diff --git a/gns3server/handlers/index_handler.py b/gns3server/handlers/index_handler.py
index 082e13ba..7c674cef 100644
--- a/gns3server/handlers/index_handler.py
+++ b/gns3server/handlers/index_handler.py
@@ -14,12 +14,15 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
+import os
+import aiohttp
from gns3server.web.route import Route
from gns3server.controller import Controller
from gns3server.compute.port_manager import PortManager
from gns3server.compute.project_manager import ProjectManager
from gns3server.version import __version__
+from gns3server.utils.static import get_static_path
class IndexHandler:
@@ -64,6 +67,29 @@ class IndexHandler:
response.template("project.html",
project=controller.get_project(request.match_info["project_id"]))
+ @Route.get(
+ r"/static/{filename:.+}",
+ parameters={
+ "filename": "Static filename"
+ },
+ status_codes={
+ 200: "Static file returned",
+ 404: "Static cannot be found",
+ },
+ raw=True,
+ description="Get static resource")
+ def static(request, response):
+ filename = request.match_info["filename"]
+ filename = os.path.normpath(filename).strip("/")
+
+ # Raise error if user try to escape
+ if filename[0] == ".":
+ raise aiohttp.web.HTTPForbidden()
+
+ static = get_static_path(filename)
+
+ yield from response.file(static)
+
@Route.get(
r"/v1/version",
description="Old 1.0 API"
diff --git a/gns3server/static/.gitkeep b/gns3server/static/.gitkeep
new file mode 100644
index 00000000..e69de29b
diff --git a/gns3server/static/nested/nested.txt b/gns3server/static/nested/nested.txt
new file mode 100644
index 00000000..e69de29b
diff --git a/gns3server/utils/static.py b/gns3server/utils/static.py
new file mode 100644
index 00000000..83e1bc40
--- /dev/null
+++ b/gns3server/utils/static.py
@@ -0,0 +1,29 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2018 GNS3 Technologies Inc.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+
+import os
+
+
+def get_static_path(filename):
+ """
+ Returns full static path for given filename
+ :param filename: relative filename
+ :return: absolute path
+ """
+ current_dir = os.path.dirname(os.path.abspath(__file__))
+ static_directory = os.path.abspath(os.path.join(current_dir, '..', 'static'))
+ return os.path.join(static_directory, filename)
diff --git a/gns3server/web/response.py b/gns3server/web/response.py
index f2a77529..0367c60b 100644
--- a/gns3server/web/response.py
+++ b/gns3server/web/response.py
@@ -117,6 +117,9 @@ class Response(aiohttp.web.Response):
"""
Return a file as a response
"""
+ if not os.path.exists(path):
+ raise aiohttp.web.HTTPNotFound()
+
ct, encoding = mimetypes.guess_type(path)
if not ct:
ct = 'application/octet-stream'
diff --git a/scripts/update-bundled-web-ui.sh b/scripts/update-bundled-web-ui.sh
new file mode 100644
index 00000000..2a7f5467
--- /dev/null
+++ b/scripts/update-bundled-web-ui.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+rm gns3server/appliances/*
+rmdir gns3server/appliances
+rm -Rf /tmp/gns3-registry
+
+git clone https://github.com/GNS3/gns3-registry.git /tmp/gns3-registry
+mv /tmp/gns3-registry/appliances gns3server/appliances
+
+git add .
+git commit -m "Sync appliances"
\ No newline at end of file
diff --git a/tests/handlers/test_index.py b/tests/handlers/test_index.py
index 385940f0..9f42a8c6 100644
--- a/tests/handlers/test_index.py
+++ b/tests/handlers/test_index.py
@@ -15,13 +15,12 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-
-import aiohttp
import os
-from unittest.mock import patch
+
from gns3server.version import __version__
from gns3server.controller import Controller
+from gns3server.utils.static import get_static_path
def test_index(http_root):
@@ -50,6 +49,20 @@ def test_project(http_root, async_run):
assert response.status == 200
+def test_static(http_root, tmpdir):
+ tmpfile = get_static_path('testing.txt')
+ with open(tmpfile, 'w+') as f:
+ f.write('world')
+ response = http_root.get('/static/testing.txt')
+ assert response.status == 200
+ os.remove(tmpfile)
+
+
+def test_static_not_found(http_root, tmpdir):
+ response = http_root.get('/static/not-found.txt')
+ assert response.status == 404
+
+
def test_v1(http_root):
"""
The old api v1 raise a 429
diff --git a/tests/utils/test_path.py b/tests/utils/test_path.py
index c0b1c3c3..8cf6ce57 100644
--- a/tests/utils/test_path.py
+++ b/tests/utils/test_path.py
@@ -21,7 +21,6 @@ import aiohttp
from gns3server.utils.path import check_path_allowed, get_default_project_directory
-from gns3server.utils import force_unix_path
def test_check_path_allowed(config, tmpdir):
diff --git a/tests/utils/test_static.py b/tests/utils/test_static.py
new file mode 100644
index 00000000..0174275c
--- /dev/null
+++ b/tests/utils/test_static.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2018 GNS3 Technologies Inc.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+
+from gns3server.utils.static import get_static_path
+
+
+def test_get_static_path():
+ assert get_static_path('test').endswith('gns3server/static/test')
diff --git a/tests/web/test_response.py b/tests/web/test_response.py
new file mode 100644
index 00000000..ad3c2361
--- /dev/null
+++ b/tests/web/test_response.py
@@ -0,0 +1,44 @@
+# -*- coding: utf-8 -*-
+#
+# Copyright (C) 2018 GNS3 Technologies Inc.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+
+import pytest
+
+from unittest.mock import MagicMock
+from aiohttp.web import HTTPNotFound
+
+from gns3server.web.response import Response
+
+
+@pytest.fixture()
+def response():
+ request = MagicMock()
+ return Response(request=request)
+
+
+def test_response_file(async_run, tmpdir, response):
+ filename = str(tmpdir / 'hello')
+ with open(filename, 'w+') as f:
+ f.write('world')
+
+ async_run(response.file(filename))
+ assert response.status == 200
+
+
+def test_response_file_not_found(async_run, tmpdir, response):
+ filename = str(tmpdir / 'hello-not-found')
+
+ pytest.raises(HTTPNotFound, lambda: async_run(response.file(filename)))