Difference between revisions of "Wii Web Server"

From WiiBrew
Jump to: navigation, search
(Bug fixing)
(Bug fixing)
Line 211: Line 211:
  
 
If anyone has an idea then a patch (not in a .patch file) could be submitted to me by any means !!!<br>
 
If anyone has an idea then a patch (not in a .patch file) could be submitted to me by any means !!!<br>
Preferebly @ [[cboomf@users.sourceforge.net]]
+
Preferebly @ [mailto:cboomf@users.sourceforge.net cboomf@users.sourceforge.net]
  
 
{| class="wikitable sortable" style="margin: 1em auto 1em auto"
 
{| class="wikitable sortable" style="margin: 1em auto 1em auto"

Revision as of 16:10, 9 August 2008

Template:Infobox homebrewapp

Dev time: 68 Hours

HBC

Icon Designer
WiiWeb.png Twilt
Icon WebServer.png Vibestar
Lines WiiWebServer.png Lines

meta.xml Example

File:Wiiwebserver.zip - ZIP containing the meta.xml for alpha v0.73 and an icon.png

README

Boot using normal methods *cough* HBC *cough*. Once running, will run itself. To quit, type "//quit" at the end of the web-address, so - "192.168.0.X//quit", will now return to HBC.
NOTE : In version alpha v0.74 onwards, the //quit now requires you to press A on the wiimote to allow
This stops any random user from shutting down the server.
NOTE : In version alpha v0.76 onwards, the //quit can new be followed by ? then your password if specified
An example is //quit?putyourpasswordhere
An example of the XML file to place on you SD card in /data/settings/wiiweb.xml is (also uploaded to sourceforge)

<?xml version="1.0"?>
<settings password="putyourpasswordhere">
</settings>

If no wiiweb.xml is found then the old method of using the wiimote can still be used.

Place your html files in /data/web/ on the root of your sd card, must be inserted before the app is loaded. Use data.zip for demo files.

In verions alpha v0.81 onwards, in the xml (link below) a custom error page can be specified by

<?xml version="1.0"?>
<settings password="putyourpasswordhere"
404="/four04.html"
500="/five00.html"
denied="/denied.html">
</settings>

If no file is needed just put "nofile" in the place of the file path

There is no directory listing and your homepage must be called "index.html"

Changelog

Version Changes
alpha v0.81

wiiweb.xml v b3

Uses new wiiweb.xml which causes less crashes

and //quit?password works 99% of the time.
Various bug fixes from the table below

alpha v0.8

wiiweb.xml v b2

Added threading support and management

SD code tweaks

alpha v0.77

wiiweb.xml v b2

Added custom 404 error page

Added custom 500 error page
Added custom denied error page
More //quit security checks
Solved two stability issues Uses the new wiiweb.xml

alpha v0.76

wiiweb.xml v b1

Added the option of a custom password to shut

the server remotely using //quit?password (see README)
Removed /img (old)

alpha v0.75 Removed /tux and /yak.jpg (old and deprecated)

Minor speed improvements
Date and time in the header

alpha v0.74 When //quit is requested it has to be approved by pressing A or B

Slightly shortened the time it takes to be ready after each request
Bugfixes

alpha v0.73 Security bugfixes

Added "HEAD" method support
Added space in file name support
Fixed disallowance of ../ or ./ for security
Added .bin file support
Sends server version in header

alpha v0.72 Bugfixes
alpha v0.71 Adds .wmv support

Added error 500 for server errors

alpha v0.7 Doesn't exception out when a file or page cannot be found

Will now serve a "404 Page not found" page

alpha v0.62 Fixed the infinite recursion
alpha v0.61 Removed the /a and the old testpages since they are no longer needed.

Smaller code.

alpha v0.6 Can now send any file size (thanks to joedj's ftpii write_exact function)

Ditched GRRLib to make the server smaller in size
Cleaned up the sources

alpha v0.5 Can now load any file type (those listed below) from FrontSD
alpha v0.4 Front SD html only, loading support XD (finally !!)
alpha v0.31 Favicon added
alpha v0.3 Added wiimote support

Added image support
Added /img image test link

alpha v0.24b Bug fixes for 0.24a

//a is now back to /a, but //quit is still there for other reasons

alpha v0.24a Fixed the main page hyperlink to //a
alpha v0.24 Changed /a to //a and /quit to //quit to avoid conflicts

Request parser rewritten, now quicker and more streamlined

alpha v0.23 Now doesn't have to restart the server to serve more than one page
(i.e pressing B then A)

Quitting the server is from a server path of "/quit"

alpha v0.22 Handles links
alpha v0.21 Now detects the HTTP/1.x version as requested by the browser
alpha v0.2 Now serves a built in test page

No longer needs telnet
Forced use of HTTP/1.1

alpha v0.11 Serves html to telnet (lack of http headers)

Can accept multiple connections (not at once)

alpha v0.1 Added Gamecube control menu control

Added GRRLIB logo
Added return to loader
Opens port 80
Opens a socket and allows for connection
Accepts connection on open socket at port 80

Version Changes
Beta 3 Only use on alpha v0.81 +

Reduces errors

Beta 2 First uploaded version

Added custom error pages paths

Bug fixing

Please post new bugs on the talk page instead of here :-)

For anymore bugs, they should only be posted if :-

  • They are security related
  • They affect usage

If anyone has an idea then a patch (not in a .patch file) could be submitted to me by any means !!!
Preferebly @ cboomf@users.sourceforge.net

Bug Status How Fixed Priority
Directory traversal vulnerabilities allows people to

sneak out of the web root. Ops, now people can "borrow"
all those "borrowed" games you also happen to have on the
sd-card. (evidence needed)

Done Now blocks all ./ and ../ in path names High
Fixing of folders to index.html is hardcoded and not

heuristic and will fail for sub-directories.

Waiting Low
500 pages uses 404 lengths Done Changed _404_html_size to _500_html_size Medium
Indention issues, try just writing it like "else if"

and don't add any extra indention, it keeps the indention
level sane when having a lot of conditions.

Done Changed to else if Low
Directories without an ending / is not redirected to

the same url, but with a slash

Waiting Medium
Request specific info is stored in globals

(not safe for multi threading in the future)

Done used same idea as wiihttpd High
Exact server version is not in the http reply headers Done Made the server version a variable and attatched it Low
Date header is hardcoded to the past. Done Added time.h and worked out the date Low
'?'s in URLs are not used properly as argument passers

(eg http://wiihostedexamplesite.com/index.html?a=b gives a 404
when it should pass the a=b paramater onto the page)

Done strtok(path, "?"); Medium
If it gets a reading error (ie you remove the SD card) it should display error 500, rather than displaying an error only on the Wii itself then dumping back to HBC, causing the PC to timeout and the server to go down. Although that could be a problem since it might need to read error 500 off the SD card with the new custom error feature, it could be avoided by loading that error into RAM at the start as long as it isn't too big (in which case it should error at start and refuse to run). Done instead of exiting will show the built-in error 500 page

having issues with loading it into ram for long times

Low

File types

The following file types have proper mime types associated with them.

arj asf avi bin bmp c css doc exe gif
gtar gz h htm html ico java jpe jpeg jpg
js m3u mid midi mod mp2 mp3 mpa mpe mpeg
mpg mpp mpv2 mp3 mov pdf png pps ppt qt
ra ram rar rtf rtx svg swf tar tif tiff
txt tgz torrent txt wav wmv xls xla xlc xlm
xls xlt xlw zip

"Lump of fun"

Everynow and then, a special release of the wii web server will be released that contains a hidden "lump of fun". Result can be posted on the talk page under "Lump of fun". Who will be the first to screendump it, evidence must be a full screendump or it will be discounted.

The first - "find the sucking lump of fun"

alpha v0.3a

Credits

Cboomf - Main code
Felix123 - SD card code
Teknecal - Threading basis, %20 handling, HEAD method routine, time in headers
Joedj - the write_exact function from ftpii
Muzer - pre-release testing
Henke37 - advise and help

Twiizers - starting the ball rolling