add safety checks, fix error
This commit is contained in:
parent
c7dfec515d
commit
579709ae40
24
server.js
24
server.js
|
|
@ -84,8 +84,12 @@ function myApproveDomains(opts) {
|
||||||
return null;
|
return null;
|
||||||
}).then(function () {
|
}).then(function () {
|
||||||
// check for api prefix
|
// check for api prefix
|
||||||
return checkApi('api.' + domain).then(function () {
|
var apiname = domain;
|
||||||
domains.push(opts.domain);
|
if (domains.length) {
|
||||||
|
apiname = 'api.' + domain;
|
||||||
|
}
|
||||||
|
return checkApi(apiname).then(function () {
|
||||||
|
domains.push(apiname);
|
||||||
}).catch(function () {
|
}).catch(function () {
|
||||||
return null;
|
return null;
|
||||||
});
|
});
|
||||||
|
|
@ -129,11 +133,16 @@ function checkApi(hostname) {
|
||||||
});
|
});
|
||||||
}).catch(function (e) {
|
}).catch(function (e) {
|
||||||
if ('ENOENT' === e.code) { return null; }
|
if ('ENOENT' === e.code) { return null; }
|
||||||
|
console.error(e);
|
||||||
throw new Error("rejecting '" + hostname + "' because '" + apipath + link + "' failed at require()");
|
throw new Error("rejecting '" + hostname + "' because '" + apipath + link + "' failed at require()");
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function checkWwws(_hostname) {
|
function checkWwws(_hostname) {
|
||||||
|
if (!_hostname) {
|
||||||
|
// SECURITY don't serve the whole config.srv
|
||||||
|
return Promise.reject(new Error("missing hostname"));
|
||||||
|
}
|
||||||
var hostname = _hostname;
|
var hostname = _hostname;
|
||||||
var hostdir = path.join(config.srv, hostname);
|
var hostdir = path.join(config.srv, hostname);
|
||||||
// TODO could test for www/no-www both in directory
|
// TODO could test for www/no-www both in directory
|
||||||
|
|
@ -167,9 +176,10 @@ function checkWwws(_hostname) {
|
||||||
function myVhostApp(req, res) {
|
function myVhostApp(req, res) {
|
||||||
// SECURITY greenlock pre-sanitizes hostnames to prevent unauthorized fs access so you don't have to
|
// SECURITY greenlock pre-sanitizes hostnames to prevent unauthorized fs access so you don't have to
|
||||||
// (also: only domains approved above will get here)
|
// (also: only domains approved above will get here)
|
||||||
console.log(req.method);
|
console.info(req.method, (req.headers.host|'') + req.url);
|
||||||
console.log(req.url);
|
Object.keys(req.headers).forEach(function (key) {
|
||||||
console.log(req.headers);
|
console.info(key, req.headers[key])
|
||||||
|
});
|
||||||
|
|
||||||
// We could cache wether or not a host exists for some amount of time
|
// We could cache wether or not a host exists for some amount of time
|
||||||
var fin = finalhandler(req, res);
|
var fin = finalhandler(req, res);
|
||||||
|
|
@ -186,10 +196,10 @@ function myVhostApp(req, res) {
|
||||||
}).catch(function (err) {
|
}).catch(function (err) {
|
||||||
return checkApi(req.headers.host).then(function (app) {
|
return checkApi(req.headers.host).then(function (app) {
|
||||||
if (app) { app(req, res); return; }
|
if (app) { app(req, res); return; }
|
||||||
console.log("www error", err);
|
console.error("none found", err);
|
||||||
fin();
|
fin();
|
||||||
}).catch(function (err) {
|
}).catch(function (err) {
|
||||||
console.log("api error", err);
|
console.error("api crashed error", err);
|
||||||
fin(err);
|
fin(err);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue