Spaces:
Running
Running
Update main.py
Browse files
main.py
CHANGED
|
@@ -25,17 +25,12 @@ app = FastAPI(title="Static Site Server")
|
|
| 25 |
# Add security middlewares
|
| 26 |
app.add_middleware(
|
| 27 |
CORSMiddleware,
|
| 28 |
-
allow_origins=["*"],
|
| 29 |
allow_credentials=True,
|
| 30 |
allow_methods=["*"],
|
| 31 |
allow_headers=["*"],
|
| 32 |
)
|
| 33 |
|
| 34 |
-
app.add_middleware(
|
| 35 |
-
TrustedHostMiddleware,
|
| 36 |
-
allowed_hosts=["*"] # Configure as needed
|
| 37 |
-
)
|
| 38 |
-
|
| 39 |
# Constants
|
| 40 |
MAX_UPLOAD_SIZE = 100 * 1024 * 1024 # 100MB
|
| 41 |
ALLOWED_EXTENSIONS = {'.html', '.css', '.js', '.jpg', '.jpeg', '.png', '.gif', '.svg', '.ico', '.woff', '.woff2', '.ttf', '.eot'}
|
|
@@ -162,6 +157,13 @@ class SiteManager:
|
|
| 162 |
return True
|
| 163 |
return False
|
| 164 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 165 |
# Initialize site manager
|
| 166 |
site_manager = SiteManager()
|
| 167 |
|
|
@@ -191,14 +193,31 @@ async def health_check():
|
|
| 191 |
"""Health check endpoint"""
|
| 192 |
return {"status": "healthy", "sites_count": len(site_manager.active_sites)}
|
| 193 |
|
| 194 |
-
|
| 195 |
-
|
| 196 |
-
|
| 197 |
-
|
| 198 |
-
|
| 199 |
-
|
| 200 |
-
|
| 201 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 202 |
|
| 203 |
if __name__ == "__main__":
|
| 204 |
import uvicorn
|
|
|
|
| 25 |
# Add security middlewares
|
| 26 |
app.add_middleware(
|
| 27 |
CORSMiddleware,
|
| 28 |
+
allow_origins=["*"],
|
| 29 |
allow_credentials=True,
|
| 30 |
allow_methods=["*"],
|
| 31 |
allow_headers=["*"],
|
| 32 |
)
|
| 33 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 34 |
# Constants
|
| 35 |
MAX_UPLOAD_SIZE = 100 * 1024 * 1024 # 100MB
|
| 36 |
ALLOWED_EXTENSIONS = {'.html', '.css', '.js', '.jpg', '.jpeg', '.png', '.gif', '.svg', '.ico', '.woff', '.woff2', '.ttf', '.eot'}
|
|
|
|
| 157 |
return True
|
| 158 |
return False
|
| 159 |
|
| 160 |
+
def get_site_path(self, site_id: str) -> Optional[Path]:
|
| 161 |
+
"""Get the path for a site if it exists"""
|
| 162 |
+
site_path = self.sites_dir / site_id
|
| 163 |
+
if site_path.is_dir() and (site_path / 'index.html').exists():
|
| 164 |
+
return site_path
|
| 165 |
+
return None
|
| 166 |
+
|
| 167 |
# Initialize site manager
|
| 168 |
site_manager = SiteManager()
|
| 169 |
|
|
|
|
| 193 |
"""Health check endpoint"""
|
| 194 |
return {"status": "healthy", "sites_count": len(site_manager.active_sites)}
|
| 195 |
|
| 196 |
+
@app.get("/{site_id}/{file_path:path}")
|
| 197 |
+
async def serve_site(site_id: str, file_path: str = ""):
|
| 198 |
+
"""Serve files from the site directory"""
|
| 199 |
+
site_path = site_manager.get_site_path(site_id)
|
| 200 |
+
if not site_path:
|
| 201 |
+
raise HTTPException(status_code=404, detail="Site not found")
|
| 202 |
+
|
| 203 |
+
# Default to index.html if no file specified
|
| 204 |
+
if not file_path:
|
| 205 |
+
file_path = "index.html"
|
| 206 |
+
|
| 207 |
+
file_full_path = site_path / file_path
|
| 208 |
+
|
| 209 |
+
# Prevent directory traversal
|
| 210 |
+
try:
|
| 211 |
+
file_full_path = file_full_path.resolve()
|
| 212 |
+
if not str(file_full_path).startswith(str(site_path)):
|
| 213 |
+
raise HTTPException(status_code=403, detail="Access denied")
|
| 214 |
+
except (RuntimeError, ValueError):
|
| 215 |
+
raise HTTPException(status_code=400, detail="Invalid path")
|
| 216 |
+
|
| 217 |
+
if not file_full_path.is_file():
|
| 218 |
+
raise HTTPException(status_code=404, detail="File not found")
|
| 219 |
+
|
| 220 |
+
return FileResponse(file_full_path)
|
| 221 |
|
| 222 |
if __name__ == "__main__":
|
| 223 |
import uvicorn
|