fixat så uri rensas och återanvänds, lade till ny metod för sanering

Boppler12 · Boppler12 · commit 2f8312b0359d · 2026-02-26T11:43:54.000+01:00
diff --git a/src/main/java/org/example/ConnectionHandler.java b/src/main/java/org/example/ConnectionHandler.java
@@ -69,34 +69,6 @@ public void runConnectionHandler() throws IOException {
         // Sanitize URI here (clean it)
         String sanitizedUri = sanitizeUri(parser.getUri());
         String cacheKey = "www:" + sanitizedUri;
-
-        // Check cache FIRST
-        byte[] cachedBytes = FileCache.get(cacheKey);
-        if (cachedBytes != null) {
-            System.out.println(" Cache HIT: " + sanitizedUri);
-            response.setContentTypeFromFilename(sanitizedUri);
-            response.setBody(cachedBytes);
-            client.getOutputStream().write(response.build());
-            client.getOutputStream().flush();
-            return;
-        }
-
-        // Cache miss - StaticFileHandler reads and caches
-        System.out.println(" Cache MISS: " + sanitizedUri);
-        try {
-            byte[] fileBytes = Files.readAllBytes(new File("www", sanitizedUri).toPath());
-            FileCache.put(cacheKey, fileBytes);  // ← SPARAR I CACHEN HÄR
-            
-            response.setContentTypeFromFilename(sanitizedUri);
-            response.setBody(fileBytes);
-            client.getOutputStream().write(response.build());
-            client.getOutputStream().flush();
-        } catch (NoSuchFileException e) {
-            response.setStatusCode(HttpResponseBuilder.SC_NOT_FOUND);
-            response.setBody("404 Not Found");
-            client.getOutputStream().write(response.build());
-            client.getOutputStream().flush();
-        }
     }
 
     private String sanitizeUri(String uri) {
diff --git a/src/main/java/org/example/StaticFileHandler.java b/src/main/java/org/example/StaticFileHandler.java
@@ -24,22 +24,24 @@ public StaticFileHandler(String webRoot) {
     }
 
     public void sendGetRequest(OutputStream outputStream, String uri) throws IOException {
-        if (isPathTraversal(uri)) {
+        String sanitizedUri = sanitizeUri(uri);
+
+        if (isPathTraversal(sanitizedUri)) {
             writeResponse(outputStream, 403, "Forbidden");
             return;
         }
 
         try {
-            String cacheKey = "www:" + uri;  
+            String cacheKey = "www:" + sanitizedUri;
             byte[] fileBytes = FileCache.get(cacheKey);
 
             if (fileBytes == null) {
-                fileBytes = Files.readAllBytes(new File(webRoot, uri).toPath());
+                fileBytes = Files.readAllBytes(new File(webRoot, sanitizedUri).toPath());
                 FileCache.put(cacheKey, fileBytes);
             }
 
             HttpResponseBuilder response = new HttpResponseBuilder();
-            response.setContentTypeFromFilename(uri);
+            response.setContentTypeFromFilename(sanitizedUri);
             response.setBody(fileBytes);
             outputStream.write(response.build());
             outputStream.flush();
@@ -51,6 +53,21 @@ public void sendGetRequest(OutputStream outputStream, String uri) throws IOExcep
         }
     }
 
+
+    private String sanitizeUri(String uri) {
+        if (uri == null || uri.isEmpty()) return "index.html";
+
+        int endIndex = Math.min(
+                uri.indexOf('?') < 0 ? uri.length() : uri.indexOf('?'),
+                uri.indexOf('#') < 0 ? uri.length() : uri.indexOf('#')
+        );
+
+        return uri.substring(0, endIndex)
+                .replace("\0", "")
+                .replaceAll("^/+", "")
+                .replaceAll("^$", "index.html");
+    }
+
     private boolean isPathTraversal(String uri) {
         try {
             Path webRootPath = Paths.get(webRoot).toAbsolutePath().normalize();
