Read the statement by Michael Teeuw here.
readFileSync
-
I saw that when I was fiddling with some other stuff, but never actually tested it. Is that path relative to the actual module location? Or MM’s installation? Or the user that’s running MM? So if
'/foo/bar/baz'
is defined, where does it start?/foo/bar/baz? (OH PLEASE SAY NO, for the love of all that is sacred, tell me Node.js does NOT allow system reads like that!) $HOME/foo/bar/baz ? $HOME/MagicMirror/foo/bar/baz? $HOME/MagicMirror/modules/foo/bar/baz? $HOME/MagicMirror/modules/<MODULE>/foo/bar/baz?
-
If you are referring to this snippet:
start: function() { this.expressApp.get('/foobar', function (req, res) { res.send('GET request to /foobar'); }); }
The
/foobar
is referring to the url:http://localhost:8080/foobar
-
Ah, so it’s still an HTTP call then, not a simple fileread from disk.
-
Exactly.
-
So then the question is still, where is that
'/foobar'
? What’s that in relation to? The MM install? The module’s folder? -
@KirAsh4 it hasnt got anything to do with a file. It’s just a request, if you want to respond with the contents of a file, you need to do that yourself or use the following method if you want to feed a full folder:
this.expressApp.use("/foobar" + this.name, this.expressApp.static(this.path + "/foobar"));
-
No, it doesn’t have anything to do with the contents. It has to do with where that file resides on the physical system. For example, a request to a default Apache installation will look for a file in
'/var/www/html/'
or'$USER/public_html'
or whatever the system admin has configured it as. In this case, this is a specific request through the Node.js system, being called by MM, so where does it look for that file? Within the user’s folder? Within MM’s installation folder? Within the actual module’s folder? Or does Node.js allow access to the entire file system? So that if I do a call such as:this.expressAp.use("/etc/passwd")
will I actually get the contents of the system’s
'/etc/passwd'
file, or is going to try to read'/path/to/MM-install/etc/passwd'
or some other path? -
I’ve got the feeling we’re talking about something different.
The example:
this.expressApp.get('/foobar', function (req, res) { res.send('GET request to /foobar'); })
does not serve any file. So talking about file location doesn’t make any sense in this case. In this example It just serves the text string
GET request to /foobar
In the second example:
this.expressApp.use("/foobar" + this.name, this.expressApp.static(this.path + "/foobar"));
only the
express.static(root, [options])
part refers to a file or folder. The root argument refers to the root directory from which the static assets are to be served.More info about express.static can be found here: http://expressjs.com/en/api.html#express.static
-
@MichMich said in readFileSync:
The root argument refers to the root directory from which the static assets are to be served.
That’s part of the answer I was looking for. Specifically,
'from which the static assets are to be served'
. Now to figure out where those are, or where they are allowed to be rather. Basically I’m looking at it from a security stand point. Where is this thing going to allow a user to get to, to fetch a file. -
@KirAsh4 Yeah, it is working for me as I want it. I figured it wouldn’t be overly useful to others anyhow since there was a lot of back-end work to do (namely setting up json streams that match the module code from the weather station, uploading to an appropriate location).
Screenshot of my current display is below. It updates every 5 seconds using data from my local Davis weather station running Cumulus software. The rain information (total daily rain on top left, current rain rate at bottom left) only display if there has been rain today or it is currently raining respectively. It will also display winds like “12 G23” if the winds hit gust criteria (over 18MPH gusts and more than 10MPH over the wind speed). It is pretty trivial to put any information you can get into the json file to display.
I’d be happy to try to properly modularize this if there is some interest, there’s just so many options and variations of stations/json exports/etc that I’m not sure I’d know where to start.