larvit/plainpages
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add 403 + 500 error templates (todo §0); render 500 via app error handler

Browse Source
This commit is contained in:
Lilleman auf Larv
2026-06-14 19:41:19 +02:00
parent c544387d3a
commit 3b2ba76530
6 changed files with 115 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
src/app.test.ts
View File

@@ -1,9 +1,16 @@
import assert from "node:assert/strict";
import { cpSync, mkdtempSync, rmSync, writeFileSync } from "node:fs";
import type { AddressInfo } from "node:net";
import { tmpdir } from "node:os";
import { dirname, join } from "node:path";
import { after, before, test } from "node:test";
import { fileURLToPath } from "node:url";
import * as ejs from "ejs";
import { createApp } from "./app.ts";
import { contentTypeFor, resolveStaticPath } from "./static.ts";
const viewsDir = join(dirname(fileURLToPath(import.meta.url)), "..", "views");
const server = createApp();
let base = "";
@@ -27,9 +34,35 @@ test("serves static CSS", async () => {
assert.match(res.headers.get("content-type") ?? "", /text\/css/);
});
test("returns 404 for unknown routes", async () => {
test("returns the 404 HTML page for unknown routes", async () => {
const res = await fetch(base + "/missing");
assert.equal(res.status, 404);
assert.match(res.headers.get("content-type") ?? "", /text\/html/);
assert.match(await res.text(), /404/);
});
test("renders the 500 HTML page when a handler throws", async () => {
const dir = mkdtempSync(join(tmpdir(), "pp-views-"));
writeFileSync(join(dir, "index.ejs"), "<% throw new Error('boom'); %>");
cpSync(join(viewsDir, "500.ejs"), join(dir, "500.ejs"));
const app = createApp({ viewsDir: dir });
try {
await new Promise<void>((resolve) => app.listen(0, resolve));
const res = await fetch(`http://localhost:${(app.address() as AddressInfo).port}/`);
assert.equal(res.status, 500);
assert.match(res.headers.get("content-type") ?? "", /text\/html/);
assert.match(await res.text(), /500/);
} finally {
app.close();
rmSync(dir, { force: true, recursive: true });
}
});
// 403 has no first-party route yet (guards land in §4), so assert the template renders.
test("renders the 403 error page as HTML", async () => {
const html = await ejs.renderFile(join(viewsDir, "403.ejs"), { title: "Forbidden" });
assert.match(html, /403/);
assert.match(html, /style\.css/);
});
test("blocks encoded path traversal out of /public/ with 403", async () => {

24
src/app.ts
View File

@@ -1,4 +1,4 @@
import { createServer, type Server } from "node:http";
import { createServer, type Server, type ServerResponse } from "node:http";
import { dirname, join } from "node:path";
import { fileURLToPath } from "node:url";
import * as ejs from "ejs";
@@ -18,6 +18,11 @@ export function createApp(options: AppOptions = {}): Server {
const render = (view: string, data: Record<string, unknown>): Promise<string> =>
ejs.renderFile(join(viewsDir, `${view}.ejs`), data);
const sendHtml = (res: ServerResponse, status: number, html: string): void => {
res.writeHead(status, { "content-type": "text/html; charset=utf-8" });
res.end(html);
};
return createServer(async (req, res) => {
try {
if (req.method !== "GET" && req.method !== "HEAD") {
@@ -33,17 +38,22 @@ export function createApp(options: AppOptions = {}): Server {
}
if (pathname === "/") {
res.writeHead(200, { "content-type": "text/html; charset=utf-8" });
res.end(await render("index", { title: "Plainpages" }));
sendHtml(res, 200, await render("index", { title: "Plainpages" }));
return;
}
res.writeHead(404, { "content-type": "text/html; charset=utf-8" });
res.end(await render("404", { title: "Not found" }));
sendHtml(res, 404, await render("404", { title: "Not found" }));
} catch (err) {
console.error(err);
if (!res.headersSent) res.writeHead(500, { "content-type": "text/plain; charset=utf-8" });
res.end("Internal Server Error");
if (res.headersSent) return void res.end(); // a partial body is already on the wire
try {
// Render first: if the error page itself fails, headers stay unsent and we
// fall back to plain text below rather than emit a half-written response.
sendHtml(res, 500, await render("500", { title: "Server error" }));
} catch (renderErr) {
console.error(renderErr);
res.writeHead(500, { "content-type": "text/plain; charset=utf-8" }).end("Internal Server Error");
}
}
});
}