1
0
mirror of https://github.com/actix/actix-website synced 2024-11-27 18:12:57 +01:00
actix-website/docs/static-files.md
Jonas Fassbender 9827030543
Added warning message for using regex tail matching with PathBuf and NamedFile (#317)
* warning message for using regex tail matching with PathBuf and NamedFile

* updated links and enhanced their formatting

* small grammar fix
2023-03-04 00:56:14 +00:00

2.3 KiB

title
Static Files

import CodeBlock from "@site/src/components/code_block.js";

Individual file

It is possible to serve static files with a custom path pattern and NamedFile. To match a path tail, we can use a [.*] regex.

:::warning Matching a path tail with the [.*] regex and using it to return a NamedFile has serious security implications. It offers the possibility for an attacker to insert ../ into the URL and access every file on the host that the user running the server has access to. :::

Directory

To serve files from specific directories and sub-directories, Files can be used. Files must be registered with an App::service() method, otherwise it will be unable to serve sub-paths.

By default files listing for sub-directories is disabled. Attempt to load directory listing will return 404 Not Found response. To enable files listing, use Files::show_files_listing() method.

Instead of showing files listing for a directory, it is possible to redirect to a specific index file. Use the Files::index_file() method to configure this redirect.

Configuration

NamedFiles can specify various options for serving files:

  • set_content_disposition - function to be used for mapping file's mime to corresponding Content-Disposition type
  • use_etag - specifies whether ETag shall be calculated and included in headers.
  • use_last_modified - specifies whether file modified timestamp should be used and added to Last-Modified header.

All of the above methods are optional and provided with the best defaults, But it is possible to customize any of them.

The Configuration can also be applied to directory service: