topbit 3.0.0 → 3.0.2

package/README.cn.md

@@ -131,7 +131,7 @@ GET POST PUT PATCH DELETE OPTIONS  TRACE HEAD
 
 'use strict'
 
-const Topbit = require('titibit')
+const Topbit = require('topibit')
 
 const app = new Topbit({
   debug: true
@@ -705,14 +705,12 @@ app.use(async (c, next) => {
 })
 
 //use可以级联: app.use(m1).use(m2)
-//在21.5.4版本以后，不过这个功能其实根本不重要
-//因为有topbit-loader扩展，实现的功能要强大的多。
 
 ```
 
 ## topbit完整的流程图示
 
-![](images/topbit-middleware.png)
+![](images/topbit-middleware.webp)
 
 
 > **需要知道的是，其实在内部，body数据接收和解析也都是中间件，只是刻意安排了顺序，分出了pre和use接口。**

package/README.md

@@ -113,7 +113,7 @@ The first 6 are the most commonly used. For each request type, the router has a
 
 'use strict'
 
-const Topbit = require('titibit')
+const Topbit = require('topibit')
 
 const app = new Topbit({
   debug: true
@@ -678,13 +678,11 @@ app.use(async (c, next) => {
 })
 
 // use can be cascaded: app.use(m1).use(m2)
-// Available after v21.5.4, but this feature is not critical
-// because the topbit-loader extension offers much more powerful functionality.
 ```
 
 ## Topbit Complete Flow Chart
 
-![](images/topbit-middleware.png)
+![](images/topbit-middleware.webp)
 
 > **It is important to know that internally, body data reception and parsing are also middleware. The order is deliberately arranged, separating `pre` and `use` interfaces.**
 

package/demo/cert/api.x.com.cert

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB4DCCAYWgAwIBAgIUP4XKCZ4CiwGAQDcWvyJknRmVAOcwCgYIKoZIzj0EAwIw
+XjELMAkGA1UEBhMCQ04xEDAOBgNVBAgMB0Rhb2ppYW4xDDAKBgNVBAcMA1NKWjEQ
+MA4GA1UECgwHRGFvamlhbjENMAsGA1UECwwEQ29yZTEOMAwGA1UEAwwFQnJhdmUw
+HhcNMjUxMjA1MDA1MDE1WhcNMzUxMjAzMDA1MDE1WjBeMQswCQYDVQQGEwJDTjEQ
+MA4GA1UECAwHRGFvamlhbjEMMAoGA1UEBwwDU0paMRAwDgYDVQQKDAdEYW9qaWFu
+MQ0wCwYDVQQLDARDb3JlMQ4wDAYDVQQDDAVCcmF2ZTBZMBMGByqGSM49AgEGCCqG
+SM49AwEHA0IABJV9Pr05OssEok2oOMwAG8V33unH7F49Xc2RkoX9m+rL4AMKmL/7
+QDi0SQcFweU3g4H6ToPYxen2KzXuJG8pTI6jITAfMB0GA1UdDgQWBBSTFxmGY1Dd
+quCRCwl2RJPrneEItTAKBggqhkjOPQQDAgNJADBGAiEAxubn2JXt/mIGZlgC+fq3
+JkSs/bSf48NseVTqxs34qF8CIQDXhSSb5wWn2QPwJW2kwHnbxvenv8enyhDimzH6
+1M85Nw==
+-----END CERTIFICATE-----

package/demo/cert/api.x.com.key

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIHZmz1XqryxC1qU41ZDaELa+W4Kr2xuOF/9zKttQA+U5oAoGCCqGSM49
+AwEHoUQDQgAElX0+vTk6ywSiTag4zAAbxXfe6cfsXj1dzZGShf2b6svgAwqYv/tA
+OLRJBwXB5TeDgfpOg9jF6fYrNe4kbylMjg==
+-----END EC PRIVATE KEY-----

package/demo/cert/x.com.cert

@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBzzCCAXWgAwIBAgIUZ+2zEjF7jyFSM1eJrB+s7ETN5SkwCgYIKoZIzj0EAwIw
+VjELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkhiMQwwCgYDVQQHDANTWkoxDjAMBgNV
+BAoMBUJyYXZlMQ0wCwYDVQQLDARDb3JlMQ0wCwYDVQQDDARXYW5nMB4XDTI1MTIw
+NTAwNDcyNloXDTM1MTIwMzAwNDcyNlowVjELMAkGA1UEBhMCQ04xCzAJBgNVBAgM
+AkhiMQwwCgYDVQQHDANTWkoxDjAMBgNVBAoMBUJyYXZlMQ0wCwYDVQQLDARDb3Jl
+MQ0wCwYDVQQDDARXYW5nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBgZDvrQE
+NCxqkxlAugcozIZUGN2okUCZ0Ff8i3O2IKjhT2I4EhYO6V+OqjorUw6rba8NUPuz
+gaazoj7QJH2lcKMhMB8wHQYDVR0OBBYEFLm3o3RWP/LNQIRNLrxIV2sWyo+9MAoG
+CCqGSM49BAMCA0gAMEUCIQDtequ0KVuO0jGUIipEnob39qRrvbN2ivnJngPl7Phn
+ngIgKKc7BiPvfVGszW364NoAX+dfvP7vgv4LkVb5oZpbw7A=
+-----END CERTIFICATE-----

package/demo/cert/x.com.key

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEICWpohhKOazU0ISyQVB8NRfdIVrIJQSiuojuXoqH3ZuYoAoGCCqGSM49
+AwEHoUQDQgAEBgZDvrQENCxqkxlAugcozIZUGN2okUCZ0Ff8i3O2IKjhT2I4EhYO
+6V+OqjorUw6rba8NUPuzgaazoj7QJH2lcA==
+-----END EC PRIVATE KEY-----

package/demo/ecc-cert.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+NAME='localhost'
+
+if [ $# -gt 0 ] ; then
+    NAME=$1
+fi
+
+# 当前openssl无法生成基于SM2的ECC证书，会提示无法读取私钥错误
+
+#生成私钥
+#openssl ecparam -genkey -name prime256v1 -out "$NAME.key"
+
+#若要基于私钥生成公钥请执行
+#openssl ec -in "$NAME.key" -pubout -out "$NAME.pub"
+
+openssl ecparam -genkey -name prime256v1 | openssl ec -out "$NAME.key"
+
+#生成证书请求文件
+#openssl req -new -sha256 -out "$NAME.req" -key "$NAME.key"
+openssl req -new -out "$NAME.req" -key "$NAME.key"
+
+openssl x509 -req -in "$NAME.req" -out "$NAME.cert" -signkey "$NAME.key" -days 3650
+

package/demo/sni.js

@@ -0,0 +1,59 @@
+'use strict';
+
+const topbit = require('../src/topbit.js');
+const fs = require('fs');
+const tls = require('tls');
+
+let certs = {
+    'x.com' : {
+        cert : fs.readFileSync('./cert/x.com.cert'),
+        key  : fs.readFileSync('./cert/x.com.key')
+    },
+
+    'api.x.com' : {
+        cert : fs.readFileSync('./cert/api.x.com.cert'),
+        key  : fs.readFileSync('./cert/api.x.com.key')
+    }
+}
+
+let app = new topbit({
+    debug: true,
+    loadMonitor: false,
+    http2: true,
+    https: true,
+    server : {
+        SNICallback : (servername, cb) => {
+            return cb(null, tls.createSecureContext(certs[servername]));
+        }
+    },
+    pidFile: '/tmp/mymaster.pid'
+});
+
+
+app.use(async (c, next) => {
+    if (!c.getFile('image')) {
+        return c.status().oo('image not found');
+    }
+    await next(c);
+}, {method:'POST', group: 'upload'});
+
+app.get('/', async c => {
+    c.oo('ok');
+})
+
+app.post('/p', async c => {
+    c.ok(c.body);
+});
+
+app.post('/upload', async c => {
+    try {
+        c.res.body = await c.moveFile(c.getFile('image'), {
+            path: process.env.HOME + '/tmp/buffer'
+        });
+    } catch (err) {
+        c.res.body = err.message;
+    }
+}, '@upload');
+
+app.daemon(1990, 2);
+

package/demo/static.js

@@ -0,0 +1,32 @@
+'use strict'
+
+process.chdir(__dirname)
+
+let Topbit = require('../src/topbit.js')
+let {Resource} = Topbit.extensions
+
+let app = new Topbit({
+  debug: true,
+  loadInfoFile: '--mem',
+  globalLog: true,
+  logType: 'stdio'
+})
+
+if (app.isWorker) {
+  app.get('/', async ctx => {
+    ctx.ok('ok')
+  })
+
+  let rse = new Resource({
+    staticPath: './',
+    routePath: '/static/*'
+  })
+
+  rse.init(app)
+}
+
+app.sched('none')
+
+app.autoWorker(3)
+
+app.daemon(1234, 1)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "topbit",
-  "version": "3.0.0",
+  "version": "3.0.2",
   "description": "A Server-side web framework support http/1.1 and http/2",
   "main": "src/topbit.js",
   "directories": {

package/src/extends/resource.js

@@ -289,6 +289,10 @@ class Resource {
         }
       }
 
+      if (real_path.indexOf('/../') >= 0) {
+        return c.status(404).to('file not found')
+      }
+
       let pathfile = `${self.staticPath}${self.prepath}${real_path}`
   
       if (self.cache.has(real_path)) {

package/src/sendmsg.js

@@ -13,15 +13,15 @@ module.exports = (type, msg, options = {autoExit: false}) => {
       process.send({
         type: type,
         message: msg
-      });
+      })
     }
 
     if (options.autoExit) {
-      process.exit(options.exitCode || 0);
+      process.exit(options.exitCode || 0)
     }
 
   } catch (err) {
 
   }
 
-};
+}