Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

my-web-fs

Package Overview
Dependencies
Maintainers
1
Versions
4
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

my-web-fs

A simple zero-configuration command-line http server with file control

  • 0.14.3
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
1
Maintainers
1
Weekly downloads
 
Created
Source

http-file-server: a simple static HTTP server with file control

new features:

  • drag to upload file
  • delete file [TODO]
  • mkdir [TODO]

http-file-server is a simple, zero-configuration command-line static HTTP server. It is powerful enough for production usage, but it's simple and hackable enough to be used for testing, local development and learning.

Example of running http-file-server

Installation:

Running on-demand:

Using npx you can run the script without installing it first:

npx http-file-server [path] [options]
Globally via npm
npm install --global http-file-server

This will install http-file-server globally so that it may be run from the command line anywhere.

As a dependency in your npm package:
npm install http-file-server

Usage:

 http-file-server [path] [options]

[path] defaults to ./public if the folder exists, and ./ otherwise.

Now you can visit http://localhost:8080 to view your server

Note: Caching is on by default. Add -c-1 as an option to disable caching.

Available Options:

CommandDescriptionDefaults
-p or --portPort to use. Use -p 0 to look for an open port, starting at 8080. It will also read from process.env.PORT.8080
-aAddress to use0.0.0.0
-dShow directory listingstrue
-iDisplay autoIndextrue
-g or --gzipWhen enabled it will serve ./public/some-file.js.gz in place of ./public/some-file.js when a gzipped version of the file exists and the request accepts gzip encoding. If brotli is also enabled, it will try to serve brotli first.false
-b or --brotliWhen enabled it will serve ./public/some-file.js.br in place of ./public/some-file.js when a brotli compressed version of the file exists and the request accepts br encoding. If gzip is also enabled, it will try to serve brotli first.false
-e or --extDefault file extension if none suppliedhtml
-s or --silentSuppress log messages from output
--corsEnable CORS via the Access-Control-Allow-Origin header
-o [path]Open browser window after starting the server. Optionally provide a URL path to open. e.g.: -o /other/dir/
-cSet cache time (in seconds) for cache-control max-age header, e.g. -c10 for 10 seconds. To disable caching, use -c-1.3600
-U or --utcUse UTC time format in log messages.
--log-ipEnable logging of the client's IP addressfalse
-P or --proxyProxies all requests which can't be resolved locally to the given url. e.g.: -P http://someurl.com
--proxy-optionsPass proxy options using nested dotted objects. e.g.: --proxy-options.secure false
--usernameUsername for basic authentication
--passwordPassword for basic authentication
-S, --tls or --sslEnable secure request serving with TLS/SSL (HTTPS)false
-C or --certPath to ssl cert filecert.pem
-K or --keyPath to ssl key filekey.pem
-r or --robotsAutomatically provide a /robots.txt (The content of which defaults to User-agent: *\nDisallow: /)false
--no-dotfilesDo not show dotfiles
--mimetypesPath to a .types file for custom mimetype definition
-h or --helpPrint this list and exit.
-v or --versionPrint the version and exit.

Magic Files

  • index.html will be served as the default file to any directory requests.
  • 404.html will be served if a file is not found. This can be used for Single-Page App (SPA) hosting to serve the entry page.

Catch-all redirect

To implement a catch-all redirect, use the index page itself as the proxy with:

http-file-server --proxy http://localhost:8080?

Note the ? at the end of the proxy URL. Thanks to @houston3 for this clever hack!

TLS/SSL

First, you need to make sure that openssl is installed correctly, and you have key.pem and cert.pem files. You can generate them using this command:

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem

You will be prompted with a few questions after entering the command. Use 127.0.0.1 as value for Common name if you want to be able to install the certificate in your OS's root certificate store or browser so that it is trusted.

This generates a cert-key pair and it will be valid for 3650 days (about 10 years).

Then you need to run the server with -S for enabling SSL and -C for your certificate file.

http-file-server -S -C cert.pem

If you wish to use a passphrase with your private key you can include one in the openssl command via the -passout parameter (using password of foobar)

e.g. openssl req -newkey rsa:2048 -passout pass:foobar -keyout key.pem -x509 -days 365 -out cert.pem

For security reasons, the passphrase will only be read from the NODE_HTTP_SERVER_SSL_PASSPHRASE environment variable.

This is what should be output if successful:

Starting up http-file-server, serving ./ through https

http-file-server settings:
CORS: disabled
Cache: 3600 seconds
Connection Timeout: 120 seconds
Directory Listings: visible
AutoIndex: visible
Serve GZIP Files: false
Serve Brotli Files: false
Default File Extension: none

Available on:
  https://127.0.0.1:8080
  https://192.168.1.101:8080
  https://192.168.1.104:8080
Hit CTRL-C to stop the server

Development

Checkout this repository locally, then:

$ npm i
$ npm start

Now you can visit http://localhost:8080 to view your server

You should see the turtle image in the screenshot above hosted at that URL. See the ./public folder for demo content.

Keywords

FAQs

Package last updated on 13 Jun 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc