WEB-21594 Web preview opens a 404 Not Found document

author Vladimir Krivosheev <vladimir.krivosheev@jetbrains.com>

Fri, 13 May 2016 16:14:49 +0000 (18:14 +0200)

committer Vladimir Krivosheev <vladimir.krivosheev@jetbrains.com>

Fri, 13 May 2016 16:14:49 +0000 (18:14 +0200)
author Vladimir Krivosheev <vladimir.krivosheev@jetbrains.com>
Fri, 13 May 2016 16:14:49 +0000 (18:14 +0200)
committer Vladimir Krivosheev <vladimir.krivosheev@jetbrains.com>
Fri, 13 May 2016 16:14:49 +0000 (18:14 +0200)
diff --git a/platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt b/platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt

index 2876c923e9bd9f2e5c0eda5309006d7b71f846bc..f3b93dceabb6b1eab63a1b30efbf94b103ee6a48 100644 (file)
--- a/platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt
+++ b/platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt
@@ -139,7 +139,8 @@ private fun checkAccess(pathInfo: PathInfo, channel: Channel, request: HttpReque
        HttpResponseStatus.FORBIDDEN.orInSafeMode(HttpResponseStatus.NOT_FOUND).send(channel, request)
        return false
      }
-    else if (!checkAccess(file, Paths.get(pathInfo.root.path))) {
+    else if (!hasAccess(file)) {
+      // we check only file, but all directories in the path because of https://youtrack.jetbrains.com/issue/WEB-21594
        HttpResponseStatus.FORBIDDEN.orInSafeMode(HttpResponseStatus.NOT_FOUND).send(channel, request)
        return false
      }
diff --git a/platform/built-in-server/src/org/jetbrains/builtInWebServer/StaticFileHandler.kt b/platform/built-in-server/src/org/jetbrains/builtInWebServer/StaticFileHandler.kt

index 457e39c19f5b079a9350ef2a71bebc0df86755be..b8325a0a26ac219d2f3e926aec5a7e42d18f339a 100644 (file)
--- a/platform/built-in-server/src/org/jetbrains/builtInWebServer/StaticFileHandler.kt
+++ b/platform/built-in-server/src/org/jetbrains/builtInWebServer/StaticFileHandler.kt
@@ -105,4 +105,4 @@ internal fun checkAccess(file: Path, root: Path = file.root): Boolean {
  }
  
  // deny access to any dot prefixed file
-private fun hasAccess(result: Path) = Files.isReadable(result) && !(Files.isHidden(result) || result.fileName.toString().startsWith('.'))
-\ No newline at end of file
+internal fun hasAccess(result: Path) = Files.isReadable(result) && !(Files.isHidden(result) || result.fileName.toString().startsWith('.'))
+\ No newline at end of file
diff --git a/platform/built-in-server/testSrc/BuiltInServerTestCase.kt b/platform/built-in-server/testSrc/BuiltInServerTestCase.kt

index b30634beb5a42b067040beb0848e1a1bb1b2b1e1..1e84816f18014745fc1ac3017030cae642802e4f 100644 (file)
--- a/platform/built-in-server/testSrc/BuiltInServerTestCase.kt
+++ b/platform/built-in-server/testSrc/BuiltInServerTestCase.kt
@@ -55,6 +55,7 @@ internal abstract class BuiltInServerTestCase {
  
  internal fun testUrl(url: String, expectedStatus: HttpResponseStatus): HttpURLConnection {
    val connection = URL(url).openConnection() as HttpURLConnection
+  BuiltInServerManager.getInstance().configureRequestToWebServer(connection)
    assertThat(HttpResponseStatus.valueOf(connection.responseCode)).isEqualTo(expectedStatus)
    return connection
  }
 \ No newline at end of file
diff --git a/platform/built-in-server/testSrc/BuiltInWebServerTest.kt b/platform/built-in-server/testSrc/BuiltInWebServerTest.kt

index d457fac331be20e1cbd19504360ba89ada04cb1a..7ec80123d0de3d66025a0a26a0108cc8d987a7a1 100644 (file)
--- a/platform/built-in-server/testSrc/BuiltInWebServerTest.kt
+++ b/platform/built-in-server/testSrc/BuiltInWebServerTest.kt
@@ -93,7 +93,7 @@ internal class HeavyBuiltInWebServerTest {
    }
  
    @Test
-  fun `hidden dir`() {
+  fun `file in hidden folder`() {
      val projectDir = tempDirManager.newPath().resolve("foo/bar")
      val projectDirPath = projectDir.systemIndependentPath
      createHeavyProject("$projectDirPath/test.ipr").use { project ->
@@ -101,15 +101,15 @@ internal class HeavyBuiltInWebServerTest {
        LocalFileSystem.getInstance().refreshAndFindFileByPath(projectDirPath)
        createModule(projectDirPath, project)
  
-      val dir = projectDir.resolve(".doNotExposeMe")
+      val dir = projectDir.resolve(".coverage")
        if (SystemInfo.isWindows) {
          Files.setAttribute(dir, "dos:hidden", true)
        }
  
-      val path = dir.resolve("foo").write("doNotExposeMe").systemIndependentPath
+      val path = dir.resolve("foo").write("exposeMe").systemIndependentPath
        val relativePath = FileUtil.getRelativePath(project.basePath!!, path, '/')
        val webPath = StringUtil.replace(UrlEscapers.urlPathSegmentEscaper().escape("${project.name}/$relativePath"), "%2F", "/")
-      testUrl("http://localhost:${BuiltInServerManager.getInstance().port}/$webPath", HttpResponseStatus.FORBIDDEN)
+      testUrl("http://localhost:${BuiltInServerManager.getInstance().port}/$webPath", HttpResponseStatus.OK)
      }
    }
  }
 \ No newline at end of file
author	Vladimir Krivosheev <vladimir.krivosheev@jetbrains.com>
	Fri, 13 May 2016 16:14:49 +0000 (18:14 +0200)
committer	Vladimir Krivosheev <vladimir.krivosheev@jetbrains.com>
	Fri, 13 May 2016 16:14:49 +0000 (18:14 +0200)
platform/built-in-server/src/org/jetbrains/builtInWebServer/DefaultWebServerPathHandler.kt		patch \| blob \| history
platform/built-in-server/src/org/jetbrains/builtInWebServer/StaticFileHandler.kt		patch \| blob \| history
platform/built-in-server/testSrc/BuiltInServerTestCase.kt		patch \| blob \| history
platform/built-in-server/testSrc/BuiltInWebServerTest.kt		patch \| blob \| history