larvit/plainpages
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Tighten code comments + README (todo §0): denser, drop redundant prose; no behavior change

Browse Source
This commit is contained in:
Lilleman auf Larv
2026-06-15 10:30:06 +02:00
parent 17f4411518
commit 1fb6f23805
9 changed files with 102 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/static.ts
View File

@@ -22,9 +22,8 @@ export function contentTypeFor(filePath: string): string {
return contentTypes[extname(filePath).toLowerCase()] ?? "application/octet-stream";
}
// Resolves a request path inside `dir`, or null if it would escape (traversal) or
// carries a control char (NUL etc.) — rejecting those here makes the guard explicit
// rather than relying on a downstream `stat` to throw.
// Resolve a request path inside `dir`, or null if it escapes (traversal) or carries a
// control char (NUL etc.) — an explicit guard rather than relying on `stat` to throw.
export function resolveStaticPath(dir: string, requestedPath: string): string | null {
if (/[\x00-\x1f]/.test(requestedPath)) return null;
const filePath = join(dir, requestedPath);
@@ -52,8 +51,8 @@ export async function serveStatic(dir: string, requestedPath: string, res: Serve
if (!info.isFile()) return plain(res, 404, "Not Found");
res.writeHead(200, { "content-length": info.size, "content-type": contentTypeFor(filePath) });
if (head) return void res.end(); // headers only — skip opening the file
// Headers are already sent, so a mid-stream read error can't become an HTTP error
// log it and destroy the response to signal a truncated body, not a hung socket.
// Headers are already sent, so a mid-stream read error can't become an HTTP status
// log and destroy the response to signal a truncated body, not a hung socket.
createReadStream(filePath)
.on("error", (err) => {
console.error(err);