thewawar / simple-http-server Goto Github PK
View Code? Open in Web Editor NEWSimple http server in Rust (Windows/Mac/Linux)
License: MIT License
Simple http server in Rust (Windows/Mac/Linux)
License: MIT License
Readable to /etc/passwd file
http://your-ip/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd
Could be done by using https://github.com/Byron/open-rs
Currently I couldn't upload files that are larger than ca. 5 Mb.
I get the following error:
thread '<unnamed>' panicked at '`PartialReason` was not `IoError`: SizeLimit', /home/user/.cargo/registry/src/github.com-1ecc6299db9ec823/multipart-0.16.1/src/server/save.rs:822:18
Would be nice to set the threshold on the command-line.
Thanks.
it would be nice to have armv7 and arm64
simple-http-server -p 8080 .
and then run curl 'localhost:8080/%ff'
and the thread panics. Backtrace says the issue is on line 369 of main.rs
.
If I try a HEAD
request on any file that simple_http_server
is serving, it always returns the Content-Length
header with value 0. If I try the GET request on the same file, it returns the correct value in that header. HEAD
is often used by many file downloading software to determine the length of the file before downloading it. This would break them (as it's doing in my case).
Avoid use of panics (unwrapping) for error handling.
thread 'main' panicked at 'Could not bind on: 0.0.0.0:8000: Io(Error { repr: Os { code: 98, message: "Address already in use" } })'
Could be something like:
Could not bind on: 0.0.0.0:8000: Address already in use
Like the --entry-file
parameter of live-server.
--upload-size-limit
The default setting is in bytes, but when uploading large files, it's inconvenient to set a large number of bytes. I hope to carry the letters k, m, g after the number, so as to define the file size limit for uploading. For example, 10m, for example, 1g.
@TheWaWaR There is the version update to 0.6.6 mas there is no tag or github release
e.g.
simple-http-server --sortby name
Hi there,
I couldn't find a SECURITY.md
in your repository and am not sure how to best contact you privately to disclose a security issue.
Can you add a SECURITY.md
file with an e-mail to your repository, so that our system can send you the vulnerability details? GitHub suggests that a security policy is the best way to make sure security issues are responsibly disclosed.
Once you've done that, you should receive an e-mail within the next hour with more info.
Thanks! (cc @huntr-helper)
Or is that too much work?
I would be nice to have a github/gitlab like feature to automatically render README.md or other markdown files.
Have you considered using templates for your HTML? The maud library integrates with iron quite well. I don't know if it would suit all of your needs but it may be better than handwriting HTML.
There is not instructions in the repository, and all method that I have tried failed with random error messages:
such as: Tls(Error { code: -25264, message: "MAC verification failed during PKCS12 import (wrong password?)" })'
methods:
https://gist.github.com/Eng-Fouad/6cdc8263068700ade87e4e3bf459a988
https://gist.github.com/princeppy/d00bad66d9caac86d9b7d3ce9e35fc12
Is it possible to add somewhere how such desired pkcs12 file could be generated ?
I am using this server and i only miss one feature.
simple-http-server --proxy '/link/,http://www.example.com/link/'
I'm attempting to use simple-http-server with mkcert to create valid certs for local development. I'm generating a P12 cert with mkcert, but simple-http-server rejects it with mac verify failure
.
Here's a recording of the process:
https://asciinema.org/a/tFAgoaVnHB1j9OsdG4YiIZJvq
I'd guess this isn't simple-http-server's issue, just reporting it in case there's a known fix, or if anyone can point me to the library that's emitting the error (hyper?).
While experimenting with WebAssembly I found that (at least in Firefox) WebAssembly.instantiateStreaming() requires .wasm
-resources to be delivered as application/wasm
. Otherwise you end up with "TypeError: Response has unsupported MIME type".
Since application/wasm
doesn't seem to be official, yet (https://www.iana.org/assignments/media-types/media-types.xhtml#application) I cannot expect simple-http-server
to include this binding.
It would be helpful to be able to add bindings between file extensions and mime types via command line.
Is it possible to limit the web server to accept only the requests from the local machine?
For example if a developer works in a local network with other developers and don't want the others to access his local web server.
Can open file with utf-8 ?
Hello, @TheWaWaR @vi @not-fl3 @michelk @tforgione - 2 potential high severity security vulnerability in your repository has been disclosed to huntr.
Visit report URL and validate them
https://www.huntr.dev/bounties/3-other-TheWaWaR/simple-http-server/
https://www.huntr.dev/bounties/2-other-TheWaWaR/simple-http-server/
Best Regards
After several times of LAN Gigabit network test download 10G single file, the download speed is never reached the limit, the speed is about 60-80MB / s, but I use the go language version of the HTTP server, the speed can reach the hardware limit, the speed is about 98MB /s, and the speed is very stable.
For example this HTTP SERVER: https://github.com/stewart/http-server
Is it a question of programming language efficiency? Is there room for improvement? Because the go language program is too large, I don't want to use it.
Hi, can you compile 32-bit windows binary please?
Thanks.
Why is there no binairy release for version 0.6 for windows ?
The file name can be obtained through Content-Disposition
I cannot build simple-http-server after cloning this repo.
α
git clone https://github.com/TheWaWaR/simple-http-server
Cloning into 'simple-http-server'...
remote: Counting objects: 383, done.
remote: Total 383 (delta 0), reused 0 (delta 0), pack-reused 383
Receiving objects: 100% (383/383), 542.03 KiB | 0 bytes/s, done.
Resolving deltas: 100% (205/205), done.
Checking connectivity... done.
α
cd simple-http-server
α
rustc --version
rustc 1.18.0 (03fc9d622 2017-06-06)
α
cargo --version
cargo 0.19.0 (28d1d60d4 2017-05-16)
α
cargo build --release
Updating registry `https://github.com/rust-lang/crates.io-index`
error: no matching version `^0.3.1` found for package `chrono` (required by `simple-http-server`)
location searched: registry https://github.com/rust-lang/crates.io-index
versions found: 0.4.0, 0.3.0, 0.2.25, ...
It would be nice to create folder within the browser
thank u
Version 0.3.6
fails to compile on Windows because of a use std::os::unix::ffi::OsStrExt;
. This is fixed in the master branch but in the meantime it makes it impossible to do cargo install simple-http-server
.
http://x.x.x.x/%2F is possible! No problem to retrieve ro-files from /etc.
Also would be nyce to see a https-only and an autogenration for self-signed certs.
; cargo install --list |rg simple-http-server
simple-http-server v0.6.1:
; cargo install-update simple-http-server
Updating registry 'https://github.com/rust-lang/crates.io-index'
Package Installed Latest Needs update
simple-http-server v0.6.1 v0.6.2 Yes
# downloading, compiling, etc...
error: failed to run custom build command for `openssl-sys v0.9.75`
Caused by:
process didn't exit successfully: `/tmp/cargo-installND2kr3/release/build/openssl-sys-3257b66156297b35/build-script-main` (exit status: 101)
--- stdout
cargo:rustc-cfg=const_fn
cargo:rerun-if-env-changed=X86_64_UNKNOWN_LINUX_GNU_OPENSSL_NO_VENDOR
X86_64_UNKNOWN_LINUX_GNU_OPENSSL_NO_VENDOR unset
cargo:rerun-if-env-changed=OPENSSL_NO_VENDOR
OPENSSL_NO_VENDOR unset
CC_x86_64-unknown-linux-gnu = None
CC_x86_64_unknown_linux_gnu = None
HOST_CC = None
CC = None
CFLAGS_x86_64-unknown-linux-gnu = None
CFLAGS_x86_64_unknown_linux_gnu = None
HOST_CFLAGS = None
CFLAGS = None
CRATE_CC_NO_DEFAULTS = None
DEBUG = Some("false")
CARGO_CFG_TARGET_FEATURE = Some("fxsr,sse,sse2")
running "perl" "./Configure" "--prefix=/tmp/cargo-installND2kr3/release/build/openssl-sys-ecdaa6b2ca6a7f60/out/openssl-build/install" "--openssldir=/usr/local/ssl" "no-dso" "no-shared" "no-ssl3" "no-unit-test" "no-comp" "no-zlib" "no-zlib-dynamic" "no-md2" "no-rc5" "no-weak-ssl-ciphers" "no-camellia" "no-idea" "no-seed" "linux-x86_64" "-O2" "-ffunction-sections" "-fdata-sections" "-fPIC" "-m64"
Configuring OpenSSL version 1.1.1q (0x1010111fL) for linux-x86_64
Using os-specific seed configuration
Creating configdata.pm
Creating Makefile
**********************************************************************
*** ***
*** OpenSSL has been successfully configured ***
*** ***
*** If you encounter a problem while building, please open an ***
*** issue on GitHub <https://github.com/openssl/openssl/issues> ***
*** and include the output from the following command: ***
*** ***
*** perl configdata.pm --dump ***
*** ***
*** (If you are new to OpenSSL, you might want to consult the ***
*** 'Troubleshooting' section in the INSTALL file first) ***
*** ***
**********************************************************************
running "make" "depend"
--- stderr
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Os { code: 2, kind: NotFound, message: "No such file or directory" }', /home/czar/.cargo/registry/src/github.com-1ecc6299db9ec823/openssl-src-111.22.0+1.1.1q/src/lib.rs:488:39
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
warning: build failed, waiting for other jobs to finish...
error: failed to compile `simple-http-server v0.6.2`, intermediate artifacts can be found at `/tmp/cargo-installND2kr3`
; perl /path/to/configdata.pm --dump
Command line (with current working directory = /tmp/cargo-installv59gJt/release/build/openssl-sys-ecdaa6b2ca6a7f60/out/openssl-build/build/src):
/usr/bin/perl ./Configure --prefix=/tmp/cargo-installv59gJt/release/build/openssl-sys-ecdaa6b2ca6a7f60/out/openssl-build/install --openssldir=/usr/local/ssl no-dso no-shared no-ssl3 no-unit-test no-comp no-zlib no-zlib-dynamic no-md2 no-rc5 no-weak-ssl-ciphers no-camellia no-idea no-seed linux-x86_64 -O2 -ffunction-sections -fdata-sections -fPIC -m64
Perl information:
/usr/bin/perl
5.36.0 for x86_64-linux-thread-multi
Enabled features:
afalgeng
aria
asm
async
autoalginit
autoerrinit
autoload-config
bf
blake2
capieng
cast
chacha
cmac
cms
ct
deprecated
des
dgram
dh
dsa
dtls
ec
ec2m
ecdh
ecdsa
engine
err
filenames
gost
hw(-.+)?
makedepend
md4
mdc2
multiblock
nextprotoneg
pinshared
ocb
ocsp
pic
poly1305
posix-io
psk
rc2
rc4
rdrand
rfc3779
rmd160
scrypt
siphash
sm2
sm3
sm4
sock
srp
srtp
sse2
ssl
static-engine
stdio
tests
threads
tls
ts
ui-console
whirlpool
tls1
tls1-method
tls1_1
tls1_1-method
tls1_2
tls1_2-method
tls1_3
dtls1
dtls1-method
dtls1_2
dtls1_2-method
Disabled features:
asan [default] OPENSSL_NO_ASAN
buildtest-c++ [default]
camellia [option] OPENSSL_NO_CAMELLIA (skip crypto/camellia)
comp [option] OPENSSL_NO_COMP (skip crypto/comp)
crypto-mdebug [default] OPENSSL_NO_CRYPTO_MDEBUG
crypto-mdebug-backtrace [default] OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
devcryptoeng [default] OPENSSL_NO_DEVCRYPTOENG
dso [option] OPENSSL_NO_DSO
dynamic-engine [cascade]
ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128
egd [default] OPENSSL_NO_EGD
external-tests [default] OPENSSL_NO_EXTERNAL_TESTS
fuzz-libfuzzer [default] OPENSSL_NO_FUZZ_LIBFUZZER
fuzz-afl [default] OPENSSL_NO_FUZZ_AFL
heartbeats [default] OPENSSL_NO_HEARTBEATS
idea [option] OPENSSL_NO_IDEA (skip crypto/idea)
md2 [option] OPENSSL_NO_MD2 (skip crypto/md2)
msan [default] OPENSSL_NO_MSAN
rc5 [option] OPENSSL_NO_RC5 (skip crypto/rc5)
sctp [default] OPENSSL_NO_SCTP
seed [option] OPENSSL_NO_SEED (skip crypto/seed)
shared [option]
ssl-trace [default] OPENSSL_NO_SSL_TRACE
ubsan [default] OPENSSL_NO_UBSAN
unit-test [option] OPENSSL_NO_UNIT_TEST
weak-ssl-ciphers [option] OPENSSL_NO_WEAK_SSL_CIPHERS
zlib [option]
zlib-dynamic [option]
ssl3 [option] OPENSSL_NO_SSL3
ssl3-method [default] OPENSSL_NO_SSL3_METHOD
Config target attributes:
AR => "ar",
ARFLAGS => "r",
CC => "gcc",
CFLAGS => "-Wall -O3",
CXX => "g++",
CXXFLAGS => "-Wall -O3",
HASHBANGPERL => "/usr/bin/env perl",
RANLIB => "ranlib",
RC => "windres",
aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
apps_aux_src => "",
apps_init_src => "",
apps_obj => "",
bf_asm_src => "bf_enc.c",
bf_obj => "bf_enc.o",
bn_asm_src => "asm/x86_64-gcc.c x86_64-mont.s x86_64-mont5.s x86_64-gf2m.s rsaz_exp.c rsaz-x86_64.s rsaz-avx2.s",
bn_obj => "asm/x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o",
bn_ops => "SIXTY_FOUR_BIT_LONG",
build_file => "Makefile",
build_scheme => [ "unified", "unix" ],
cast_asm_src => "c_enc.c",
cast_obj => "c_enc.o",
cflags => "-pthread -m64",
chacha_asm_src => "chacha-x86_64.s",
chacha_obj => "chacha-x86_64.o",
cmll_asm_src => "cmll-x86_64.s cmll_misc.c",
cmll_obj => "cmll-x86_64.o cmll_misc.o",
cppflags => "",
cpuid_asm_src => "x86_64cpuid.s",
cpuid_obj => "x86_64cpuid.o",
cxxflags => "-std=c++11 -pthread -m64",
defines => [ ],
des_asm_src => "des_enc.c fcrypt_b.c",
des_obj => "des_enc.o fcrypt_b.o",
disable => [ ],
dso_extension => ".so",
dso_scheme => "dlfcn",
ec_asm_src => "ecp_nistz256.c ecp_nistz256-x86_64.s x25519-x86_64.s",
ec_obj => "ecp_nistz256.o ecp_nistz256-x86_64.o x25519-x86_64.o",
enable => [ "afalgeng" ],
ex_libs => "-ldl -pthread",
exe_extension => "",
includes => [ ],
keccak1600_asm_src => "keccak1600-x86_64.s",
keccak1600_obj => "keccak1600-x86_64.o",
lflags => "",
lib_cflags => "",
lib_cppflags => "-DOPENSSL_USE_NODELETE -DL_ENDIAN",
lib_defines => [ ],
md5_asm_src => "md5-x86_64.s",
md5_obj => "md5-x86_64.o",
modes_asm_src => "ghash-x86_64.s aesni-gcm-x86_64.s",
modes_obj => "ghash-x86_64.o aesni-gcm-x86_64.o",
module_cflags => "-fPIC",
module_cxxflags => "",
module_ldflags => "-Wl,-znodelete -shared -Wl,-Bsymbolic",
multilib => "64",
padlock_asm_src => "e_padlock-x86_64.s",
padlock_obj => "e_padlock-x86_64.o",
perlasm_scheme => "elf",
poly1305_asm_src => "poly1305-x86_64.s",
poly1305_obj => "poly1305-x86_64.o",
rc4_asm_src => "rc4-x86_64.s rc4-md5-x86_64.s",
rc4_obj => "rc4-x86_64.o rc4-md5-x86_64.o",
rc5_asm_src => "rc5_enc.c",
rc5_obj => "rc5_enc.o",
rmd160_asm_src => "",
rmd160_obj => "",
sha1_asm_src => "sha1-x86_64.s sha256-x86_64.s sha512-x86_64.s sha1-mb-x86_64.s sha256-mb-x86_64.s",
sha1_obj => "sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o",
shared_cflag => "-fPIC",
shared_defflag => "-Wl,--version-script=",
shared_defines => [ ],
shared_extension => ".so.\$(SHLIB_VERSION_NUMBER)",
shared_extension_simple => ".so",
shared_ldflag => "-Wl,-znodelete -shared -Wl,-Bsymbolic",
shared_rcflag => "",
shared_sonameflag => "-Wl,-soname=",
shared_target => "linux-shared",
thread_defines => [ ],
thread_scheme => "pthreads",
unistd => "<unistd.h>",
uplink_aux_src => "",
uplink_obj => "",
wp_asm_src => "wp-x86_64.s",
wp_obj => "wp-x86_64.o",
Recorded environment:
AR =
BUILDFILE =
CC = cc
CFLAGS =
CPPFLAGS =
CROSS_COMPILE =
CXX =
CXXFLAGS =
HASHBANGPERL =
LDFLAGS =
LDLIBS =
OPENSSL_LOCAL_CONFIG_DIR =
PERL =
RANLIB =
RC =
RCFLAGS =
WINDRES =
__CNF_CFLAGS =
__CNF_CPPDEFINES =
__CNF_CPPFLAGS =
__CNF_CPPINCLUDES =
__CNF_CXXFLAGS =
__CNF_LDFLAGS =
__CNF_LDLIBS =
Makevars:
AR = ar
ARFLAGS = r
CC = cc
CFLAGS = -Wall -O3 -O2 -ffunction-sections -fdata-sections -fPIC -m64
CPPDEFINES =
CPPFLAGS =
CPPINCLUDES =
CXX = g++
CXXFLAGS = -Wall -O3 -O2 -ffunction-sections -fdata-sections -fPIC -m64
HASHBANGPERL = /usr/bin/env perl
LDFLAGS =
LDLIBS =
PERL = /usr/bin/perl
RANLIB = ranlib
RC = windres
RCFLAGS =
NOTE: These variables only represent the configuration view. The build file
template may have processed these variables further, please have a look at the
build file for more exact data:
/tmp/cargo-installv59gJt/release/build/openssl-sys-ecdaa6b2ca6a7f60/out/openssl-build/build/src/Makefile
build file:
/tmp/cargo-installv59gJt/release/build/openssl-sys-ecdaa6b2ca6a7f60/out/openssl-build/build/src/Makefile
build file templates:
/tmp/cargo-installv59gJt/release/build/openssl-sys-ecdaa6b2ca6a7f60/out/openssl-build/build/src/Configurations/common0.tmpl
/tmp/cargo-installv59gJt/release/build/openssl-sys-ecdaa6b2ca6a7f60/out/openssl-build/build/src/Configurations/unix-Makefile.tmpl
/tmp/cargo-installv59gJt/release/build/openssl-sys-ecdaa6b2ca6a7f60/out/openssl-build/build/src/Configurations/common.tmpl
Similar to #2, the site shows strange behaviour when a filename contains special characters like <
.
For example a file called <svg onload=alert(1)>
(yeah, quite unusual filename but anyway) actually executes javascript and cannot be downloaded.
According to owasp, you should escape the following characters inside html code:
And according to https://stackoverflow.com/a/9189067, the following characters inside attributes (so e.g. inside a href
):
I hope these are all :)
Hi, this simple http server is a real fantasy one. However, I think if there is a simple file name filter would make it even better. For instance, sometimes, there are lots of log files in a folder, and a filter option like --filterfalse=*.log
is an easy way to ignore them, and serving a cleaner directory.
Simple instructions are missing how to use the app with a proxy server like nginx or apache and how to turn it into a self-starting systemd-service.
This is a wonderful project that's been very useful to me!
Could I recommend updating the title to more idiomatic English? Any one of
would be perfect.
I use simple-http-server
for easy on time sharing of files inside the local network. I don't want to rebuild it for every new security update of OpenSSL. If someone needs it statically linked for some usage inside a container, they can use the --features
argument of cargo install
Is a x86-64 binary.
Related to #65
simple-http-server version: 0.6.0
Error message: [ERROR 500]: unexpected end of request body
When making a symlink to a directory, it shows up as file in the parent directory listing, although it points to a directory. When clicking on the "file" it does take you to a correct directory listing.
So we can embed simple-http-server
into an Application
.
Will do it after replace iron
with actix-web
.
simple-http-server
Expected: It shows the file
Actual: 404, because the link was "http://localhost:8008/url?encoding&test%test" instead of being URL-encoded.
Looks like it's not URL-encoding file names. This is with 0.3.4 that I installed just now via cargo install
.
One typical application for Python's http.server
is quickly getting several files over ad-hoc networks in combination with wget. For this to work well even across resumptions, I'd suggest to implement
Possibly, this is something that should be delegated to Iron's Modifier<Response>
implementation for Path
, or another generic "respond from file" mechanism.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.