.9" #define VERSION "2.9"

2
configure vendored
View file

@ -2037,7 +2037,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_compiler_gnu=$ac_cv_c_compiler_gnu
VCS_REVISION=149 VCS_REVISION=152
cat >>confdefs.h <<_ACEOF cat >>confdefs.h <<_ACEOF

2
configure.ac
View file

@ -2,7 +2,7 @@ AC_PREREQ(2.57)
dnl This is the one location where the authoritative version number is stored dnl This is the one location where the authoritative version number is stored
AC_INIT(shellinabox, 2.9, markus@shellinabox.com) AC_INIT(shellinabox, 2.9, markus@shellinabox.com)
VCS_REVISION=149 VCS_REVISION=152
AC_SUBST(VCS_REVISION) AC_SUBST(VCS_REVISION)
AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}", AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
[Most recent revision number in the version control system]) [Most recent revision number in the version control system])

2
demo/vt100.js
View file

@ -1693,7 +1693,7 @@ VT100.prototype.toggleBell = function() {
}; };
VT100.prototype.about = function() { VT100.prototype.about = function() {
alert("VT100 Terminal Emulator " + "2.9 (revision 149)" + alert("VT100 Terminal Emulator " + "2.9 (revision 152)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" + "\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com"); "For more information check http://shellinabox.com");
}; };

26
shellinabox/root_page.html
View file

@ -50,6 +50,32 @@
<title>Shell In A Box</title> <title>Shell In A Box</title>
<link rel="stylesheet" href="styles.css" type="text/css"> <link rel="stylesheet" href="styles.css" type="text/css">
<script type="text/javascript"><!-- <script type="text/javascript"><!--
// Check that our URL is well-formed. Redirect to HTTPS if necessary
(function() {
var hasSSL = %s;
var path = document.location.pathname;
var proto = hasSSL ? 'https:' : 'http:';
if (path.match(/plain/) || !hasSSL) {
proto = 'http:';
}
path = path.replace(/\/+/, '/').replace(/\/$/, '');
if (!path.match(/(?:\/|\/plain)$/)) {
path += '/';
}
var url = proto + '//' + document.location.host + path;
if (document.location.search != '' &&
document.location.search != '?') {
url += document.location.search;
}
if (document.location.hash != '' &&
document.location.hash != '#') {
url += document.location.hash;
}
if (url != document.location.href) {
document.location.replace(url);
}
})();
// We would like to hide overflowing lines as this can lead to // We would like to hide overflowing lines as this can lead to
// visually jarring results if the browser substitutes oversized // visually jarring results if the browser substitutes oversized
// Unicode characters from different fonts. Unfortunately, a bug // Unicode characters from different fonts. Unfortunately, a bug

4
shellinabox/shell_in_a_box.js
View file

@ -333,7 +333,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) {
// provide a menu entry to switch between the two. // provide a menu entry to switch between the two.
var newNode = document.createElement('li'); var newNode = document.createElement('li');
var isSecure; var isSecure;
if (document.location.href != '') { if (document.location.hash != '') {
isSecure = !this.nextUrl.match(/\?plain$/); isSecure = !this.nextUrl.match(/\?plain$/);
} else { } else {
isSecure = this.nextUrl.match(/^https:/); isSecure = this.nextUrl.match(/^https:/);
@ -355,7 +355,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) {
}; };
ShellInABox.prototype.about = function() { ShellInABox.prototype.about = function() {
alert("Shell In A Box version " + "2.9 (revision 149)" + alert("Shell In A Box version " + "2.9 (revision 152)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" + "\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com" + "For more information check http://shellinabox.com" +
(typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ? (typeof serverSupportsSSL != 'undefined' && serverSupportsSSL ?

2
shellinabox/shell_in_a_box.jspp
View file

@ -333,7 +333,7 @@ ShellInABox.prototype.extendContextMenu = function(entries, actions) {
// provide a menu entry to switch between the two. // provide a menu entry to switch between the two.
var newNode = document.createElement('li'); var newNode = document.createElement('li');
var isSecure; var isSecure;
if (document.location.href != '') { if (document.location.hash != '') {
isSecure = !this.nextUrl.match(/\?plain$/); isSecure = !this.nextUrl.match(/\?plain$/);
} else { } else {
isSecure = this.nextUrl.match(/^https:/); isSecure = this.nextUrl.match(/^https:/);

47
shellinabox/shellinaboxd.c
View file

@ -468,7 +468,6 @@ static int shellInABoxHttpHandler(HttpConnection *http, void *arg,
// Normalize the path info // Normalize the path info
const char *pathInfo = urlGetPathInfo(url); const char *pathInfo = urlGetPathInfo(url);
int trailingSlash = *pathInfo == '/';
while (*pathInfo == '/') { while (*pathInfo == '/') {
pathInfo++; pathInfo++;
} }
@ -479,44 +478,26 @@ static int shellInABoxHttpHandler(HttpConnection *http, void *arg,
} }
int pathInfoLength = endPathInfo - pathInfo; int pathInfoLength = endPathInfo - pathInfo;
// The root page should always have a trailing slash. If it doesn't do so, if (!pathInfoLength ||
// the JavaScript code cannot easily find related resources. (pathInfoLength == 5 && !memcmp(pathInfo, "plain", 5)) ||
if (!pathInfoLength && !trailingSlash) { (pathInfoLength == 6 && !memcmp(pathInfo, "secure", 6))) {
char *redir = stringPrintf(NULL, // The root page serves the AJAX application.
"HTTP/1.1 302 Temporary Relocation\r\n"
"Connection: close\r\n"
"Content-Length: 0\r\n"
"Content-Type: text/html\r\n"
"Location: %s/\r\n"
"\r\n",
urlGetURL(url));
debug("Redirecting to %s/", urlGetURL(url));
httpTransfer(http, redir, strlen(redir));
} else if (!pathInfoLength ||
(pathInfoLength == 5 && !memcmp(pathInfo, "plain", 5))) {
// The root page either serves the AJAX application or redirects to the
// secure HTTPS URL.
if (contentType && if (contentType &&
!strncasecmp(contentType, "application/x-www-form-urlencoded", 33)) { !strncasecmp(contentType, "application/x-www-form-urlencoded", 33)) {
// XMLHttpRequest carrying data between the AJAX application and the // XMLHttpRequest carrying data between the AJAX application and the
// client session. // client session.
return dataHandler(http, arg, buf, len, url); return dataHandler(http, arg, buf, len, url);
} }
if (enableSSL && !pathInfoLength && strcmp(urlGetProtocol(url), "https")) { extern char rootPageStart[];
httpSendReply(http, 200, "Shell In A Box", extern char rootPageEnd[];
"<script type=\"text/javascript\"><!--\n" char *rootPage;
"document.location.replace(" check(rootPage = malloc(rootPageEnd - rootPageStart + 1));
"document.location.href.replace(/^http:/,'https:'));\n" memcpy(rootPage, rootPageStart, rootPageEnd - rootPageStart);
"--></script>\n" rootPage[rootPageEnd - rootPageStart] = '\000';
"<noscript>\n" char *html = stringPrintf(NULL, rootPage,
"JavaScript must be enabled for ShellInABox\n" enableSSL ? "true" : "false");
"</noscript>"); httpSendReply(http, 200, "OK", html);
} else { free(rootPage);
extern char rootPageStart[];
extern char rootPageEnd[];
serveStaticFile(http, "text/html; charset=utf-8",
rootPageStart, rootPageEnd);
}
} else if (pathInfoLength == 8 && !memcmp(pathInfo, "beep.wav", 8)) { } else if (pathInfoLength == 8 && !memcmp(pathInfo, "beep.wav", 8)) {
// Serve the audio sample for the console bell. // Serve the audio sample for the console bell.
extern char beepStart[]; extern char beepStart[];

2
shellinabox/vt100.js
View file

@ -1693,7 +1693,7 @@ VT100.prototype.toggleBell = function() {
}; };
VT100.prototype.about = function() { VT100.prototype.about = function() {
alert("VT100 Terminal Emulator " + "2.9 (revision 149)" + alert("VT100 Terminal Emulator " + "2.9 (revision 152)" +
"\nCopyright 2008-2009 by Markus Gutschke\n" + "\nCopyright 2008-2009 by Markus Gutschke\n" +
"For more information check http://shellinabox.com"); "For more information check http://shellinabox.com");
}; };