Class: StaticController

Inherits:
Egalite::Controller show all
Defined in:
lib/egalite.rb

Overview

module end

Constant Summary

Constants inherited from Egalite::Controller

Egalite::Controller::MIME_TYPES

Instance Attribute Summary

Attributes inherited from Egalite::Controller

#env, #log_values, #params, #req, #template_file

Instance Method Summary collapse

Methods inherited from Egalite::Controller

#after_filter, #after_filter_html, #after_filter_return_value, #before_filter, #cookies, #db, #delegate, #errorlog, #escape_html, #file_form, #filter_on_html_load, #form, #id, #include, #link_to, #notfound, #raw, #redirect, #redirect_permanent, #send_data, #send_file, #session, #table_by_array, #tags, #url_for

Instance Method Details

#getObject

Raises:

  • (SecurityError) 


782
783
784
785
786
787
788
789
790
791
792
 
# File 'lib/egalite.rb', line 782

def get
  raise SecurityError unless env.opts[:static_root]
  
  path = req.path_info
  path.gsub!(/[^0-9a-zA-Z\(\)\. \/_\-]/,'')
  if path.include?("..") or path =~ /^\//
    return [403, {"Content-Type" => "text/plain"}, ["Forbidden\n"]]
  end
  path = File.join(env.opts[:static_root], path)
  send_file(path)
end