return
}
if err = s.Render(); err != nil {
+ // Better reporting when the template is missing (commit 2bbecc7b)
jww.ERROR.Printf("Error rendering site: %s\nAvailable templates:\n", err)
for _, template := range s.Tmpl.Templates() {
jww.ERROR.Printf("\t%s\n", template.Name())
}
func (s *Site) WriteDestAlias(path string, permalink template.HTML) (err error) {
- jww.DEBUG.Println("alias created at:", path)
+ jww.DEBUG.Println("creating alias:", path)
return s.AliasTarget().Publish(path, permalink)
}
import (
"path/filepath"
+ "runtime"
"testing"
)
var o Translator
o = new(HTMLRedirectAlias)
+ errIsNilForThisOS := runtime.GOOS != "windows"
+
tests := []struct {
value string
expected string
+ errIsNil bool
}{
- {"", ""},
- {"s", filepath.FromSlash("s/index.html")},
- {"/", filepath.FromSlash("/index.html")},
- {"alias 1", filepath.FromSlash("alias-1/index.html")},
- {"alias 2/", filepath.FromSlash("alias-2/index.html")},
- {"alias 3.html", "alias-3.html"},
- {"alias4.html", "alias4.html"},
- {"/alias 5.html", filepath.FromSlash("/alias-5.html")},
- {"/трям.html", filepath.FromSlash("/трям.html")},
+ {"", "", false},
+ {"s", filepath.FromSlash("s/index.html"), true},
+ {"/", "", false},
+ {"alias 1", filepath.FromSlash("alias 1/index.html"), true},
+ {"alias 2/", filepath.FromSlash("alias 2/index.html"), true},
+ {"alias 3.html", "alias 3.html", true},
+ {"alias4.html", "alias4.html", true},
+ {"/alias 5.html", "alias 5.html", true},
+ {"/трям.html", "трям.html", true},
+ {"../../../../tmp/passwd", "", false},
+ {"/foo/../../../../tmp/passwd", filepath.FromSlash("tmp/passwd/index.html"), true},
+ {"foo/../../../../tmp/passwd", "", false},
+ {"C:\\Windows", filepath.FromSlash("C:\\Windows/index.html"), errIsNilForThisOS},
+ {"/chrome/?p=help&ctx=keyboard#topic=3227046", filepath.FromSlash("chrome/?p=help&ctx=keyboard#topic=3227046/index.html"), errIsNilForThisOS},
+ {"/LPT1/Printer/", filepath.FromSlash("LPT1/Printer/index.html"), errIsNilForThisOS},
}
for _, test := range tests {
path, err := o.Translate(test.value)
- if err != nil {
- t.Fatalf("Translate returned an error: %s", err)
+ if (err == nil) != test.errIsNil {
+ t.Errorf("Expected err == nil => %t, got: %t. err: %s", test.errIsNil, err == nil, err)
+ continue
}
-
- if path != test.expected {
- t.Errorf("Expected: %s, got: %s", test.expected, path)
+ if err == nil && path != test.expected {
+ t.Errorf("Expected: \"%s\", got: \"%s\"", test.expected, path)
}
}
}
import (
"bytes"
+ "fmt"
"html/template"
"path/filepath"
+ "runtime"
"strings"
"github.com/spf13/hugo/helpers"
"github.com/spf13/hugo/hugofs"
+ jww "github.com/spf13/jwalterweatherman"
)
const ALIAS = "<!DOCTYPE html><html><head><link rel=\"canonical\" href=\"{{ .Permalink }}\"/><meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\" /><meta http-equiv=\"refresh\" content=\"0;url={{ .Permalink }}\" /></head></html>"
}
func (h *HTMLRedirectAlias) Translate(alias string) (aliasPath string, err error) {
+ originalAlias := alias
if len(alias) <= 0 {
- return
+ return "", fmt.Errorf("Alias \"\" is an empty string")
+ }
+
+ alias = filepath.Clean(alias)
+ components := strings.Split(alias, helpers.FilePathSeparator)
+
+ if alias == helpers.FilePathSeparator {
+ return "", fmt.Errorf("Alias \"%s\" resolves to website root directory", originalAlias)
}
- if strings.HasSuffix(alias, "/") {
+ // Validate against directory traversal
+ if components[0] == ".." {
+ return "", fmt.Errorf("Alias \"%s\" traverses outside the website root directory", originalAlias)
+ }
+
+ // Handle Windows filename restrictions
+ msgs := []string{}
+ reservedNames := []string{"CON", "PRN", "AUX", "NUL", "COM1", "COM2", "COM3", "COM4", "COM5", "COM6", "COM7", "COM8", "COM9", "LPT1", "LPT2", "LPT3", "LPT4", "LPT5", "LPT6", "LPT7", "LPT8", "LPT9"}
+
+ if strings.ContainsAny(alias, ":*?\"<>|") {
+ msgs = append(msgs, fmt.Sprintf("Alias \"%s\" contains invalid characters in a filename on Windows: : * ? \" < > |", originalAlias))
+ }
+ for _, c := range components {
+ if strings.HasSuffix(c, ".") {
+ msgs = append(msgs, fmt.Sprintf("Alias \"%s\" contains component with trailing period, invalid on Windows", originalAlias))
+ }
+ for _, r := range reservedNames {
+ if c == r {
+ msgs = append(msgs, fmt.Sprintf("Alias \"%s\" contains component with reserved name \"%s\" on Windows", originalAlias, r))
+ }
+ }
+ }
+ if len(msgs) > 0 {
+ if runtime.GOOS == "windows" {
+ for _, m := range msgs {
+ jww.ERROR.Println(m)
+ }
+ return "", fmt.Errorf("Cannot create \"%s\": Windows filename restriction", originalAlias)
+ } else {
+ for _, m := range msgs {
+ jww.WARN.Println(m)
+ }
+ }
+ }
+
+ // Add the final touch
+ if strings.HasPrefix(alias, helpers.FilePathSeparator) {
+ alias = alias[1:]
+ }
+ if strings.HasSuffix(alias, helpers.FilePathSeparator) {
alias = alias + "index.html"
} else if !strings.HasSuffix(alias, ".html") {
- alias = alias + "/index.html"
+ alias = alias + helpers.FilePathSeparator + "index.html"
}
- return filepath.Join(h.PublishDir, helpers.MakePath(alias)), nil
+ if originalAlias != alias {
+ jww.INFO.Printf("Alias \"%s\" translated to \"%s\"\n", originalAlias, alias)
+ }
+
+ return filepath.Join(h.PublishDir, alias), nil
}
type AliasNode struct {
func (h *HTMLRedirectAlias) Publish(path string, permalink template.HTML) (err error) {
if path, err = h.Translate(path); err != nil {
- return
+ jww.ERROR.Printf("%s, skipping.", err)
+ return nil
}
t := "alias"
projects / brevno-suite / hugo / commitdiff