From 68733a2bc013e9773f17dfc969c3ebc2055fad87 Mon Sep 17 00:00:00 2001 From: "DM42.Net (Matt Dent)" Date: Sun, 14 Jul 2019 23:56:11 -0400 Subject: Serve static files directly if not caught by web server --- boot.php | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 4746380a3..dc21efe3c 100755 --- a/boot.php +++ b/boot.php @@ -896,6 +896,51 @@ class App { if(x($_GET,'q')) self::$cmd = escape_tags(trim($_GET['q'],'/\\')); + // Serve raw files from the file system in certain cases. + $filext = pathinfo(self::$cmd, PATHINFO_EXTENSION); + + $serve_rawfiles=[ + 'jpg'=>'image/jpeg', + 'jpeg'=>'image/jpeg', + 'gif'=>'image/gif', + 'png'=>'image/png', + 'ico'=>'image/vnd.microsoft.icon', + 'css'=>'text/css', + 'js'=>'text/javascript', + 'htm'=>'text/html', + 'html'=>'text/html', + 'map'=>'application/octet-stream', + 'ttf'=>'font/ttf', + 'woff'=>'font/woff', + 'woff2'=>'font/woff2', + 'svg'=>'image/svg+xml']; + + if (array_key_exists($filext, $serve_rawfiles) && file_exists(self::$cmd)) { + $staticfilecwd = getcwd(); + $staticfilerealpath = realpath(self::$cmd); + if(strpos($staticfilerealpath,$staticfilecwd) !== 0) { + header("HTTP/1.1 404 Not Found", true, 404); + killme(); + } + + $staticfileetag = '"'.md5($staticfilerealpath.filemtime(self::$cmd)).'"'; + header("ETag: ".$staticfileetag); + header("Cache-control: max-age=2592000"); + if(isset($_SERVER['HTTP_IF_NONE_MATCH'])) { + // If HTTP_IF_NONE_MATCH is same as the generated ETag => content is the same as browser cache + // So send a 304 Not Modified response header and exit + if($_SERVER['HTTP_IF_NONE_MATCH'] == $staticfileetag) { + header('HTTP/1.1 304 Not Modified', true, 304); + killme(); + } + } + header("Content-type: ".$serve_rawfiles[$filext]); + $handle = fopen(self::$cmd, "rb"); + fpassthru($handle); + fclose($handle); + killme(); + } + // unix style "homedir" if((substr(self::$cmd, 0, 1) === '~') || (substr(self::$cmd, 0, 1) === '@')) -- cgit v1.2.3