source: project/wiki/spiffy @ 9179

Last change on this file since 9179 was 9179, checked in by svnwiki, 12 years ago

Changes applied for rlpowell (64.241.242.18) through svnwiki:

It wasn't obvious *to me*.

File size: 32.7 KB
Line 
1[[tags: egg]]
2
3== Spiffy
4
5[[toc:]]
6
7=== Description
8
9A small web-server written in [[http://www.call-with-current-continuation.org|Chicken]].
10
11=== Author
12
13[[Felix Winkelmann]].  Currently maintained by [[Peter Bex]].
14
15=== Requirements
16Requires the [[http]] and [[sendfile]] extensions.
17
18=== Download
19[[http://www.call-with-current-continuation.org/eggs/spiffy.egg|spiffy.egg]]
20
21=== Documentation
22
23Spiffy is a simple web-server for the Chicken Scheme system. It's
24quite easy to set up and use and it can be customized in numerous
25ways.
26
27Note that only very basic functionality is provided, there is no
28support for encoding styles.
29
30 (start-server location: [string: host name] init: [procedure])
31
32Starts the web server. The arguments provided default as follows:
33
34<enscript highlight=scheme>
35  (start-server location: (get-host-name)
36                init: noop)
37</enscript>
38
39The {{location}} argument is directly passed on to {{http:make-server}}.
40The {{init}} argument should be a procedure of zero arguments.
41This procedure will be called after setting up the connection and changing the user ID.
42Any other configuration is done via standard SRFI-39 parameters.  See the next section
43for configuration options.
44
45Note that there is currently no way of terminating the server manually; you have to terminate the whole process.
46
47=== Server configuration
48
49The following SRFI-39 parameters determine configuration of Spiffy.  To save you the trouble of reading SRFI-39, you read this by treating them as regular variables, and set them by treating them as functions of one argument, i.e. (spiffy-tcp-port "8080").
50
51; spiffy-tcp-port (integer) : The port (as in the {{--port}} option). Default: 8080
52
53; spiffy-debug-mode (boolean) : Whether debugging information should be printed. Default: {{#f}}
54
55; spiffy-access-log (string or port) : Filename (string) or port to append access log output to.  Default: {{#f}} (disabled)
56
57; spiffy-error-log (string or port) : Filename (string) or port which error messages from evaluated code should be output. Default: {{(current-error-port)}}
58
59; spiffy-server-name (string) : The name of the server as given in HTTP responses. Default: {{(Silly)}}
60
61; spiffy-accept-incoming-host (string) : If given, restricts incoming requests to this hostname. Default: {{#f}}
62
63; spiffy-user-name (string) : If given, changes to given user after setting up listening port. Default: {{#f}}
64
65; spiffy-root-path (string) : The path containing the served files. Default: {{./web}}
66
67; spiffy-access-denied? (lambda) : A procedure of two arguments that returns #t if access is to be denied.  The arguments are the path and filename which is to be served. The procedure is invoked on every step along the way of going from spiffy-root-path up to the actual file.  Defaults to a procedure which checks if the file is a dotfile, has the {{.sspx}} extension or the path includes {{..}} or {{~}}.
68
69; spiffy-vhost-map (alist of string<->lambda pairs)  : Maps hosts to lambdas of virtual servers.  See the section "Virtual hosts" below.  Default: {{#f}}
70
71; spiffy-index-pages (list of strings) : List of filenames that should be tried in case a request references a directory. Default: {{'("index.html" "index.ssp" "index.ws")}}
72
73; spiffy-file-type-map (alist of string <-> symbol pairs) : Maps file-extensions to MIME types. Default:
74
75<enscript highlight=scheme>
76 '(("txt" . text/plain)
77   ("xml" . text/xml)
78   ("xul" . application/vnd.mozilla.xul+xml)
79   ("htm" . text/html)
80   ("html" . text/html)
81   ("pdf" . application/pdf)
82   ("css" . text/css)
83   ("bmp" . image/bmp)
84   ("ico" . image/x-icon)
85   ("gif" . image/gif)
86   ("jpg" . image/jpeg)
87   ("jpeg" . image/jpeg)
88   ("png" . image/png))
89</enscript>
90
91; spiffy-default-mime-type (symbol) : The default mime type used if the extension of the file was not found in {{spiffy-file-type-map}}. Default: {{application/octet-stream}}
92
93; spiffy-read-block-size (integer) : The size of chunks in which files should be loaded and transferred to the client. Default: {{100000}}
94
95; spiffy-cache-limit (integer) : The maximum size of the cache for static file-based resources. Default: {{0}}
96
97; spiffy-access-file (filename) : The name of directory-local access-permission files. Default: {{#f}}
98
99; spiffy-config-file (filename) : The name of the configuration file to load at startup. Default: {{#f}}
100
101; spiffy-handle-directory (lambda) : A procedure that accepts one parameter (the requested path), which gets invoked when a directory which has no index-file is requested.  Default: a lambda which returns a {{403 Forbidden}} status.
102
103; spiffy-not-found-handler (lambda) : A procedure of zero parameters that will handle all requests for files that were not found.  Default: A lambda which calls the previous {{http:fallback-handler}} (returns a 404 status).
104
105; spiffy-error-css (string) : The CSS to be used on error pages.
106
107; spiffy-exception-handler (lambda) : A procedure of one argument (the exception) that gets invoked to produce an error page when an exception is raised.  Defaults to a procedure which displays a default error page which uses spiffy-error-css and shows a backtrace.  An error is always logged to the error log before calling this procedure.
108
109==== Module support
110
111Starting at version 3.0, Spiffy's functionality has become large enough to split out into modules.  Currently it has modules for:
112
113; Web-scheme : [[http://www.call-with-current-continuation.org/eggs/web-scheme.html|Web-scheme]], a functional web programming language on top of Scheme.
114
115; CGI : An implementation of the Common Gateway Interface, version 1.1.  Use this to run legacy PHP scripts, if you have them.
116
117; SSP (Scheme Server Pages) : Spiffy provides a way to embed Scheme code in web pages the way it's usually done for PHP, Embedded Ruby or ASP.  You just type your HTML with bits of code sprinkled through it delimited by special "code tags".
118
119; Simple-directory-handler : A directory handler that displays a rather simple directory listing, for use with {{spiffy-handle-directory}}.
120
121You can run a module simply by adding a <code>use</code> statement to your program and then hooking a file extension handler for that module's handler.  Here's an example on how to do this:
122
123<enscript highlight=scheme>
124 (spiffy-file-ext-handlers `(("ssp" . ,ssp-handler)
125                             ("ws" . ,web-scheme-handler)
126                             ("php" . ,(cgi-handler* "/usr/pkg/libexec/cgi-bin/php"))))
127</enscript>
128
129During execution of file extension handlers (which modules basically are), the following parameters are available, which hold some useful data for the currently handled request:
130
131; (current-request) : Holds an object representing the current HTTP request. See HTTP for more information.
132
133; (current-urlencoded-arguments) : Holds an a-list containing pairs of strings, which contains URL-encoded arguments. So a request for {{/foo.html?bar=baz}} would result in this parameter containing {{(("bar" . "baz"))}}.
134
135; (current-response-code) : A pair containing the status code and the status message sent in the reply. Defaults to (200 . "OK").
136
137; (current-response-headers) : An a-list holding the HTTP headers which are sent before the body of the current response. By default this parameter contains {{(("content-type" . "text/html"))}}. You can modify the existing value, or assign a different one by calling the parameter with a new a-list.
138
139; (current-hostname) : The current vhost's hostname.
140
141; (current-pathinfo) : The pathinfo -- the part of the URL ''after'' a filename (Only available at directory-level, not at vhost level)
142
143; (current-path) : The complete URL (including pathinfo, but excluding URL parameters) Mostly useful for {{not-found-handler}}s.
144
145
146=== Adding dynamic resources
147
148You can add URL resources by invoking the procedure {{http:add-resource}}.
149Procedures can be registered that are invoked when a request refers to a given path.
150See the documentation for the [[http://www.call-with-current-continuation.org/eggs/http.html|HTTP extension]] library Chicken.
151
152<enscript highlight=scheme>
153  (http:add-resource
154    "/index.html"
155    (lambda (request args)
156      (current-request request)
157      (let ([name (car (user-information (current-user-id)))])
158        (let ([s (sprintf "<h1>Hello, ~A</h1>" name)])
159          (set-header! "Content-type: text/html")
160          (set-header! (sprintf "Content-length: ~a" (string-length s)))
161          (write-response-header)
162          (printf s)))))
163</enscript>
164
165This example is contrived. It is not necessary to set the content-type to text/html because that is the default for resources.  It is also not necessary to set the content-length header if you use {{write-fragment-response}}.
166=== Content transporters
167
168The content of a served file is read and transmitted using a {{content-transporter}} procedure. The default content-transporter reads in the data and forwards it to the client with appropriate {{Content-length}} and {{Content-type}} headers.
169
170User-defined content-transporters allow customized retrieval and processing of resources, depending on file-type.
171
172; (content-transporter TYPE [PROC]) : If called with a single argument, this procedure returns the content-transporter procedure for the given TYPE, which should be a symbol like {{text/html}}. If the optional argument PROC is given, then the content-transporter for the given type is set to PROC. PROC should accept two arguments: the type TYPE and the filename of the requested resource. Any output generated by PROC is transmitted to the client.
173
174=== Access to the cache
175
176; (cache-read PATH) : Reads a string from the cache, stored under the string PATH and returns it if found, or #f otherwise.
177
178; (cache-write PATH STRING) : Writes a string into the cache, stored under PATH. If the cache-limit is not sufficient (see {{spiffy-cache-limit}} the data is not stored.
179
180Note that the cache is by default not enabled ({{spiffy-cache-limit}} is 0).
181
182; (invalidate-cache [PATH]) : If the optional argument PATH is given, remove the associated item from the cache. If no argument is given, clear the whole cache.
183
184=== Logging
185
186If logging is enabled by setting the parameter {{spiffy-access-log}} to the pathname of a log-file or a port,
187then each request will be logged by appending a line of the following format:
188
189  CLIENT-IP DATE-AND-TIME REQUEST-LINE USER-AGENT
190
191=== Virtual hosts
192
193You can set up virtual hosting by defining a vhost-map like so:
194
195<enscript highlight=scheme>
196 (spiffy-vhost-map `(("foo\\.bar\\.com" .
197                         ,(lambda (continue)
198                            (parameterize ((spiffy-file-ext-handlers `(("ssp" . ,ssp-handler) ("ws" . ,web-scheme-handler)))
199                                           (spiffy-root-path "/var/www/domains/foo.bar.com"))
200                              (continue))))
201                     (,(glob->regexp "*.domain.com") .
202                         ,(lambda (continue)
203                            (parameterize ((spiffy-file-ext-handlers `(("php" . ,(cgi-handler* "/usr/pkg/bin/php"))))
204                                           (spiffy-root-path "/var/www/domains/domain.com"))
205                              (continue))))))
206</enscript>
207
208In this example, if a client accesses {{foo.bar.com/mumble/blah.html}}, the file {{/var/www/domains/foo.bar.com/mumble/blah.html}}
209will be served.  Any files ending in {{.ssp}} or {{.ws}} will be served by the corresponding file type handler.  If there's
210any PHP file, its source will simply be displayed.
211In case of {{my.domain.com/something/bar.html}}, the file {{/var/www/domains/domain.com/something/bar.html}} will be served.
212If there's a {{.ssp}} or {{.ws}} file there, it will not be interpreted.  Its source will be displayed instead.  A {{.php}} file,
213on the other hand, will be passed via CGI to the program {{/usr/pkg/bin/php}}.
214
215Domain names are mapped to a lambda that sets up any parameters it wants to override from the defaults.
216The host names are matched using {{string-match}}.  If the host name is not yet a regexp, it will be converted to a ''case-insensitive'' regexp.
217
218Virtual hosting is a HTTP/1.1 feature, so this will only work with HTTP/1.1 clients.
219Actually, it also works with HTTP/1.0 clients which insert an additional Host: line in the request headers since Spiffy ignores
220the HTTP version the client sends.
221
222=== Access files
223
224Fine-grained access-control can be implemented by using so-called access files.
225When a request for a specific file is made and a file with the name given in the {{spiffy-access-file}} parameter
226exists in any directory between the {{spiffy-root-dir}} of that vhost and the directory in which the file resides,
227then the access file is loaded as an s-expression containing a function and is evaluated with a single argument,
228the function that should be called to continue processing the request.
229
230This works just like vhosting.  The function that gets called can call {{parameterize}} to set additional
231constraints on the code that handles deeper directories.
232
233For example, if we evaluate {{(spiffy-access-file ".access")}} before starting the server, and we put the following
234code in a file named .access into the root-directory, then all accesses from localhost to any file in the
235root-directory or any subdirectory will be denied:
236
237<enscript highlight=scheme>
238 (lambda (continue)
239   (if (string=? (http:request-ip (current-request)) "127.0.0.1")
240       (continue)
241       (http:write-error-response 403 "Forbidden")))
242</enscript>
243
244If we only want to deny access to files that start with an X, put this in the {{.access}} file:
245
246<enscript highlight=scheme>
247 (lambda (continue)
248   (parameterize ((spiffy-access-denied?
249                    (lambda (path file) (string-prefix? "X" file))))
250     (continue)))
251</enscript>
252
253Of course, access files can be used for much more than just access checks.  One can put anything in them that could be put in vhost configuration or in top-level configuration.
254
255They are very useful for making deployable web applications, so you can just drop a directory on your server which has its own configuration embedded in an access file in the root directory of the application, without having to edit the server's main configuration files.
256=== Some useful procedures
257
258; (write-fragment-response . FRAGMENTS) : Generates a HTTP response and writes the elements of all the FRAGMENTS you pass to it as the contents of the body. A fragment may be a #f or the empty list (which are ignored), a string, character, number, symbol or a list of other fragments.  Uses write-response-header internally, so uses the same parameters to determine headers and status code.
259
260; (send-static-file FILENAME) : Generates a HTTP response and writes the contents of the given file.  Remember to set the {{Content-Type}} header if {{current-response-headers}} do not set a {{text/html}} content-type.
261
262; (redirect PATH) : Changes the current value of (current-response-code) and (current-response-headers) to return a redirection response. This is basically the same as redirect-page but is usable in {{.ssp}} pages.
263
264; (redirect-page PATH) : Generates a {{303 See Other}} HTTP response that redirects the client to PATH.  It also outputs a small note that the page was moved.  This procedure should be used from vhost configurations or other places where there is no output to send (ie, as a replacement for a call to {{(continue)}}).
265
266; (spiffy-debug FORMATSTRING ARG ...) : When debugging output has been turned on (via the debug argument to start-server, or by (spiffy-debug-mode #t)), then this is equivalent to {{(fprintf (current-error-port) FORMATSTRING ARG ...)}}.
267
268; (write-response-header) : Writes a HTTP response header to the current output port. This largely equivalent to {{http:write-response-header}}, but handles persistent connections properly by checking the HTTP version any Connection request headers and it obeys arguments {{current-response-code}} and {{current-response-headers}} instead of using keyword arguments.
269
270; (current-workdir) : A parameter that holds the current include path. File loading operations like {{load-once}}, {{load-ssp}} or {{include-ssp}} set this parameter, so that nested load/include operations always take place relative the the containing source file.
271
272; (htmlize STRING) : Makes STRING suitable for embedding in HTML by replacing {{<}}, {{>}}, {{&}} and {{"}} with {{&lt;}}, {{&gt;}}, {{&amp;}} and {{&quot;}}.
273
274; (htmlize-with-spaces STRING) : Makes STRING suitable for embedding in HTML similar to htmlize, but also replaces spaces with {{&nbsp;}} entities and newlines with {{<br />}}.
275
276; (strip-tags STRING) : Returns STRING with HTML tags removed.
277
278; (escape-chars STRING) : Transforms non-alphanumeric characters in STRING into %XX characters sequences.
279
280; (load-once FILENAME) : If no file with this name has been loaded, or if the file has been modified since the last time it has been loaded, then it is loaded and evaluated and #t is returned. Otherwise nothing is done and load-once returns {{#f}}.
281
282Note that this works only reliable for source files, not for compiled code.
283
284; (get-header STRING [DEFAULT]) : Retrieves the value of a HTTP header in the current request. STRING should name the header and will be compared (case-insensitive) with any headers passed in the current request object (as given in {{(current-request)}}). If no header with this name can be found DEFAULT will be returned (or {{#f}} if DEFAULT is not specified).
285
286; (set-header! STRING) : Sets a HTTP header in the current response by changing the value of the current-response-headers parameter. STRING should be a valid HTTP header of the form {{<header-name>: <header-value>}}. If the header was already set it will be overwritten except in the case of Set-Cookie.  In this case, it will just output an additional Set-Cookie header.
287=== Convenience macros
288
289; (syntax) (define-http-resource (URL ARGUMENT ...) BODY ...) : Defines a resource-handler (as with {{http:add-resource}}) for URL, which should be a string or symbol. the ARGUMENTs should be symbols, which will be bound to URL-encoded or POSTed arguments or they should be of the form (IDENTIFIER DEFAULT) to bind them to a default value, if not provided. The result of BODY ... will be returned as the response, it should be a string containing (X)HTML or XML.
290
291To exit prematurly from the body, or to customize the returned response, the procedure {{respond}} will be lexically visible inside the body, and can be called, for example, like this:
292
293<enscript highlight=scheme>
294  (parameterize ((current-response-code '(200 . "OK")))
295    (respond "<html><body>Hello, world</body></html>"))
296</enscript>
297
298Calling {{(respond RESULT)}} is identical to returning RESULT in the body.
299
300
301=== Modules
302
303This section will describe what the various modules that come with Spiffy are and how they work.
304
305==== ssp-handler
306
307SSP, or Scheme Server Pages, are a way to embed Scheme in HTML pages. Files with an extension of {{.ssp}}
308are handled specifically, by replacing occurrences of certain reserved tags with Scheme code.
309There are two possible forms, either the long version, where all output is redirected to the HTTP response
310port, or the short, where the result of the embedded expression is displayed in the response.
311The tags default to {{<?scheme}} and {{<?}}, see Configuration for how to change them.
312
313<enscript highlight=scheme>
314   <html><body>
315   <ol><?scheme (for-each (lambda (i) (printf "<li>~S~%" i)) (iota 5))?></ol>
316   <br />
317   <b><?(call-with-values (lambda () (user-information (current-user-id))) (lambda (name . _) name))?><b>
318   </body></html>
319</enscript>
320
321would generate for example something like this:
322
323     1. 0
324     2. 1
325     3. 2
326     4. 3
327     5. 4
328
329  (felix x 500 100 /home/felix /bin/bash)
330
331When a {{.ssp}} file is loaded the first time, or when it has been modified, then a translation
332takes place that generates a loadable Scheme source file (with the extension {{.sspx}}, in the
333same directory as the original file) from the original data, so in the above example something
334like this would be generated:
335
336<enscript highlight=scheme>
337  (let ()
338    (display "<html><body>\n<ol>")
339    (for-each (lambda (i) (printf "<li>~S~%" i)) (iota 5))
340    (display "</ol>\n<br />\n<b>")
341    (display (call-with-values (lambda () (user-information (current-user-id))) (lambda (name . _) name)))
342    (display "<b>\n</body></html>\n") )
343</enscript>
344
345Note that the body is evaluated in a {{(let () ...)}} form.
346
347Note: each request runs in a separate thread, so code in {{.ssp}} pages should take care when using global variables.
348
349===== Configuration
350
351The SSP handler can be configured with the following options:
352
353; ssp-close-tag (regexp) :  The closing tag for Scheme fragments in {{.ssp}} files. Default: {{?>}}
354
355; ssp-short-open-tag (regexp) : The opening tag for short fragments. Default: {{<?}}
356
357; ssp-long-open-tag (regexp) : The opening tag for long fragments. Default: {{<?scheme}}
358
359; ssp-eval-environment (environment) : The environment passed to {{eval}} when evaluating Scheme code inside {{.ssp}}-pages.  Default: {{interaction-environment}}
360
361===== Procedures
362
363The ssp-handler module adds the following procedures to the environment:
364
365; (include-ssp FILENAME) : Translates the file FILENAME into Scheme by replacing {{<?scheme ... ?>}} and {{<? ... ?>}} sequences (if needed) and writes the translated contents to the current output-port.
366
367; (ssp-stringize FILENAME) : Similar to {{include-ssp}}, but instead of writing the translated text, the text is returned as a string.
368
369; (exit-handler) : During execution of an ssp page, {{exit-handler}} is bound to a procedure that will finish the current page, ignoring any further content or code.
370==== web-scheme-handler
371
372Another way of executing Scheme code to produce content are {{.ws}} files: these should contain a Scheme
373expression that is expected to evaluate to a string which will be directly written as the response to the
374current request. This facility is intended for Scheme code that uses
375the [[http://www.call-with-current-continuation.org/eggs/web-scheme.html|web-scheme]] extension.
376
377You can use the {{web-scheme-handler}} for any Scheme file which returns HTML as a string or
378which has a side-effect of outputting the HTML. If it's the latter, make sure the final statement
379in your file does not return a string or it will be appended to the output (just like in the {{csi}} REPL).
380
381'''Tip''' This handler type is perfect not only for web-scheme but also for when you're using SRV:send-reply with SXML or for example a wiki-to-string translator.
382
383Note: each request runs in a separate thread, so code in {{.ws}} pages should take care when using global variables.
384
385===== Configuration
386
387The Web-scheme handler can be configured with the following options:
388
389; web-scheme-eval-environment (environment) : The environment passed to {{eval}} when evaluating Scheme code inside {{.ws}}-pages.  Default: {{interaction-environment}}
390
391==== cgi-handler
392
393Spiffy supports a subset of the [[http://hoohoo.ncsa.uiuc.edu/cgi/interface.html|CGI/1.1 spec]]. All request headers will be passed as
394environment variables to the CGI program, prefixed with {{"HTTP_"}}, and converted to uppercase, with hyphens ("-") replaced by an underscore ("_"). The CGI program will receive the request body in unparsed form from stdin and should write a complete HTTP response to stdout.  Any headers that are missing but required for HTTP will be added by Spiffy.
395
396The following environment variables are currently not set during invocation of CGI subprocesses:
397
398   AUTH_TYPE
399   PATH_TRANSLATED
400   REMOTE_HOST
401   REMOTE_IDENT
402   REMOTE_USER
403
404The {{cgi-handler}} procedure will simply execute the cgi binary directly.  This is useful if you have files with a special extension or in a directory on your server than can be run directly.
405
406The {{cgi-handler*}} procedure is usually more useful.  It allows you to define an interpreter to use for files and returns a file handler.  See the example above for {{spiffy-file-ext-handlers}}.
407
408===== Configuration
409
410CGI handler can be configured with the following parameters:
411
412; spiffy-cgi-default-environment (alist of string->string) : The environment variables that should be in the default environnment of every CGI program.  Variables like {{SCRIPT_NAME}} will be added dynamically to the end of this alist. Default:
413
414<enscript highlight=scheme>
415(("SERVER_SOFTWARE" . ,(spiffy-server-name))
416 ("GATEWAY_INTERFACE" . "CGI/1.1")
417 ("REDIRECT_STATUS" . "200"))
418</enscript>
419==== simple-directory-handler
420
421In order to get directory listings, you can use {{simple-directory-handler}}.  Just assign the {{simple-directory-handler}} to {{spiffy-handle-directory}} and you're set.
422
423===== Configuration
424
425The simple directory handler has a few configuration options:
426
427; simple-directory-css (string) : The CSS which is included in every page to style it.  Defaults to a simple CSS string that adds some padding to the table and gives the page a mustard-colored background.
428; simple-directory-dotfiles? (bool) : Determines if dotfiles should show up in the directory listings.  Default: {{#f}}
429; simple-directory-display-file (lambda) : A lambda that accepts three arguments: the remote filename, the local filename and a boolean that says if the file is a directory.  This lambda should output a table row with the desired information.  Defaults to a lambda that prints the name, size and date when the file was last modified.
430
431
432=== Changelog
433
434* 3.7 Plug file descriptor leak in {{send-static-file}}. [zb], fix bug in ssp-handler that caused it to fail on all pages, fix difference in {{include-ssp}} versus {{ssp-stringize}}'s way of handling the current workdir.  Add tests for SSP handler.
435* 3.6 Clean up header handling a little bit, update for latest sendfile and http eggs. Add {{spiffy-default-mime-type}}. Change the default MIME-type to {{application/octet-stream}} instead of {{text/plain}}.
436* 3.5 Remove remaining superfluous REQUEST and response-code arguments from procedures and simplify content-transporters.  Improve exception handling. Use the sendfile egg for transfer of static files.
437* 3.4 Add support for pathinfo, add support for stacked access-files, change access-files to be similar to vhost-handlers.  Fix the way path is handed to directory handlers to be the same as file handlers.  Add spiffy-access-denied? and remove spiffy-deny-paths and spiffy-deny-access (which makes it a lot cleaner and much more powerful). Automatically convert non-regexes to case insensitive regexes, making vhosting a little cleaner to set up.  Implement regression tests.
438* 3.3 Add handler ability for directory listings and extract existing handler to simple-directory-handler.  Fix relative directory handling for spiffy-root-path.  Fix directory links in directory listings for vhosts.
439* 3.2 Make all configuration options SRFI-39 parameters, so vhost configuration is much more flexible.  Normalize logfile handling.
440* 3.1 Improve CGI handling so it will work with PHP.
441* 3.0 Introduce modules for SSP, web-scheme and CGI.
442* 2.43 Program name was wrongly passed as argument to CGI subprocess.
443* 2.42 Fix small typo (thanks to Mario Domenech Goulart)
444* 2.41 Fixed bug in webscheme where any output would be injected in the HTTP response. {{.ws}} files can now be used for any pure scheme code to be evaled, as an alternative to {{.ssp}}. Fixed generate-directory-listing as per ticket #15.
445* 2.40 {{write-sxml}} generates improved output [Thanks to Peter Wright]
446* 2.39 Renamed {{sxml->html}} to {{write-sxml}} (kept the old name for backwards compatibility), also changed newline behaviour subtly [thanks to Peter Wright and Zbigniew Szadkowski]
447* 2.38 CGI "Status" header is recognized now
448* 2.37 Added handling for {{.htm}} extension [Thanks to Mario Goulart]
449* 2.36 Added {{spiffy-eval-environment}} and more error output
450* 2.35 Added {{spiffy-error-port}} [suggested by Daishi Kato]
451* 2.34 Bugfix in {{load-web-scheme}} by Mario Domenech Goulart
452* 2.33 More complete CGI support (needs http 1.47)
453* 2.32 Preliminary CGI support
454* 2.31 Disabled keep-alive connections on MSVC until its problems have been investigated [Suggested by Graham Fawcett]
455* 2.3 Disabled {{signal-handler}} setup on MSVC [Thanks to Graham Fawcett]
456* 2.2 {{htmlize}} shouldn't have replaced newlines with {{br}} tag
457* 2.1 Didn't cd to root dir on startup
458* 2.0 Support dynamic reconfiguration [by Peter Bex]
459* 1.53 Supports default {{"ws"}} page and small bugfix [Thanks to Mario Domenech Goulart]
460* 1.52 Add virtual hosting support [by Peter Bex]
461* 1.51 {{set-header!}} uses different regexp for non-pregexp platforms
462* 1.50 Direct loading of Scheme source code files with the {{".ws"}} extension [by Mario Goulart]
463* 1.49 Yet another bugfix by Hans Bulfone
464* 1.48 Better error-output
465* 1.47 Removed {{SIGPIPE}} handler (is done by tcp unit); added pregexp-compatibility hack [by Daishi Kato]
466* 1.46 Adapted to SRFI-69 compatible hash-tables
467* 1.45 The code in {{.ssp}} pages is evaluated in a lexically scoped body; added files beginning with a dot to files denied by default; added access-files
468* 1.44 {{define-http-resource}} automatically prefixes url with {{/}} if needed
469* 1.43 {{define-http-resource}} didn't pass headers and code back to responder [Thanks to Michele Simionato]
470* 1.42 {{define-http-resource}} binds some important parameters [Thanks to Michele Simionato]
471* 1.41 Link in directory listing to parent directory was broken [Thanks to Guy Banay]
472* 1.40 Added {{define-http-resource}} and reorganized code a tiny bit
473* 1.39 Serving files with no extension failed
474* 1.38 File-extension mapping was broken (argh)
475* 1.37 File-extension mapping is case-insensitive [Thanks to Peter Bex]
476* 1.36 Peter Bex added htmlize-with-spaces.
477* 1.35 Peter Bex added current-workdir and relative load/include paths
478* 1.34 Fixed a bug in {{load-scheme}} (uncaught exceptions triggered an unbound variable error)
479* 1.33 Directory-listing ignores broken links and displays footer; {{spiffy-program-pattern} is matched with full pathname
480* 1.32 Some bugfixes and cosmectic changes
481* 1.31 Removed {{spiffy-program-path}} and {{spiffy-log}}
482* 1.30 Spiffy is now a library; removed all command-line processing and {{spiffy-monitor}}; added {{start-server}} and support for exit in {{.ssp}} pages; directory listings; programs ({{spiffy-program-path}} and {{spiffy-program-pattern}}); {{get-header}}
483* 1.29 {{translate-file}} opened {{input-file}} twice; the default location is set to the result of {{get-host-name}}; {{set-header!}} used broken regular expression; errors during redirection are properly caught [Thanks to Peter Bex]
484* 1.28 The fallback page-handler didn't work with relative root-paths [Thanks to Gian Paolo Ciceri]
485* 1.27 Added optional argument to {{set-header!}}, removed {{load-ssp}} and added {{include-ssp}} and {{ssp-stringize}} [Thanks to Peter Bex]
486* 1.26 Added {{current-response-code}} and {{redirect}} (and renamed the old one to {{redirect-page}}). {{set-header!}} handles spaces in the header value [Thanks to Peter Bex]
487* 1.25 Changing to root path was done too early
488* 1.24 Fixed documentation; added text/css to list of content-types; on startup current directory is changed to root path; changing to user sets supplementary groups [Thanks to Peter Bex]
489* 1.22 Changed {{"root"}} directory to {{"web"}}
490* 1.21 argument needs no default value; {{set-header!}} wasn't exported
491* 1.20 Removed sill startup message, spiffy-monitor uses HEAD request, added several new helper procedures
492* 1.19 preliminary HEAD support
493* 1.18 {{spiffy-log}} was broken
494* 1.17 changed {{.shp}} and {{.shp.2}} extensions to {{.ssp}} and {{.sspx}}, respectively; several new API routines and improvements
495* 1.16 Updated for http extension (version 1.11), added support for restriction of incoming requests and changing user ID.
496* 1.15 fixed bug in startup code for daemonized spiffy
497* 1.14 reply protocol uses the one given in request
498* 1.13
499
500=== License
501
502  Copyright (c) 2005-2007, Felix L. Winkelmann and Peter Bex
503  All rights reserved.
504 
505  Redistribution and use in source and binary forms, with or without
506  modification, are permitted provided that the following conditions are
507  met:
508 
509  Redistributions of source code must retain the above copyright
510  notice, this list of conditions and the following disclaimer.
511 
512  Redistributions in binary form must reproduce the above copyright
513  notice, this list of conditions and the following disclaimer in the
514  documentation and/or other materials provided with the distribution.
515 
516  Neither the name of the author nor the names of its contributors may
517  be used to endorse or promote products derived from this software
518  without specific prior written permission.
519 
520  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
521  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
522  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
523  FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
524  COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
525  INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
526  (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
527  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
528  HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
529  STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
530  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
531  OF THE POSSIBILITY OF SUCH DAMAGE.
Note: See TracBrowser for help on using the repository browser.