terreng / simple-web-server Goto Github PK

What all platforms are we going to release this on?

I've been doing some testing and we should be able to do everything from linux to macos to windows store apps.

I've been running into a lot of trouble packaging the appx. I packaged it into the appx but I cannot figure out how to sign it.

Your thoughts?

I was unable to get the 1.0 build to work with SSL. I built from 9a76b8b and still no joy.
I noticed the key/cert info was getting parsed incorrectly from config.json

adding this transformation worked as a band-aid for me: (index.js):

		let [key,cert] = ( ({httpsKey,httpsCert})=>{ return [httpsKey,httpsCert]})(serverconfig); 
		[key,cert] = [key,cert].map( value=>{
                      return value
			.replaceAll(/(?<!(BEGIN|RSA|PRIVATE|END))[ ]/g,'\n')
			.replace(/-[^-]+$/,'');
                 });	    
		var server = https.createServer({key, cert}); 
               // var server = https.createServer({key: serverconfig.httpsKey, cert: serverconfig.httpsCert});

(i don't think it's the right way to solve this so I didn't create a PR)

Here's the current name and logo:

kzahel gave us permission to use the web server for chrome logo:

Do we want to use the web server for chrome logo or a new logo?
I could also make an updated version of the web server for chrome logo to make it look better while keeping its charm.
Let me know what you think @ethanaobrien.

Also, what should we call this?
It doesn't make sense to use the old "Web Server for Chrome" name because it isn't a chrome app anymore.
I like the name "Simple Web Server". Do you have any other ideas?

Windows tray / macOS menu bar icon

Hi, is it possible for android apk build and act as an android localhost Web server?

I found that the default 404 error page returns the request path directly into the HTML without escaping it. For example, if you try to visit /<u>test</u>, you'll get this page:

It's important to HTML escape any strings that are being reflected onto the page. Could you go through the code and add html escaping wherever it's needed? Check the other error pages, as well as perhaps the directory listing (in case files or folders have html characters like <, >, &, etc.)

Here's how to escape strings for html:
str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#039;")

Thank you!

Dose not support 32 bit windows? Any plan use builder other than electron? How long?

With the new 'https' feature the ui always shows 'http' urls

#25 (comment)

Put all copy into a language file to make translating to more languages easy. Translate website and documentation.

simple guide - https://yaler.net/nodejs-websocket-server

The config may be difficult though.

@ethanaobrien Could you please create some basic documentation on how to set up the HTTPS feature for someone who has never used it before?

Here's a screenshot of what the UI looks like currently.

Do the auto-generated certs also work on the local network or just localhost?

Single page website design. Menu on left. Sandwich icon on mobile.

Mention not available on Chrome OS. Mention continuation of Web Server for Chrome.

• Remember site meta tags

Home -> GitHub link, Screenshots and description
Download -> Download links, install instructions, changelog, link to build from source docs
Documentation
• Server Options
• App Settings
• Specific feature docs

• TODO: Favicon

I've been having trouble getting the Linux build to work from arm64 Debian Linux. I'll have to look into it later.

• add linux file paths to logs and config.json pages

Error: listen EADDRINUSE: address already in use <IP>

Hi,

Spa dose not work with service worker.

Generated service worker's cache file precache-manifest, store spa url with parameter, so reload of any page for SPA, it lost it's own cache link or get mismatch regexp link i think.

Any advice or fix can be appreciable.

Could you please open a new PR on kzahel/web-server-chrome that does the following:

• Add a react UI card (like you already did on #264) that says "Chrome apps are going away! Web Server for Chrome is now a standalone program: https://simplewebserver.org"
  • Make the link text say "https://simplewebserver.org", but have the link actually go to https://simplewebserver.org/wsc.html
  • If possible, don't show this message to users on Chrome OS
• Update README.md to add the same message to the top of it.

Please make a separate PR with only these changes, because it will make it much easier for him to merge it.

Once I finish with the initial release, and you create the PR, then we can ask him if he could merge it and do a release on the chrome web store. Sound like a plan?

Hi,

entry not found - after build GitHub source again with latest source v1.0.1 has no problem but WSC missing from source. Can i have latest stable full source please with WSC so that do some testing with handlers PUT method as it is showing CORS error problem?

Hi,

Simple web server suddenly not working and shows directory listing instead. Please have a look.

This should help reduce clutter in WSC.js

I'm wondering, when packaging, if there is a better way to store the thousands of node dependency files. This would drastically decrease file size and install speed.

Also, an auto updater would be a nice feature rather than just notifying the user

For both these examples, I think we should try to see how the discord desktop app does these things (Its electron based, in the app you can open the console by pressing crtl+shift+i, or at least you used to in older versions of the app, they seem to have changed it)

I turned on HTTPS for a server and generated a certificate for it. The next time I opened the app, this error came up. The server gets stuck in the "Starting..." state because this error isn't being caught. And the error comes up every time I try to start it. All the settings are on their defaults except for enabling HTTPS and auto generating a certificate.

Uncaught Exception:
Error: error:0900006e:PEM routines:OPENSSL_internal:NO_START_LINE
at Object.createSecureContext (_tls_common.js:129:17)
at Server.setSecureContext (_tls_wrap.js:1323:27)
at Server (_tls_wrap.js:1181:8)
at new Server (https.js:66:14)
at Object.createServer (https.js:91:10)
at createServer (/Users/terren/Documents/GitHub/web-server/index.js:382:44)
at createServers (/Users/terren/Documents/GitHub/web-server/index.js:363:13)
at startServers (/Users/terren/Documents/GitHub/web-server/index.js:358:9)
at App.<anonymous> (/Users/terren/Documents/GitHub/web-server/index.js:168:5)
at App.emit (events.js:315:20)

We need to figure out what's causing this error, and at the very least make sure we catch it and set the status of that server to errored.

Consider an option to start web servers in the background on login.

Less data is transferred (send dependency will need to be removed first)

for gzip I have found this works

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Encoding

Web Server for Chrome had an option called Listen on IPV6.

https://www.grouparoo.com/blog/node-js-and-ipv6

the file upload is not working. Tried configuring with all tools and tried to upload in more than one navigator

What happens if the local network IP changes while the program is running? This should trigger an event to restart the servers and send a message to the UI with the new IP.

Would be nice to remove send dependency, because it's not necessary.

var input = document.getElementById("app-logo");
var file = input.files[0];
var fd = new FormData();
fd.append("file", file);
function responseHandler(e) {
console.log("readystate change", e);
}
var xhr = new XMLHttpRequest();
xhr.open("PUT", "http://localhost:8080/uploads/logo", true);
xhr.onreadystatechange = responseHandler;
xhr.send(fd);

I had tried above to create logo image inside uploads/logo - shows strict-origin-when-cross-origin

I will do this. I already have some of the code written. This option will ignore ALL other options (Except port and local network)

Ability to route through the router and make available on the internet (via your ip) chrome web server supports this

Include all documentation in app. Show question mark icons next to each option -> open a modal with a description of the option.

Light, dark, or follow system

Make the program work with screen readers / switch access. Make sure it is possible to change zoom size. Check if gold color meets minimum contrast ratio.

I made a spa app and I now finally realize why you would want to have a custom regex expression.

The current one is /.*\.[\d\w]+$/ which basically means if the file (it basically pops after the last /) has a . (dot) and then something after the dot then the spa page will not (since we want it to be null) be rendered. A custom regex would allow the user to only render the spa html with something like a certain extension or a specific folder in the path or something like this.

Going back to this (I couldnt find the exact location but I remember the conversation)

spa does NOT just render the page when no file is found, it renders the page when the regex expression is not met.

Let me know what you think

I think we should use the following standard format for http errors:

Error 404: Not Found
Error 403: Forbidden
Error 500: Internal Server Error

etc.

Use fs.watchFile to detect changes to the config file. Update servers and UI in real time without needing to restart the program.

Perhaps show a banner on the main list / refresh button icon at the top. Click to reload from config file. Essentially just restarts the program. Detect changes to config outside of program.

Make this optional, and ask when first opened before making any network requests.

Add an option to settings "Check for updates"

Show a banner when updates are available. Check a file at simplewebserver.org/versions.json

• Detect if we don't have permission to read a file or directory at runtime, and serve a 403 error
• Don't serve files outside of selected path (don't allow for /../ in url)

Allow clicking and dragging to reorder servers on the list.

Plugins would allow anyone to create additional features or customize the behavior of the app. We could have a list of additional plugins on the website. I think a plugins system would strike a nice balance between keeping the app simple, but also letting people take it further if they want additional functionality.

Plugins would consist of a config file and some javascript. The config file would have details like the plugin name and version, and an array of additional options (that could be checkboxes, textboxes, or number inputs). In the UI, it would add an extra options section for each plugin with these options. Then in the javascript, you could write a custom script that can apply custom logic to requests, like adding headers or turning it into a proxy. This would work like the custom scripts/custom request handler features you've already made - it would have access to req and res, as well as the values of all the server options.

Users could download plugins - possibly as a zip of multiple files or perhaps as one combined file with a custom file extension - and then add them into the app from the UI or by placing them in a directory within the app's data folder like /plugins.

We'd want to make sure that it's easy to write basic plugins for things like adding additional headers. Ideally, this should be possible with only a few lines of code.

Alongside the introduction of plugins, I'd like you to create the first official plugin which adds the proxy feature.

Let me know what you think!

Here are some prototype/example screenshots of what it might look like:

I'm wondering if it's possible to run the servers from a separate node process, and kill the electron process when the window isn't visible. I'm not sure how much energy is used to run in the background. Separating it like this would likely make it open slower.

I'm wondering if it's possible to run the servers from a separate node process, and kill the electron process when the window isn't visible. I'm not sure how much energy is used to run in the background. Separating it like this would likely make it open slower.

I want to look in to possibly using Tauri instead of Electron for a future version. Depends how well it works and how mature it is. Benefit would be much smaller package size and memory overhead.

Use fs.watchFile to detect changes to served files. Inject JavaScript code into all served HTML pages that hold a socket connection open (Use Socket.IO? HTTP long polling?), gets notified any time the page is updated, and responds by reloading the page. Optional feature.

Suggested by @dougouverson as a comment in #61

Sorry, this is a lot. I may have missed something (Don't worry about it)

Please add these all to the UI:

Errors:

Custom 400 html: optCustom400 (default: false, boolean)
400 html location: optCustom400location (default: /400.html, string)
Custom 401 html: optCustom401 (default: false, boolean)
401 html location: optCustom401location (default: /401.html, string)
Custom 403 html: optCustom403 (default: false, boolean)
403 html location: optCustom403location (default: /403.html, string)
Custom 404 html: optCustom404 (default: false, boolean)
404 html location: optCustom404location (default: /404.html, string)
Send 404 variable: optCustom404usevar (default: false, boolean)
404 variable name: optCustom404usevarvar (default: locationoflostuser, string)

Exclude .html:

Exclude .html extension: optExcludeDotHtml (default: false, boolean)
Exclude .htm extension: optExcludeDotHtm (default: false, boolean)

Index rendering:

Auto render index.html (already implemented, don’t change this)
404 instead of directory listing: optDir404 (default: false, boolean)

Directory listing:

Static directory listing (no JavaScript): optStatic (default: false, boolean)
Show dot files in directory listing: optDotFilesDirListing (default: false, boolean)

Other:
Send cache control header with every request: optCacheControl (default: false, boolean)
Cache control header value: optCacheControlValue (default: must-revalidate, string)

Htaccess:

Scan for htaccess: optScanForHtaccess (default: false, boolean) - with this one, please add a place that we can add a link to the htaccess readme
Allow GET requests: optGETHtaccess (default: false, boolean)
Allow PUT/POST requests: optPUTPOSTHtaccess (default: false, boolean)
Allow DELETE requests: optDELETEHtaccess (default: false, boolean)
Show in directory listing: optDirListingHtaccess (default: false, boolean)

File upload/delete:

Allow file upload: optUpload (default: false, boolean)
Allow replace file: optAllowReplaceFile (default: false, boolean)
Allow deleting files: optDelete (default: false, boolean)

IP blocking:

Search for IP block list: optIpBlocking (default: false, boolean)
Ip block list location: optIpBlockList (default: ipblock.list, string)
Block requests from undefined addresses: optIpBlockUndefined (default: false, boolean)
Please also add a place to put a link to the readme

Auth:

Use basic auth: optUsebasicauth (default: false, boolean)
Auth username: optAuthUsername (default: admin, string)
Auth password: optAuthPassword (default: admin, string)

Protocol options: (do not do at the moment)

Use https: optUseHttps (default: false, boolean)
Forward to https: optHttp2Https (default: false, boolean)
Use http 2.0: optHttp2 (default: false, boolean)

For https and http 2, please have places where we can generate keys required for protocol (could you please work on the key generation? I plan to use the nodejs require('https') and require('http2'))

Let me know if you need anything

I'm getting a blank page at / with this combination of options.

omg no more web server on chrom os? chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded chrom os is ded