JWS: The Java Webserver
(C) 2007 Ben Cantrick
2007/06/11, 0.31a - index.html substitution now working. Correct
"Content-type:" header now returned. (More.)
2007/05/31, 0.3a - Modified to use a cachedThreadPool of dynamically
created worker threads to process HTTP requests. (More on the Java threading
APIs here for the
morbidly curious.) Javadocs now made with -private so all methods are
documented.
2007/03/28, 0.2a - Javadoc comments, much improved reply headers,
error handling refactored, request GET method checking, System.err used,
method names cleaned up.
2007/03/21, Initial
This is a minimal multithreaded webserver implemented in Java. Possibly
useful for learning purposes. A test.html file is included for your
testing convenience.
This code is distributed under the
modified BSD license.
Share and enjoy freely, just give credit where credit is due.
Source code: JWS.java
Javadocs: javadocs.html
Bugs:
- There is no security validation done on the incoming URL. A clever hacker
might be able to construct a tricky URL that would allow them to view your
/etc/passwd file. Never run your webserver as root! Always lock network-facing
services inside a chroot() jail!
There's probably a way to reuse myByteBuf so we're not constantly
new'ing a 4k data structure. Thanks to the way the threadpool APIs
work, no longer an issue. One runnable object per HTTP request.
"try/catch hell" is annoying, and the file feels much too
long. Refactored, somewhat better now.
HTTP header fields are not parsed, nor are proper headers
returned in the reply. Not even a "200 OK" or content-type message.
Greatly improved headers now returned. (Should probably use
URLConnection.getFileNameMap().getContentTypeFor() for content-type
header.)
Should check to make sure the first token provided by next() is
a GET and not a POST. If POST, return a "501 Not Implemented" page in
similiar fashion to the current 404. 403, 404, 500 and 501
implemented.