Version 6 of Wibble zone handlers

Updated 2010-12-20 14:39:26 by AMG

AMG: This page collects useful and illustrative zone handlers for the Wibble web server.

Fetching backrefs...

Reloading the server source

AMG: Here is a reload zone handler that reloads the server source on command.

proc wibble::reload {state} {
    set wibble::zonehandlers {}
    foreach script [dict get $state options scripts] {
        uplevel #0 [list source $script]
    }
    dict set response status 200
    dict set response header content-type text/plain
    dict set response content "Server reloaded.  Have a nice day.\n"
    sendresponse $response
}
wibble::handle /reload reload scripts [list [info script]]

Interfacing with Wub domains

CMcC - 2010-06-27 23:08:49

Something like the following shim ought to interface most Wub domains to a wibble server.

You'd have to construct the Wub domain with appropriate arguments, then in the wibble::handle definition, pass an option "domain $domain"

Some Wub domains won't work, as they require capabilities that wibble doesn't provide, but many should.

Enjoy.

proc wibble::wub {state} {
    dict with state request {}

    # remap some important request fields
    dict set r -uri $uri
    dict set r -clientheaders [dict keys $state request]
    set r [dict merge $r [dict get $state request] [Url parse $uri 1]]

    try {
        {*}$domain do $r
    } on error {r options} {
        return
    }

    # remap some important result fields
    set response [dict remove $r [dict keys $r -*]]
    dict set response content [dict get $r -content]
    dict set response status [dict get $r -code]
    sendresponse $response
}

Rejecting access to files by name

AMG: This zone handler gives a 403 Forbidden when the client requests a file whose name is in a list of glob-style patterns. Specify this list in the $patterns zone option. It's most useful in combination with the [template] and [script] zone handlers.

proc wibble::rejectname {state} {
    dict with state request {}; dict with state options {}
    set name [file tail $path]
    foreach pattern $patterns {
        if {[string match $pattern $name]} {
            dict set response status 403
            dict set response header content-type text/plain
            dict set response content "access denied: $uri\n"
            sendresponse $response
        }
    }
}

wibble::handle / rejectname patterns {*.tmpl *.script}

However, there's a huge bug that allows this code to be spoofed: [L1 ]. Until that's fixed, you might want to also reject filenames that contain NUL. I'd put that in myself, but I don't know how to handle it universally. The URI contains a path which can be checked, but it also contains an optional query suffix that may contain more filenames. The query suffix may also contain binary data that can legitimately embed NULs; watch out for that. And the POST may have filenames too, but it's also very likely to contain binary data.