No exceptions on missing error webpages

- Create a `safeReadFileSync()` function in `src/utils.js` to wrap around `fs.readFileSync()` - Migrate error-webpage loads to use `safeReadFileSync()`, with default values of an empty string - Move the 404 error middleware to explicitly only be called *after* extensions are registered
2025-06-05 21:59:27 +02:00 · 2025-01-25 20:29:31 +00:00
parent 9e54070c1d
commit 6099ffece1
4 changed files with 29 additions and 11 deletions
--- a/server.js
+++ b/server.js
@ -67,6 +67,7 @@ import {
    forwardFetchResponse,
    removeColorFormatting,
    getSeparator,
+    safeReadFileSync,
 } from './src/util.js';
 import { UPLOADS_DIRECTORY } from './src/constants.js';
 import { ensureThumbnailCache } from './src/endpoints/thumbnails.js';
@ -615,12 +616,6 @@ app.use('/api/backends/scale-alt', scaleAltRouter);
 app.use('/api/speech', speechRouter);
 app.use('/api/azure', azureRouter);

-// If all other middlewares fail, send 404 error.
-const notFoundWebpage = fs.readFileSync('./public/error/url-not-found.html', { encoding: 'utf-8' });
-app.use((req, res, next) => {
-    res.status(404).send(notFoundWebpage);
-});
-
 const tavernUrlV6 = new URL(
    (cliArguments.ssl ? 'https://' : 'http://') +
    (listen ? '[::]' : '[::1]') +
@ -927,6 +922,16 @@ async function verifySecuritySettings() {
    }
 }

+/**
+ * Registers a not-found error response if a not-found error page exists. Should only be called after all other middlewares have been registered.
+ */
+function apply404Middleware() {
+    const notFoundWebpage = safeReadFileSync('./public/error/url-not-found.html') ?? '';
+    app.use((req, res) => {
+        res.status(404).send(notFoundWebpage);
+    });
+}
+
 // User storage module needs to be initialized before starting the server
 initUserStorage(dataRoot)
    .then(ensurePublicDirectoriesExist)
@ -934,4 +939,5 @@ initUserStorage(dataRoot)
    .then(migrateSystemPrompts)
    .then(verifySecuritySettings)
    .then(preSetupTasks)
+    .then(apply404Middleware)
    .finally(startServer);
--- a/src/middleware/basicAuth.js
+++ b/src/middleware/basicAuth.js
@ -5,13 +5,12 @@
 import { Buffer } from 'node:buffer';
 import storage from 'node-persist';
 import { getAllUserHandles, toKey, getPasswordHash } from '../users.js';
-import { getConfig, getConfigValue } from '../util.js';
-import { readFileSync } from 'node:fs';
+import { getConfig, getConfigValue, safeReadFileSync } from '../util.js';

 const PER_USER_BASIC_AUTH = getConfigValue('perUserBasicAuth', false);
 const ENABLE_ACCOUNTS = getConfigValue('enableUserAccounts', false);

-const unauthorizedWebpage = readFileSync('./public/error/unauthorized.html', { encoding: 'utf-8' });
+const unauthorizedWebpage = safeReadFileSync('./public/error/unauthorized.html') ?? '';
 const unauthorizedResponse = (res) => {
    res.set('WWW-Authenticate', 'Basic realm="SillyTavern", charset="UTF-8"');
    return res.status(401).send(unauthorizedWebpage);
--- a/src/middleware/whitelist.js
+++ b/src/middleware/whitelist.js
@ -5,13 +5,15 @@ import Handlebars from 'handlebars';
 import ipMatching from 'ip-matching';

 import { getIpFromRequest } from '../express-common.js';
-import { color, getConfigValue } from '../util.js';
+import { color, getConfigValue, safeReadFileSync } from '../util.js';

 const whitelistPath = path.join(process.cwd(), './whitelist.txt');
 const enableForwardedWhitelist = getConfigValue('enableForwardedWhitelist', false);
 let whitelist = getConfigValue('whitelist', []);
 let knownIPs = new Set();
-const forbiddenWebpage = Handlebars.compile(fs.readFileSync('./public/error/forbidden-by-whitelist.html', 'utf-8'));
+const forbiddenWebpage = Handlebars.compile(
+    safeReadFileSync('./public/error/forbidden-by-whitelist.html') ?? '',
+);

 if (fs.existsSync(whitelistPath)) {
    try {
--- a/src/util.js
+++ b/src/util.js
@ -871,3 +871,14 @@ export class MemoryLimitedMap {
        return this.map[Symbol.iterator]();
    }
 }
+
+/**
+ * A 'safe' version of `fs.readFileSync()`. Returns the contents of a file if it exists, falling back to a default value if not.
+ * @param {string} filePath Path of the file to be read.
+ * @param {Parameters<typeof fs.readFileSync>[1]} options Options object to pass through to `fs.readFileSync()` (default: `{ encoding: 'utf-8' }`).
+ * @returns The contents at `filePath` if it exists, or `null` if not.
+ */
+export function safeReadFileSync(filePath, options = { encoding: 'utf-8' }) {
+    if (fs.existsSync(filePath)) return fs.readFileSync(filePath, options);
+    return null;
+}