+1 -1

platformio.ini

reviewed

··· 6 6 version = 1.0.0 7 7 8 8 [base] 9 9 - platform = espressif32 @ 6.12.0 9 9 + platform = https://github.com/pioarduino/platform-espressif32/releases/download/55.03.37/platform-espressif32.zip 10 10 board = esp32-c3-devkitm-1 11 11 framework = arduino 12 12 monitor_speed = 115200

+1

src/components/themes/BaseTheme.h

reviewed

··· 3 3 #include <cstddef> 4 4 #include <cstdint> 5 5 #include <functional> 6 6 + #include <string> 6 7 #include <vector> 7 8 8 9 class GfxRenderer;

+7 -1

src/network/CrossPointWebServer.cpp

reviewed

··· 159 159 server->onNotFound([this] { handleNotFound(); }); 160 160 LOG_DBG("WEB", "[MEM] Free heap after route setup: %d bytes", ESP.getFreeHeap()); 161 161 162 162 + // Collect WebDAV headers and register handler 163 163 + const char* davHeaders[] = {"Depth", "Destination", "Overwrite", "If", "Lock-Token", "Timeout"}; 164 164 + server->collectHeaders(davHeaders, 6); 165 165 + server->addHandler(&davHandler); 166 166 + LOG_DBG("WEB", "WebDAV handler initialized"); 167 167 + 162 168 server->begin(); 163 169 164 170 // Start WebSocket server for fast binary uploads ··· 502 508 server->sendHeader("Content-Disposition", "attachment; filename=\"" + filename + "\""); 503 509 server->send(200, contentType.c_str(), ""); 504 510 505 505 - WiFiClient client = server->client(); 511 511 + NetworkClient client = server->client(); 506 512 client.write(file); 507 513 file.close(); 508 514 }

+5 -2

src/network/CrossPointWebServer.h

reviewed

··· 1 1 #pragma once 2 2 3 3 #include <HalStorage.h> 4 4 + #include <NetworkUdp.h> 4 5 #include <WebServer.h> 5 6 #include <WebSocketsServer.h> 6 6 - #include <WiFiUdp.h> 7 7 8 8 #include <memory> 9 9 #include <string> 10 10 #include <vector> 11 11 + 12 12 + #include "WebDAVHandler.h" 11 13 12 14 // Structure to hold file information 13 15 struct FileInfo { ··· 71 73 private: 72 74 std::unique_ptr<WebServer> server = nullptr; 73 75 std::unique_ptr<WebSocketsServer> wsServer = nullptr; 76 76 + WebDAVHandler davHandler; 74 77 bool running = false; 75 78 bool apMode = false; // true when running in AP mode, false for STA mode 76 79 uint16_t port = 80; 77 80 uint16_t wsPort = 81; // WebSocket port 78 78 - WiFiUDP udp; 81 81 + NetworkUDP udp; 79 82 bool udpActive = false; 80 83 81 84 // WebSocket upload state

+11 -11

src/network/HttpDownloader.cpp

reviewed

··· 2 2 3 3 #include <HTTPClient.h> 4 4 #include <Logging.h> 5 5 + #include <NetworkClient.h> 6 6 + #include <NetworkClientSecure.h> 5 7 #include <StreamString.h> 6 6 - #include <WiFiClient.h> 7 7 - #include <WiFiClientSecure.h> 8 8 #include <base64.h> 9 9 10 10 #include <cstring> ··· 14 14 #include "util/UrlUtils.h" 15 15 16 16 bool HttpDownloader::fetchUrl(const std::string& url, Stream& outContent) { 17 17 - // Use WiFiClientSecure for HTTPS, regular WiFiClient for HTTP 18 18 - std::unique_ptr<WiFiClient> client; 17 17 + // Use NetworkClientSecure for HTTPS, regular NetworkClient for HTTP 18 18 + std::unique_ptr<NetworkClient> client; 19 19 if (UrlUtils::isHttpsUrl(url)) { 20 20 - auto* secureClient = new WiFiClientSecure(); 20 20 + auto* secureClient = new NetworkClientSecure(); 21 21 secureClient->setInsecure(); 22 22 client.reset(secureClient); 23 23 } else { 24 24 - client.reset(new WiFiClient()); 24 24 + client.reset(new NetworkClient()); 25 25 } 26 26 HTTPClient http; 27 27 ··· 64 64 65 65 HttpDownloader::DownloadError HttpDownloader::downloadToFile(const std::string& url, const std::string& destPath, 66 66 ProgressCallback progress) { 67 67 - // Use WiFiClientSecure for HTTPS, regular WiFiClient for HTTP 68 68 - std::unique_ptr<WiFiClient> client; 67 67 + // Use NetworkClientSecure for HTTPS, regular NetworkClient for HTTP 68 68 + std::unique_ptr<NetworkClient> client; 69 69 if (UrlUtils::isHttpsUrl(url)) { 70 70 - auto* secureClient = new WiFiClientSecure(); 70 70 + auto* secureClient = new NetworkClientSecure(); 71 71 secureClient->setInsecure(); 72 72 client.reset(secureClient); 73 73 } else { 74 74 - client.reset(new WiFiClient()); 74 74 + client.reset(new NetworkClient()); 75 75 } 76 76 HTTPClient http; 77 77 ··· 113 113 } 114 114 115 115 // Get the stream for chunked reading 116 116 - WiFiClient* stream = http.getStreamPtr(); 116 116 + NetworkClient* stream = http.getStreamPtr(); 117 117 if (!stream) { 118 118 LOG_ERR("HTTP", "Failed to get stream"); 119 119 file.close();

+1 -1

src/network/HttpDownloader.h

reviewed

··· 6 6 7 7 /** 8 8 * HTTP client utility for fetching content and downloading files. 9 9 - * Wraps WiFiClientSecure and HTTPClient for HTTPS requests. 9 9 + * Wraps NetworkClientSecure and HTTPClient for HTTPS requests. 10 10 */ 11 11 class HttpDownloader { 12 12 public:

+828

src/network/WebDAVHandler.cpp

reviewed

··· 1 1 + #include "WebDAVHandler.h" 2 2 + 3 3 + #include <Epub.h> 4 4 + #include <FsHelpers.h> 5 5 + #include <HalStorage.h> 6 6 + #include <Logging.h> 7 7 + #include <esp_task_wdt.h> 8 8 + 9 9 + #include "util/StringUtils.h" 10 10 + 11 11 + namespace { 12 12 + const char* HIDDEN_ITEMS[] = {"System Volume Information", "XTCache"}; 13 13 + constexpr size_t HIDDEN_ITEMS_COUNT = sizeof(HIDDEN_ITEMS) / sizeof(HIDDEN_ITEMS[0]); 14 14 + 15 15 + // RFC 1123 date format helper: "Sun, 06 Nov 1994 08:49:37 GMT" 16 16 + // ESP32 doesn't have real-time clock set by default, so we use a fixed epoch date 17 17 + // as a fallback. The date is not critical for WebDAV Class 1 operations. 18 18 + const char* FIXED_DATE = "Thu, 01 Jan 2024 00:00:00 GMT"; 19 19 + } // namespace 20 20 + 21 21 + // ── RequestHandler interface ───────────────────────────────────────────────── 22 22 + 23 23 + bool WebDAVHandler::canHandle(WebServer& server, HTTPMethod method, const String& uri) { 24 24 + (void)server; 25 25 + (void)uri; 26 26 + switch (method) { 27 27 + case HTTP_OPTIONS: 28 28 + case HTTP_PROPFIND: 29 29 + case HTTP_GET: 30 30 + case HTTP_HEAD: 31 31 + case HTTP_PUT: 32 32 + case HTTP_DELETE: 33 33 + case HTTP_MKCOL: 34 34 + case HTTP_MOVE: 35 35 + case HTTP_COPY: 36 36 + case HTTP_LOCK: 37 37 + case HTTP_UNLOCK: 38 38 + return true; 39 39 + default: 40 40 + return false; 41 41 + } 42 42 + } 43 43 + 44 44 + bool WebDAVHandler::canRaw(WebServer& server, const String& uri) { 45 45 + (void)uri; 46 46 + return server.method() == HTTP_PUT; 47 47 + } 48 48 + 49 49 + void WebDAVHandler::raw(WebServer& server, const String& uri, HTTPRaw& raw) { 50 50 + (void)uri; 51 51 + if (raw.status == RAW_START) { 52 52 + _putPath = getRequestPath(server); 53 53 + if (isProtectedPath(_putPath)) { 54 54 + _putOk = false; 55 55 + return; 56 56 + } 57 57 + 58 58 + // Ensure parent directory exists 59 59 + int lastSlash = _putPath.lastIndexOf('/'); 60 60 + if (lastSlash > 0) { 61 61 + String parentPath = _putPath.substring(0, lastSlash); 62 62 + if (!Storage.exists(parentPath.c_str())) { 63 63 + _putOk = false; 64 64 + return; 65 65 + } 66 66 + } 67 67 + 68 68 + if (_putFile) _putFile.close(); 69 69 + _putExisted = Storage.exists(_putPath.c_str()); 70 70 + 71 71 + if (_putExisted) { 72 72 + FsFile existing = Storage.open(_putPath.c_str()); 73 73 + if (existing && existing.isDirectory()) { 74 74 + existing.close(); 75 75 + _putOk = false; 76 76 + return; 77 77 + } 78 78 + if (existing) existing.close(); 79 79 + } 80 80 + 81 81 + // Write to a temp file to avoid destroying the original on failed upload 82 82 + String tempPath = _putPath + ".davtmp"; 83 83 + Storage.remove(tempPath.c_str()); 84 84 + _putOk = Storage.openFileForWrite("DAV", tempPath, _putFile); 85 85 + LOG_DBG("DAV", "PUT START: %s", _putPath.c_str()); 86 86 + 87 87 + } else if (raw.status == RAW_WRITE) { 88 88 + if (_putFile && _putOk) { 89 89 + esp_task_wdt_reset(); 90 90 + size_t written = _putFile.write(raw.buf, raw.currentSize); 91 91 + if (written != raw.currentSize) { 92 92 + _putOk = false; 93 93 + } 94 94 + } 95 95 + 96 96 + } else if (raw.status == RAW_END) { 97 97 + if (_putFile) _putFile.close(); 98 98 + if (_putOk) { 99 99 + String tempPath = _putPath + ".davtmp"; 100 100 + if (_putExisted) Storage.remove(_putPath.c_str()); 101 101 + FsFile tmp = Storage.open(tempPath.c_str()); 102 102 + if (tmp) { 103 103 + _putOk = tmp.rename(_putPath.c_str()); 104 104 + tmp.close(); 105 105 + } else { 106 106 + _putOk = false; 107 107 + } 108 108 + if (!_putOk) Storage.remove(tempPath.c_str()); 109 109 + } 110 110 + LOG_DBG("DAV", "PUT END: %u bytes, ok=%d", raw.totalSize, _putOk); 111 111 + 112 112 + } else if (raw.status == RAW_ABORTED) { 113 113 + if (_putFile) _putFile.close(); 114 114 + String tempPath = _putPath + ".davtmp"; 115 115 + Storage.remove(tempPath.c_str()); 116 116 + _putOk = false; 117 117 + } 118 118 + } 119 119 + 120 120 + bool WebDAVHandler::handle(WebServer& server, HTTPMethod method, const String& uri) { 121 121 + (void)uri; 122 122 + switch (method) { 123 123 + case HTTP_OPTIONS: 124 124 + handleOptions(server); 125 125 + return true; 126 126 + case HTTP_PROPFIND: 127 127 + handlePropfind(server); 128 128 + return true; 129 129 + case HTTP_GET: 130 130 + handleGet(server); 131 131 + return true; 132 132 + case HTTP_HEAD: 133 133 + handleHead(server); 134 134 + return true; 135 135 + case HTTP_PUT: 136 136 + handlePut(server); 137 137 + return true; 138 138 + case HTTP_DELETE: 139 139 + handleDelete(server); 140 140 + return true; 141 141 + case HTTP_MKCOL: 142 142 + handleMkcol(server); 143 143 + return true; 144 144 + case HTTP_MOVE: 145 145 + handleMove(server); 146 146 + return true; 147 147 + case HTTP_COPY: 148 148 + handleCopy(server); 149 149 + return true; 150 150 + case HTTP_LOCK: 151 151 + handleLock(server); 152 152 + return true; 153 153 + case HTTP_UNLOCK: 154 154 + handleUnlock(server); 155 155 + return true; 156 156 + default: 157 157 + return false; 158 158 + } 159 159 + } 160 160 + 161 161 + // ── OPTIONS ────────────────────────────────────────────────────────────────── 162 162 + 163 163 + void WebDAVHandler::handleOptions(WebServer& s) { 164 164 + s.sendHeader("DAV", "1"); 165 165 + s.sendHeader("Allow", 166 166 + "OPTIONS, GET, HEAD, PUT, DELETE, " 167 167 + "PROPFIND, MKCOL, MOVE, COPY, LOCK, UNLOCK"); 168 168 + s.sendHeader("MS-Author-Via", "DAV"); 169 169 + s.send(200); 170 170 + LOG_DBG("DAV", "OPTIONS %s", s.uri().c_str()); 171 171 + } 172 172 + 173 173 + // ── PROPFIND ───────────────────────────────────────────────────────────────── 174 174 + 175 175 + void WebDAVHandler::handlePropfind(WebServer& s) { 176 176 + String path = getRequestPath(s); 177 177 + int depth = getDepth(s); 178 178 + 179 179 + LOG_DBG("DAV", "PROPFIND %s depth=%d", path.c_str(), depth); 180 180 + 181 181 + // Check if path exists 182 182 + if (!Storage.exists(path.c_str()) && path != "/") { 183 183 + s.send(404, "text/plain", "Not Found"); 184 184 + return; 185 185 + } 186 186 + 187 187 + FsFile root = Storage.open(path.c_str()); 188 188 + if (!root) { 189 189 + if (path == "/") { 190 190 + // Root should always work — send minimal response 191 191 + s.setContentLength(CONTENT_LENGTH_UNKNOWN); 192 192 + s.send(207, "application/xml; charset=\"utf-8\"", ""); 193 193 + s.sendContent( 194 194 + "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" 195 195 + "<D:multistatus xmlns:D=\"DAV:\">\n"); 196 196 + sendPropEntry(s, "/", true, 0, FIXED_DATE); 197 197 + s.sendContent("</D:multistatus>\n"); 198 198 + s.sendContent(""); 199 199 + return; 200 200 + } 201 201 + s.send(500, "text/plain", "Failed to open"); 202 202 + return; 203 203 + } 204 204 + 205 205 + bool isDir = root.isDirectory(); 206 206 + 207 207 + s.setContentLength(CONTENT_LENGTH_UNKNOWN); 208 208 + s.send(207, "application/xml; charset=\"utf-8\"", ""); 209 209 + s.sendContent( 210 210 + "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" 211 211 + "<D:multistatus xmlns:D=\"DAV:\">\n"); 212 212 + 213 213 + // Entry for the resource itself 214 214 + if (isDir) { 215 215 + sendPropEntry(s, path, true, 0, FIXED_DATE); 216 216 + } else { 217 217 + sendPropEntry(s, path, false, root.size(), FIXED_DATE); 218 218 + root.close(); 219 219 + s.sendContent("</D:multistatus>\n"); 220 220 + s.sendContent(""); 221 221 + return; 222 222 + } 223 223 + 224 224 + // If depth > 0 and it's a directory, list children 225 225 + if (depth > 0) { 226 226 + FsFile file = root.openNextFile(); 227 227 + char name[500]; 228 228 + while (file) { 229 229 + file.getName(name, sizeof(name)); 230 230 + String fileName(name); 231 231 + 232 232 + // Skip hidden/protected items 233 233 + bool shouldHide = fileName.startsWith("."); 234 234 + if (!shouldHide) { 235 235 + for (size_t i = 0; i < HIDDEN_ITEMS_COUNT; i++) { 236 236 + if (fileName.equals(HIDDEN_ITEMS[i])) { 237 237 + shouldHide = true; 238 238 + break; 239 239 + } 240 240 + } 241 241 + } 242 242 + 243 243 + if (!shouldHide) { 244 244 + String childPath = path; 245 245 + if (!childPath.endsWith("/")) childPath += "/"; 246 246 + childPath += fileName; 247 247 + 248 248 + if (file.isDirectory()) { 249 249 + sendPropEntry(s, childPath, true, 0, FIXED_DATE); 250 250 + } else { 251 251 + sendPropEntry(s, childPath, false, file.size(), FIXED_DATE); 252 252 + } 253 253 + } 254 254 + 255 255 + file.close(); 256 256 + yield(); 257 257 + esp_task_wdt_reset(); 258 258 + file = root.openNextFile(); 259 259 + } 260 260 + } 261 261 + 262 262 + root.close(); 263 263 + s.sendContent("</D:multistatus>\n"); 264 264 + s.sendContent(""); 265 265 + } 266 266 + 267 267 + void WebDAVHandler::sendPropEntry(WebServer& s, const String& path, bool isDir, size_t size, 268 268 + const String& lastModified) const { 269 269 + String href; 270 270 + urlEncodePath(path, href); 271 271 + // Ensure directory hrefs end with / 272 272 + if (isDir && !href.endsWith("/")) href += "/"; 273 273 + 274 274 + String xml = "<D:response><D:href>"; 275 275 + xml += href; 276 276 + xml += "</D:href><D:propstat><D:prop>"; 277 277 + 278 278 + if (isDir) { 279 279 + xml += "<D:resourcetype><D:collection/></D:resourcetype>"; 280 280 + } else { 281 281 + xml += "<D:resourcetype/>"; 282 282 + xml += "<D:getcontentlength>"; 283 283 + xml += String(size); 284 284 + xml += "</D:getcontentlength>"; 285 285 + String mime = getMimeType(path); 286 286 + xml += "<D:getcontenttype>"; 287 287 + xml += mime; 288 288 + xml += "</D:getcontenttype>"; 289 289 + } 290 290 + 291 291 + xml += "<D:getlastmodified>"; 292 292 + xml += lastModified; 293 293 + xml += "</D:getlastmodified>"; 294 294 + 295 295 + xml += "</D:prop><D:status>HTTP/1.1 200 OK</D:status></D:propstat></D:response>\n"; 296 296 + 297 297 + s.sendContent(xml); 298 298 + } 299 299 + 300 300 + // ── GET ────────────────────────────────────────────────────────────────────── 301 301 + 302 302 + void WebDAVHandler::handleGet(WebServer& s) { 303 303 + String path = getRequestPath(s); 304 304 + LOG_DBG("DAV", "GET %s", path.c_str()); 305 305 + 306 306 + if (isProtectedPath(path)) { 307 307 + s.send(403, "text/plain", "Forbidden"); 308 308 + return; 309 309 + } 310 310 + 311 311 + if (!Storage.exists(path.c_str())) { 312 312 + s.send(404, "text/plain", "Not Found"); 313 313 + return; 314 314 + } 315 315 + 316 316 + FsFile file = Storage.open(path.c_str()); 317 317 + if (!file) { 318 318 + s.send(500, "text/plain", "Failed to open file"); 319 319 + return; 320 320 + } 321 321 + if (file.isDirectory()) { 322 322 + file.close(); 323 323 + // For directories, return a PROPFIND-like response or redirect 324 324 + s.send(405, "text/plain", "Method Not Allowed"); 325 325 + return; 326 326 + } 327 327 + 328 328 + String contentType = getMimeType(path); 329 329 + s.setContentLength(file.size()); 330 330 + s.send(200, contentType.c_str(), ""); 331 331 + 332 332 + NetworkClient client = s.client(); 333 333 + client.write(file); 334 334 + file.close(); 335 335 + } 336 336 + 337 337 + // ── HEAD ───────────────────────────────────────────────────────────────────── 338 338 + 339 339 + void WebDAVHandler::handleHead(WebServer& s) { 340 340 + String path = getRequestPath(s); 341 341 + LOG_DBG("DAV", "HEAD %s", path.c_str()); 342 342 + 343 343 + if (isProtectedPath(path)) { 344 344 + s.send(403, "text/plain", ""); 345 345 + return; 346 346 + } 347 347 + 348 348 + if (!Storage.exists(path.c_str())) { 349 349 + s.send(404, "text/plain", ""); 350 350 + return; 351 351 + } 352 352 + 353 353 + FsFile file = Storage.open(path.c_str()); 354 354 + if (!file) { 355 355 + s.send(500, "text/plain", ""); 356 356 + return; 357 357 + } 358 358 + 359 359 + if (file.isDirectory()) { 360 360 + file.close(); 361 361 + s.send(200, "text/html", ""); 362 362 + return; 363 363 + } 364 364 + 365 365 + String contentType = getMimeType(path); 366 366 + s.setContentLength(file.size()); 367 367 + s.send(200, contentType.c_str(), ""); 368 368 + file.close(); 369 369 + } 370 370 + 371 371 + // ── PUT ────────────────────────────────────────────────────────────────────── 372 372 + 373 373 + void WebDAVHandler::handlePut(WebServer& s) { 374 374 + // Body was already received via canRaw/raw callbacks 375 375 + String path = getRequestPath(s); 376 376 + LOG_DBG("DAV", "PUT %s", path.c_str()); 377 377 + 378 378 + if (isProtectedPath(path)) { 379 379 + s.send(403, "text/plain", "Forbidden"); 380 380 + return; 381 381 + } 382 382 + 383 383 + if (!_putOk) { 384 384 + String tempPath = path + ".davtmp"; 385 385 + Storage.remove(tempPath.c_str()); 386 386 + s.send(500, "text/plain", "Write failed - incomplete upload or disk full"); 387 387 + return; 388 388 + } 389 389 + 390 390 + clearEpubCacheIfNeeded(path); 391 391 + s.send(_putExisted ? 204 : 201); 392 392 + LOG_DBG("DAV", "PUT complete: %s", path.c_str()); 393 393 + } 394 394 + 395 395 + // ── DELETE ─────────────────────────────────────────────────────────────────── 396 396 + 397 397 + void WebDAVHandler::handleDelete(WebServer& s) { 398 398 + String path = getRequestPath(s); 399 399 + LOG_DBG("DAV", "DELETE %s", path.c_str()); 400 400 + 401 401 + if (path == "/" || path.isEmpty()) { 402 402 + s.send(403, "text/plain", "Cannot delete root"); 403 403 + return; 404 404 + } 405 405 + 406 406 + if (isProtectedPath(path)) { 407 407 + s.send(403, "text/plain", "Forbidden"); 408 408 + return; 409 409 + } 410 410 + 411 411 + if (!Storage.exists(path.c_str())) { 412 412 + s.send(404, "text/plain", "Not Found"); 413 413 + return; 414 414 + } 415 415 + 416 416 + FsFile file = Storage.open(path.c_str()); 417 417 + if (!file) { 418 418 + s.send(500, "text/plain", "Failed to open"); 419 419 + return; 420 420 + } 421 421 + 422 422 + if (file.isDirectory()) { 423 423 + // Check if directory is empty 424 424 + FsFile entry = file.openNextFile(); 425 425 + if (entry) { 426 426 + entry.close(); 427 427 + file.close(); 428 428 + s.send(409, "text/plain", "Directory not empty"); 429 429 + return; 430 430 + } 431 431 + file.close(); 432 432 + if (Storage.rmdir(path.c_str())) { 433 433 + s.send(204); 434 434 + } else { 435 435 + s.send(500, "text/plain", "Failed to remove directory"); 436 436 + } 437 437 + } else { 438 438 + file.close(); 439 439 + clearEpubCacheIfNeeded(path); 440 440 + if (Storage.remove(path.c_str())) { 441 441 + s.send(204); 442 442 + } else { 443 443 + s.send(500, "text/plain", "Failed to delete file"); 444 444 + } 445 445 + } 446 446 + } 447 447 + 448 448 + // ── MKCOL ──────────────────────────────────────────────────────────────────── 449 449 + 450 450 + void WebDAVHandler::handleMkcol(WebServer& s) { 451 451 + String path = getRequestPath(s); 452 452 + LOG_DBG("DAV", "MKCOL %s", path.c_str()); 453 453 + 454 454 + if (isProtectedPath(path)) { 455 455 + s.send(403, "text/plain", "Forbidden"); 456 456 + return; 457 457 + } 458 458 + 459 459 + // MKCOL must not have a body (RFC 4918) 460 460 + if (s.clientContentLength() > 0) { 461 461 + s.send(415, "text/plain", "Unsupported Media Type"); 462 462 + return; 463 463 + } 464 464 + 465 465 + if (Storage.exists(path.c_str())) { 466 466 + s.send(405, "text/plain", "Already exists"); 467 467 + return; 468 468 + } 469 469 + 470 470 + // Check parent exists 471 471 + int lastSlash = path.lastIndexOf('/'); 472 472 + if (lastSlash > 0) { 473 473 + String parentPath = path.substring(0, lastSlash); 474 474 + if (!parentPath.isEmpty() && !Storage.exists(parentPath.c_str())) { 475 475 + s.send(409, "text/plain", "Parent directory does not exist"); 476 476 + return; 477 477 + } 478 478 + } 479 479 + 480 480 + if (Storage.mkdir(path.c_str())) { 481 481 + s.send(201); 482 482 + LOG_DBG("DAV", "Created directory: %s", path.c_str()); 483 483 + } else { 484 484 + s.send(500, "text/plain", "Failed to create directory"); 485 485 + } 486 486 + } 487 487 + 488 488 + // ── MOVE ───────────────────────────────────────────────────────────────────── 489 489 + 490 490 + void WebDAVHandler::handleMove(WebServer& s) { 491 491 + String srcPath = getRequestPath(s); 492 492 + String dstPath = getDestinationPath(s); 493 493 + bool overwrite = getOverwrite(s); 494 494 + 495 495 + LOG_DBG("DAV", "MOVE %s -> %s (overwrite=%d)", srcPath.c_str(), dstPath.c_str(), overwrite); 496 496 + 497 497 + if (srcPath == "/" || srcPath.isEmpty()) { 498 498 + s.send(403, "text/plain", "Cannot move root"); 499 499 + return; 500 500 + } 501 501 + 502 502 + if (isProtectedPath(srcPath) || isProtectedPath(dstPath)) { 503 503 + s.send(403, "text/plain", "Forbidden"); 504 504 + return; 505 505 + } 506 506 + 507 507 + if (dstPath.isEmpty()) { 508 508 + s.send(400, "text/plain", "Missing Destination header"); 509 509 + return; 510 510 + } 511 511 + 512 512 + if (srcPath == dstPath) { 513 513 + s.send(204); 514 514 + return; 515 515 + } 516 516 + 517 517 + if (!Storage.exists(srcPath.c_str())) { 518 518 + s.send(404, "text/plain", "Source not found"); 519 519 + return; 520 520 + } 521 521 + 522 522 + // Check destination parent exists 523 523 + int lastSlash = dstPath.lastIndexOf('/'); 524 524 + if (lastSlash > 0) { 525 525 + String parentPath = dstPath.substring(0, lastSlash); 526 526 + if (!parentPath.isEmpty() && !Storage.exists(parentPath.c_str())) { 527 527 + s.send(409, "text/plain", "Destination parent does not exist"); 528 528 + return; 529 529 + } 530 530 + } 531 531 + 532 532 + bool dstExists = Storage.exists(dstPath.c_str()); 533 533 + if (dstExists && !overwrite) { 534 534 + s.send(412, "text/plain", "Destination exists and Overwrite is F"); 535 535 + return; 536 536 + } 537 537 + 538 538 + if (dstExists) { 539 539 + Storage.remove(dstPath.c_str()); 540 540 + } 541 541 + 542 542 + FsFile file = Storage.open(srcPath.c_str()); 543 543 + if (!file) { 544 544 + s.send(500, "text/plain", "Failed to open source"); 545 545 + return; 546 546 + } 547 547 + 548 548 + clearEpubCacheIfNeeded(srcPath); 549 549 + bool success = file.rename(dstPath.c_str()); 550 550 + file.close(); 551 551 + 552 552 + if (success) { 553 553 + s.send(dstExists ? 204 : 201); 554 554 + } else { 555 555 + s.send(500, "text/plain", "Move failed"); 556 556 + } 557 557 + } 558 558 + 559 559 + // ── COPY ───────────────────────────────────────────────────────────────────── 560 560 + 561 561 + void WebDAVHandler::handleCopy(WebServer& s) { 562 562 + String srcPath = getRequestPath(s); 563 563 + String dstPath = getDestinationPath(s); 564 564 + bool overwrite = getOverwrite(s); 565 565 + 566 566 + LOG_DBG("DAV", "COPY %s -> %s (overwrite=%d)", srcPath.c_str(), dstPath.c_str(), overwrite); 567 567 + 568 568 + if (isProtectedPath(srcPath) || isProtectedPath(dstPath)) { 569 569 + s.send(403, "text/plain", "Forbidden"); 570 570 + return; 571 571 + } 572 572 + 573 573 + if (dstPath.isEmpty()) { 574 574 + s.send(400, "text/plain", "Missing Destination header"); 575 575 + return; 576 576 + } 577 577 + 578 578 + if (srcPath == dstPath) { 579 579 + s.send(204); 580 580 + return; 581 581 + } 582 582 + 583 583 + if (!Storage.exists(srcPath.c_str())) { 584 584 + s.send(404, "text/plain", "Source not found"); 585 585 + return; 586 586 + } 587 587 + 588 588 + FsFile srcFile = Storage.open(srcPath.c_str()); 589 589 + if (!srcFile) { 590 590 + s.send(500, "text/plain", "Failed to open source"); 591 591 + return; 592 592 + } 593 593 + 594 594 + if (srcFile.isDirectory()) { 595 595 + srcFile.close(); 596 596 + s.send(403, "text/plain", "Cannot copy directories"); 597 597 + return; 598 598 + } 599 599 + 600 600 + // Check destination parent exists 601 601 + int lastSlash = dstPath.lastIndexOf('/'); 602 602 + if (lastSlash > 0) { 603 603 + String parentPath = dstPath.substring(0, lastSlash); 604 604 + if (!parentPath.isEmpty() && !Storage.exists(parentPath.c_str())) { 605 605 + srcFile.close(); 606 606 + s.send(409, "text/plain", "Destination parent does not exist"); 607 607 + return; 608 608 + } 609 609 + } 610 610 + 611 611 + bool dstExists = Storage.exists(dstPath.c_str()); 612 612 + if (dstExists && !overwrite) { 613 613 + srcFile.close(); 614 614 + s.send(412, "text/plain", "Destination exists and Overwrite is F"); 615 615 + return; 616 616 + } 617 617 + 618 618 + if (dstExists) { 619 619 + Storage.remove(dstPath.c_str()); 620 620 + } 621 621 + 622 622 + FsFile dstFile; 623 623 + if (!Storage.openFileForWrite("DAV", dstPath, dstFile)) { 624 624 + srcFile.close(); 625 625 + s.send(500, "text/plain", "Failed to create destination"); 626 626 + return; 627 627 + } 628 628 + 629 629 + // Streaming copy with 4KB buffer on stack 630 630 + uint8_t buf[4096]; 631 631 + bool copyOk = true; 632 632 + while (srcFile.available()) { 633 633 + esp_task_wdt_reset(); 634 634 + int bytesRead = srcFile.read(buf, sizeof(buf)); 635 635 + if (bytesRead <= 0) break; 636 636 + size_t written = dstFile.write(buf, bytesRead); 637 637 + if (written != (size_t)bytesRead) { 638 638 + copyOk = false; 639 639 + break; 640 640 + } 641 641 + } 642 642 + 643 643 + srcFile.close(); 644 644 + dstFile.close(); 645 645 + 646 646 + if (copyOk) { 647 647 + s.send(dstExists ? 204 : 201); 648 648 + } else { 649 649 + Storage.remove(dstPath.c_str()); 650 650 + s.send(500, "text/plain", "Copy failed - disk full?"); 651 651 + } 652 652 + } 653 653 + 654 654 + // ── LOCK / UNLOCK (dummy for client compatibility) ─────────────────────────── 655 655 + 656 656 + void WebDAVHandler::handleLock(WebServer& s) { 657 657 + String path = getRequestPath(s); 658 658 + LOG_DBG("DAV", "LOCK %s (dummy)", path.c_str()); 659 659 + 660 660 + // Return a dummy lock token for client compatibility 661 661 + String xml = 662 662 + "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" 663 663 + "<D:prop xmlns:D=\"DAV:\">\n" 664 664 + "<D:lockdiscovery><D:activelock>\n" 665 665 + "<D:locktype><D:write/></D:locktype>\n" 666 666 + "<D:lockscope><D:exclusive/></D:lockscope>\n" 667 667 + "<D:depth>infinity</D:depth>\n" 668 668 + "<D:owner><D:href>crosspoint</D:href></D:owner>\n" 669 669 + "<D:timeout>Second-3600</D:timeout>\n" 670 670 + "<D:locktoken><D:href>urn:uuid:dummy-lock-token</D:href></D:locktoken>\n" 671 671 + "<D:lockroot><D:href>/</D:href></D:lockroot>\n" 672 672 + "</D:activelock></D:lockdiscovery>\n" 673 673 + "</D:prop>\n"; 674 674 + 675 675 + s.sendHeader("Lock-Token", "<urn:uuid:dummy-lock-token>"); 676 676 + s.send(200, "application/xml; charset=\"utf-8\"", xml); 677 677 + } 678 678 + 679 679 + void WebDAVHandler::handleUnlock(WebServer& s) { 680 680 + LOG_DBG("DAV", "UNLOCK %s (dummy)", s.uri().c_str()); 681 681 + s.send(204); 682 682 + } 683 683 + 684 684 + // ── Utility functions ──────────────────────────────────────────────────────── 685 685 + 686 686 + String WebDAVHandler::getRequestPath(WebServer& s) const { 687 687 + String uri = s.uri(); 688 688 + String decoded = WebServer::urlDecode(uri); 689 689 + 690 690 + // Normalize using FsHelpers 691 691 + std::string normalized = FsHelpers::normalisePath(decoded.c_str()); 692 692 + String result = normalized.c_str(); 693 693 + 694 694 + if (result.isEmpty()) return "/"; 695 695 + if (!result.startsWith("/")) result = "/" + result; 696 696 + 697 697 + // Remove trailing slash unless root 698 698 + if (result.length() > 1 && result.endsWith("/")) { 699 699 + result = result.substring(0, result.length() - 1); 700 700 + } 701 701 + 702 702 + return result; 703 703 + } 704 704 + 705 705 + String WebDAVHandler::getDestinationPath(WebServer& s) const { 706 706 + String dest = s.header("Destination"); 707 707 + if (dest.isEmpty()) return ""; 708 708 + 709 709 + // Extract path from full URL: http://host/path -> /path 710 710 + // Find the third slash (after http://) 711 711 + int schemeEnd = dest.indexOf("://"); 712 712 + if (schemeEnd >= 0) { 713 713 + int pathStart = dest.indexOf('/', schemeEnd + 3); 714 714 + if (pathStart >= 0) { 715 715 + dest = dest.substring(pathStart); 716 716 + } else { 717 717 + dest = "/"; 718 718 + } 719 719 + } 720 720 + 721 721 + String decoded = WebServer::urlDecode(dest); 722 722 + std::string normalized = FsHelpers::normalisePath(decoded.c_str()); 723 723 + String result = normalized.c_str(); 724 724 + 725 725 + if (result.isEmpty()) return "/"; 726 726 + if (!result.startsWith("/")) result = "/" + result; 727 727 + 728 728 + // Remove trailing slash unless root 729 729 + if (result.length() > 1 && result.endsWith("/")) { 730 730 + result = result.substring(0, result.length() - 1); 731 731 + } 732 732 + 733 733 + return result; 734 734 + } 735 735 + 736 736 + void WebDAVHandler::urlEncodePath(const String& path, String& out) const { 737 737 + out = ""; 738 738 + for (unsigned int i = 0; i < path.length(); i++) { 739 739 + char c = path.charAt(i); 740 740 + if (c == '/') { 741 741 + out += '/'; 742 742 + } else if (c == ' ') { 743 743 + out += "%20"; 744 744 + } else if (c == '%') { 745 745 + out += "%25"; 746 746 + } else if (c == '#') { 747 747 + out += "%23"; 748 748 + } else if (c == '?') { 749 749 + out += "%3F"; 750 750 + } else if (c == '&') { 751 751 + out += "%26"; 752 752 + } else if ((uint8_t)c > 127) { 753 753 + // Encode non-ASCII bytes 754 754 + char hex[4]; 755 755 + snprintf(hex, sizeof(hex), "%%%02X", (uint8_t)c); 756 756 + out += hex; 757 757 + } else { 758 758 + out += c; 759 759 + } 760 760 + } 761 761 + } 762 762 + 763 763 + bool WebDAVHandler::isProtectedPath(const String& path) const { 764 764 + // Check every segment of the path, not just the last one. 765 765 + // This prevents access to e.g. /.hidden/somefile or /System Volume Information/foo 766 766 + int start = 0; 767 767 + while (start < (int)path.length()) { 768 768 + if (path.charAt(start) == '/') { 769 769 + start++; 770 770 + continue; 771 771 + } 772 772 + int end = path.indexOf('/', start); 773 773 + if (end == -1) end = path.length(); 774 774 + 775 775 + String segment = path.substring(start, end); 776 776 + 777 777 + if (segment.startsWith(".")) return true; 778 778 + 779 779 + for (size_t i = 0; i < HIDDEN_ITEMS_COUNT; i++) { 780 780 + if (segment.equals(HIDDEN_ITEMS[i])) return true; 781 781 + } 782 782 + 783 783 + start = end + 1; 784 784 + } 785 785 + 786 786 + return false; 787 787 + } 788 788 + 789 789 + int WebDAVHandler::getDepth(WebServer& s) const { 790 790 + String depth = s.header("Depth"); 791 791 + if (depth == "0") return 0; 792 792 + if (depth == "1") return 1; 793 793 + // "infinity" or missing → treat as 1 (Class 1 servers don't need to support infinity) 794 794 + return 1; 795 795 + } 796 796 + 797 797 + bool WebDAVHandler::getOverwrite(WebServer& s) const { 798 798 + String ow = s.header("Overwrite"); 799 799 + if (ow == "F" || ow == "f") return false; 800 800 + return true; // Default is T 801 801 + } 802 802 + 803 803 + void WebDAVHandler::clearEpubCacheIfNeeded(const String& path) const { 804 804 + if (StringUtils::checkFileExtension(path, ".epub")) { 805 805 + Epub(path.c_str(), "/.crosspoint").clearCache(); 806 806 + LOG_DBG("DAV", "Cleared epub cache for: %s", path.c_str()); 807 807 + } 808 808 + } 809 809 + 810 810 + String WebDAVHandler::getMimeType(const String& path) const { 811 811 + if (StringUtils::checkFileExtension(path, ".epub")) return "application/epub+zip"; 812 812 + if (StringUtils::checkFileExtension(path, ".pdf")) return "application/pdf"; 813 813 + if (StringUtils::checkFileExtension(path, ".txt")) return "text/plain"; 814 814 + if (StringUtils::checkFileExtension(path, ".html") || StringUtils::checkFileExtension(path, ".htm")) 815 815 + return "text/html"; 816 816 + if (StringUtils::checkFileExtension(path, ".css")) return "text/css"; 817 817 + if (StringUtils::checkFileExtension(path, ".js")) return "application/javascript"; 818 818 + if (StringUtils::checkFileExtension(path, ".json")) return "application/json"; 819 819 + if (StringUtils::checkFileExtension(path, ".xml")) return "application/xml"; 820 820 + if (StringUtils::checkFileExtension(path, ".jpg") || StringUtils::checkFileExtension(path, ".jpeg")) 821 821 + return "image/jpeg"; 822 822 + if (StringUtils::checkFileExtension(path, ".png")) return "image/png"; 823 823 + if (StringUtils::checkFileExtension(path, ".gif")) return "image/gif"; 824 824 + if (StringUtils::checkFileExtension(path, ".svg")) return "image/svg+xml"; 825 825 + if (StringUtils::checkFileExtension(path, ".zip")) return "application/zip"; 826 826 + if (StringUtils::checkFileExtension(path, ".gz")) return "application/gzip"; 827 827 + return "application/octet-stream"; 828 828 + }

+44

src/network/WebDAVHandler.h

reviewed

··· 1 1 + #pragma once 2 2 + 3 3 + #include <HalStorage.h> 4 4 + #include <WebServer.h> 5 5 + 6 6 + class WebDAVHandler : public RequestHandler { 7 7 + public: 8 8 + // RequestHandler interface 9 9 + bool canHandle(WebServer& server, HTTPMethod method, const String& uri) override; 10 10 + bool canRaw(WebServer& server, const String& uri) override; 11 11 + void raw(WebServer& server, const String& uri, HTTPRaw& raw) override; 12 12 + bool handle(WebServer& server, HTTPMethod method, const String& uri) override; 13 13 + 14 14 + private: 15 15 + // PUT streaming state (raw() is called in chunks) 16 16 + FsFile _putFile; 17 17 + String _putPath; 18 18 + bool _putOk = false; 19 19 + bool _putExisted = false; 20 20 + 21 21 + // WebDAV method handlers 22 22 + void handleOptions(WebServer& s); 23 23 + void handlePropfind(WebServer& s); 24 24 + void handleGet(WebServer& s); 25 25 + void handleHead(WebServer& s); 26 26 + void handlePut(WebServer& s); 27 27 + void handleDelete(WebServer& s); 28 28 + void handleMkcol(WebServer& s); 29 29 + void handleMove(WebServer& s); 30 30 + void handleCopy(WebServer& s); 31 31 + void handleLock(WebServer& s); 32 32 + void handleUnlock(WebServer& s); 33 33 + 34 34 + // Utilities 35 35 + String getRequestPath(WebServer& s) const; 36 36 + String getDestinationPath(WebServer& s) const; 37 37 + void urlEncodePath(const String& path, String& out) const; 38 38 + bool isProtectedPath(const String& path) const; 39 39 + int getDepth(WebServer& s) const; 40 40 + bool getOverwrite(WebServer& s) const; 41 41 + void clearEpubCacheIfNeeded(const String& path) const; 42 42 + void sendPropEntry(WebServer& s, const String& href, bool isDir, size_t size, const String& lastModified) const; 43 43 + String getMimeType(const String& path) const; 44 44 + };