mirror of
https://github.com/advplyr/audiobookshelf.git
synced 2025-01-22 00:07:52 +01:00
x-accel: encode all paths to URIs
updates util function encodeUriPath to use node:url with a file:// path prefix, and updates all instances x-accel redirection to use this helper util instead of sending unencoded paths into the header.
This commit is contained in:
parent
e56b8edc0a
commit
207ba7ec8e
@ -1,4 +1,5 @@
|
||||
const Logger = require('../Logger')
|
||||
const { encodeUriPath } = require('../utils/fileUtils')
|
||||
|
||||
class BackupController {
|
||||
constructor() { }
|
||||
@ -37,8 +38,9 @@ class BackupController {
|
||||
*/
|
||||
download(req, res) {
|
||||
if (global.XAccel) {
|
||||
Logger.debug(`Use X-Accel to serve static file ${req.backup.fullPath}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': global.XAccel + req.backup.fullPath }).send()
|
||||
const encodedURI = encodeUriPath(global.XAccel + req.backup.fullPath)
|
||||
Logger.debug(`Use X-Accel to serve static file ${encodedURI}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': encodedURI }).send()
|
||||
}
|
||||
res.sendFile(req.backup.fullPath)
|
||||
}
|
||||
|
@ -7,7 +7,7 @@ const Database = require('../Database')
|
||||
const zipHelpers = require('../utils/zipHelpers')
|
||||
const { reqSupportsWebp } = require('../utils/index')
|
||||
const { ScanResult } = require('../utils/constants')
|
||||
const { getAudioMimeTypeFromExtname } = require('../utils/fileUtils')
|
||||
const { getAudioMimeTypeFromExtname, encodeUriPath } = require('../utils/fileUtils')
|
||||
const LibraryItemScanner = require('../scanner/LibraryItemScanner')
|
||||
const AudioFileScanner = require('../scanner/AudioFileScanner')
|
||||
const Scanner = require('../scanner/Scanner')
|
||||
@ -235,8 +235,9 @@ class LibraryItemController {
|
||||
}
|
||||
|
||||
if (global.XAccel) {
|
||||
Logger.debug(`Use X-Accel to serve static file ${libraryItem.media.coverPath}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': global.XAccel + libraryItem.media.coverPath }).send()
|
||||
const encodedURI = encodeUriPath(global.XAccel + libraryItem.media.coverPath)
|
||||
Logger.debug(`Use X-Accel to serve static file ${encodedURI}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': encodedURI }).send()
|
||||
}
|
||||
return res.sendFile(libraryItem.media.coverPath)
|
||||
}
|
||||
@ -575,8 +576,9 @@ class LibraryItemController {
|
||||
const libraryFile = req.libraryFile
|
||||
|
||||
if (global.XAccel) {
|
||||
Logger.debug(`Use X-Accel to serve static file ${libraryFile.metadata.path}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': global.XAccel + libraryFile.metadata.path }).send()
|
||||
const encodedURI = encodeUriPath(global.XAccel + libraryFile.metadata.path)
|
||||
Logger.debug(`Use X-Accel to serve static file ${encodedURI}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': encodedURI }).send()
|
||||
}
|
||||
|
||||
// Express does not set the correct mimetype for m4b files so use our defined mimetypes if available
|
||||
@ -632,8 +634,9 @@ class LibraryItemController {
|
||||
Logger.info(`[LibraryItemController] User "${req.user.username}" requested file download at "${libraryFile.metadata.path}"`)
|
||||
|
||||
if (global.XAccel) {
|
||||
Logger.debug(`Use X-Accel to serve static file ${libraryFile.metadata.path}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': global.XAccel + libraryFile.metadata.path }).send()
|
||||
const encodedURI = encodeUriPath(global.XAccel + libraryFile.metadata.path)
|
||||
Logger.debug(`Use X-Accel to serve static file ${encodedURI}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': encodedURI }).send()
|
||||
}
|
||||
|
||||
// Express does not set the correct mimetype for m4b files so use our defined mimetypes if available
|
||||
@ -673,8 +676,9 @@ class LibraryItemController {
|
||||
const ebookFilePath = ebookFile.metadata.path
|
||||
|
||||
if (global.XAccel) {
|
||||
Logger.debug(`Use X-Accel to serve static file ${ebookFilePath}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': global.XAccel + ebookFilePath }).send()
|
||||
const encodedURI = encodeUriPath(global.XAccel + ebookFilePath)
|
||||
Logger.debug(`Use X-Accel to serve static file ${encodedURI}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': encodedURI }).send()
|
||||
}
|
||||
|
||||
res.sendFile(ebookFilePath)
|
||||
|
@ -3,6 +3,7 @@ const fs = require('../libs/fsExtra')
|
||||
const stream = require('stream')
|
||||
const Logger = require('../Logger')
|
||||
const { resizeImage } = require('../utils/ffmpegHelpers')
|
||||
const { encodeUriPath } = require('../utils/fileUtils')
|
||||
|
||||
class CacheManager {
|
||||
constructor() {
|
||||
@ -50,8 +51,9 @@ class CacheManager {
|
||||
// Cache exists
|
||||
if (await fs.pathExists(path)) {
|
||||
if (global.XAccel) {
|
||||
Logger.debug(`Use X-Accel to serve static file ${path}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': global.XAccel + path }).send()
|
||||
const encodedURI = encodeUriPath(global.XAccel + path)
|
||||
Logger.debug(`Use X-Accel to serve static file ${encodedURI}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': encodedURI }).send()
|
||||
}
|
||||
|
||||
const r = fs.createReadStream(path)
|
||||
@ -73,8 +75,9 @@ class CacheManager {
|
||||
if (!writtenFile) return res.sendStatus(500)
|
||||
|
||||
if (global.XAccel) {
|
||||
Logger.debug(`Use X-Accel to serve static file ${writtenFile}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': global.XAccel + writtenFile }).send()
|
||||
const encodedURI = encodeUriPath(global.XAccel + writtenFile)
|
||||
Logger.debug(`Use X-Accel to serve static file ${encodedURI}`)
|
||||
return res.status(204).header({ 'X-Accel-Redirect': encodedURI }).send()
|
||||
}
|
||||
|
||||
var readStream = fs.createReadStream(writtenFile)
|
||||
|
@ -293,5 +293,6 @@ module.exports.removeFile = (path) => {
|
||||
}
|
||||
|
||||
module.exports.encodeUriPath = (path) => {
|
||||
return filePathToPOSIX(path).replace(/%/g, '%25').replace(/#/g, '%23')
|
||||
const uri = new URL(path, "file://")
|
||||
return uri.pathname
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user