[AMG]: This page collects useful and illustrative zone handlers for the [Wibble] web server. <> ---- **Reloading the server source** [AMG]: Here is a '''reload''' zone handler that reloads the server source on command. ====== proc wibble::reload {request response} { set wibble::zones {} foreach script [dict get $request scripts] { uplevel #0 [list source $script] } dict set response status 200 dict set response header content-type text/plain dict set response content "Server reloaded. Have a nice day.\n" wibble::sendresponse $response } wibble::handle /reload reload scripts [list [info script]] ====== ---- **Interfacing with Wub domains** '''[CMcC] - 2010-06-27 23:08:49''' Something like the following shim ought to interface most [Wub] domains to a wibble server. You'd have to construct the Wub domain with appropriate arguments, then in the wibble::handle definition, pass an option "domain $domain" Some Wub domains won't work, as they require capabilities that wibble doesn't provide, but many should. Enjoy. ====== proc wibble::wub {request response} { dict with request {} # remap some important request fields dict set r -uri $uri dict set r -clientheaders [dict keys $request] set r [dict merge $r $request [Url parse $uri 1]] try { {*}$domain do $r } on error {r options} { return [nexthandler $request $response] } # remap some important result fields dict set response content [dict get $r -content] dict set response status [dict get $r -code] sendresponse [dict merge $response [dict remove $r [dict keys $r -*]]] } ====== ---- **Rejecting access to files by name** [AMG]: This zone handler gives a 403 Forbidden when the client requests a file whose name is in a list of [glob]-style patterns. Specify this list in the $patterns zone option. It's most useful in combination with the [[template]] and [[script]] zone handlers. ====== proc wibble::rejectname {request response} { dict with request {} set name [file tail $path] foreach pattern $patterns { if {[string match $pattern $name]} { dict set response status 403 dict set response header content-type text/plain dict set response content "access denied: [dict get $request uri]\n" sendresponse $response } } nexthandler $request $response } wibble::handle / rejectname patterns {*.tmpl *.script} ====== However, there's a huge bug that allows this code to be spoofed: [http://wiki.tcl.tk/27382#pagetoc821c88b9]. Until that's fixed, you might want to also reject filenames that contain NUL. I'd put that in myself, but I don't know how to handle it universally. The URI contains a path which can be checked, but it also contains an optional query suffix that may contain more filenames. The query suffix may also contain binary data that can legitimately embed NULs; watch out for that. And the POST may have filenames too, but it's also very likely to contain binary data. <> Wibble