- 代码尽可能精简
- 防目录遍历攻击
- 支持Last-Modified
- 异步机制,大文件优化
#!/usr/bin/env node
const http = require('http');
const process = require('process');
const fs = require('fs');
const path = require('path');
const root = process.cwd() + path.sep;
http.createServer(async (req, res) => {
let p = path.normalize(root + req.url.split(/\?|\#/)[0]);
if (!p.startsWith(root)) {
res.writeHead(403).end();
return;
}
if (p.length === root.length) {
p = p + 'index.html';
}
try {
await fs.promises.access(p, fs.constants.F_OK | fs.constants.R_OK);
} catch (e) {
res.writeHead({ 'ENOENT': 404, 'EACCES': 403 }[e.code] || 500).end();
return;
}
let headers = {};
let lastModified = new Date(Math.round((await fs.promises.stat(p)).mtimeMs / 1000) * 1000);
if (req.headers['if-modified-since'] && (new Date(req.headers['if-modified-since']) >= lastModified)) {
res.writeHead(304).end();
return;
}
headers['Last-Modified'] = lastModified.toUTCString();
let contentType = {
'.txt': 'text/plain; charset=utf-8',
'.htm': 'text/html; charset=utf-8',
'.html': 'text/html; charset=utf-8',
'.css': 'text/css; charset=utf-8',
'.js': 'text/javascript; charset=utf-8',
'.json': 'application/json; charset=utf-8',
'.jpg': 'image/jpeg',
'.jpeg': 'image/jpeg',
'.gif': 'image/gif',
'.png': 'image/png',
}[path.parse(p).ext];
if (contentType) {
headers['Content-Type'] = contentType;
}
res.writeHead(200, headers);
fs.createReadStream(p).on("error", function (e) {
res.end();
}).pipe(res);
}).listen(8080);