6 files changed, 201 insertions, 251 deletions
diff --git a/plugins/http/config/http.go b/plugins/http/config/http.go
index 8b63395f..31b10322 100644
--- a/plugins/http/config/http.go
+++ b/plugins/http/config/http.go
@@ -33,6 +33,9 @@ type HTTP struct {
 	// Uploads configures uploads configuration.
 	Uploads *Uploads `mapstructure:"uploads"`
 
+	// static configuration
+	Static *Static `mapstructure:"static"`
+
 	// Pool configures worker pool.
 	Pool *poolImpl.Config `mapstructure:"pool"`
 
@@ -100,6 +103,13 @@ func (c *HTTP) InitDefaults() error {
 		c.SSLConfig.Address = "127.0.0.1:443"
 	}
 
+	// static files
+	if c.Static != nil {
+		if c.Static.Pattern == "" {
+			c.Static.Pattern = "/static"
+		}
+	}
+
 	err := c.HTTP2Config.InitDefaults()
 	if err != nil {
 		return err
@@ -176,5 +186,13 @@ func (c *HTTP) Valid() error {
 		}
 	}
 
+	// validate static
+	if c.Static != nil {
+		err := c.Static.Valid()
+		if err != nil {
+			return errors.E(op, err)
+		}
+	}
+
 	return nil
 }
diff --git a/plugins/http/config/static.go b/plugins/http/config/static.go
new file mode 100644
index 00000000..416169d2
--- /dev/null
+++ b/plugins/http/config/static.go
@@ -0,0 +1,51 @@
+package config
+
+import (
+	"os"
+
+	"github.com/spiral/errors"
+)
+
+// Static describes file location and controls access to them.
+type Static struct {
+	// Dir contains name of directory to control access to.
+	Dir string
+
+	// HTTP pattern, where to serve static files
+	// for example - `/static`, `/my-files/static`, etc
+	// Default - /static
+	Pattern string
+
+	// forbid specifies list of file extensions which are forbidden for access.
+	// example: .php, .exe, .bat, .htaccess and etc.
+	Forbid []string
+
+	// Allow specifies list of file extensions which are allowed for access.
+	// example: .php, .exe, .bat, .htaccess and etc.
+	Allow []string
+
+	// Request headers to add to every static.
+	Request map[string]string
+
+	// Response headers to add to every static.
+	Response map[string]string
+}
+
+// Valid returns nil if config is valid.
+func (c *Static) Valid() error {
+	const op = errors.Op("static_plugin_valid")
+	st, err := os.Stat(c.Dir)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return errors.E(op, errors.Errorf("root directory '%s' does not exists", c.Dir))
+		}
+
+		return err
+	}
+
+	if !st.IsDir() {
+		return errors.E(op, errors.Errorf("invalid root directory '%s'", c.Dir))
+	}
+
+	return nil
+}
diff --git a/plugins/http/plugin.go b/plugins/http/plugin.go
index 01bd243f..dcfb7ddb 100644
--- a/plugins/http/plugin.go
+++ b/plugins/http/plugin.go
@@ -59,7 +59,9 @@ type Plugin struct {
 	// stdlog passed to the http/https/fcgi servers to log their internal messages
 	stdLog *log.Logger
 
+	// http configuration
 	cfg *httpConfig.HTTP `mapstructure:"http"`
+
 	// middlewares to chain
 	mdwr middleware
 
@@ -138,7 +140,7 @@ func (s *Plugin) Serve() chan error {
 	return errCh
 }
 
-func (s *Plugin) serve(errCh chan error) {
+func (s *Plugin) serve(errCh chan error) { //nolint:gocognit
 	var err error
 	const op = errors.Op("http_plugin_serve")
 	s.pool, err = s.server.NewWorkerPool(context.Background(), pool.Config{
@@ -167,11 +169,37 @@ func (s *Plugin) serve(errCh chan error) {
 
 	s.handler.AddListener(s.logCallback)
 
+	// Create new HTTP Multiplexer
+	mux := http.NewServeMux()
+
+	// if we have static, handler here, create a fileserver
+	if s.cfg.Static != nil {
+		h := http.FileServer(StaticFilesHandler(s.cfg.Static))
+		// Static files handler
+		mux.HandleFunc(s.cfg.Static.Pattern, func(w http.ResponseWriter, r *http.Request) {
+			if s.cfg.Static.Request != nil {
+				for k, v := range s.cfg.Static.Request {
+					r.Header.Add(k, v)
+				}
+			}
+
+			if s.cfg.Static.Response != nil {
+				for k, v := range s.cfg.Static.Response {
+					w.Header().Set(k, v)
+				}
+			}
+
+			h.ServeHTTP(w, r)
+		})
+	}
+
+	mux.HandleFunc("/", s.ServeHTTP)
+
 	if s.cfg.EnableHTTP() {
 		if s.cfg.EnableH2C() {
-			s.http = &http.Server{Handler: h2c.NewHandler(s, &http2.Server{}), ErrorLog: s.stdLog}
+			s.http = &http.Server{Handler: h2c.NewHandler(mux, &http2.Server{}), ErrorLog: s.stdLog}
 		} else {
-			s.http = &http.Server{Handler: s, ErrorLog: s.stdLog}
+			s.http = &http.Server{Handler: mux, ErrorLog: s.stdLog}
 		}
 	}
 
@@ -195,7 +223,7 @@ func (s *Plugin) serve(errCh chan error) {
 	}
 
 	if s.cfg.EnableFCGI() {
-		s.fcgi = &http.Server{Handler: s, ErrorLog: s.stdLog}
+		s.fcgi = &http.Server{Handler: mux, ErrorLog: s.stdLog}
 	}
 
 	// start http, https and fcgi servers if requested in the config
@@ -216,9 +244,11 @@ func (s *Plugin) serveHTTP(errCh chan error) {
 	if s.http == nil {
 		return
 	}
-
 	const op = errors.Op("http_plugin_serve_http")
-	applyMiddlewares(s.http, s.mdwr, s.cfg.Middleware, s.log)
+
+	if len(s.mdwr) > 0 {
+		applyMiddlewares(s.http, s.mdwr, s.cfg.Middleware, s.log)
+	}
 	l, err := utils.CreateListener(s.cfg.Address)
 	if err != nil {
 		errCh <- errors.E(op, err)
@@ -236,9 +266,10 @@ func (s *Plugin) serveHTTPS(errCh chan error) {
 	if s.https == nil {
 		return
 	}
-
 	const op = errors.Op("http_plugin_serve_https")
-	applyMiddlewares(s.https, s.mdwr, s.cfg.Middleware, s.log)
+	if len(s.mdwr) > 0 {
+		applyMiddlewares(s.https, s.mdwr, s.cfg.Middleware, s.log)
+	}
 	l, err := utils.CreateListener(s.cfg.SSLConfig.Address)
 	if err != nil {
 		errCh <- errors.E(op, err)
@@ -262,9 +293,12 @@ func (s *Plugin) serveFCGI(errCh chan error) {
 	if s.fcgi == nil {
 		return
 	}
-
 	const op = errors.Op("http_plugin_serve_fcgi")
-	applyMiddlewares(s.fcgi, s.mdwr, s.cfg.Middleware, s.log)
+
+	if len(s.mdwr) > 0 {
+		applyMiddlewares(s.https, s.mdwr, s.cfg.Middleware, s.log)
+	}
+
 	l, err := utils.CreateListener(s.cfg.FCGIConfig.Address)
 	if err != nil {
 		errCh <- errors.E(op, err)
@@ -607,9 +641,6 @@ func (s *Plugin) tlsAddr(host string, forcePort bool) string {
 }
 
 func applyMiddlewares(server *http.Server, middlewares map[string]Middleware, order []string, log logger.Logger) {
-	if len(middlewares) == 0 {
-		return
-	}
 	for i := 0; i < len(order); i++ {
 		if mdwr, ok := middlewares[order[i]]; ok {
 			server.Handler = mdwr.Middleware(server.Handler)
diff --git a/plugins/http/static.go b/plugins/http/static.go
new file mode 100644
index 00000000..be977fb3
--- /dev/null
+++ b/plugins/http/static.go
@@ -0,0 +1,88 @@
+package http
+
+import (
+	"io/fs"
+	"net/http"
+	"path/filepath"
+	"strings"
+
+	httpConfig "github.com/spiral/roadrunner/v2/plugins/http/config"
+)
+
+type ExtensionFilter struct {
+	allowed   map[string]struct{}
+	forbidden map[string]struct{}
+}
+
+func NewExtensionFilter(allow, forbid []string) *ExtensionFilter {
+	ef := &ExtensionFilter{
+		allowed:   make(map[string]struct{}, len(allow)),
+		forbidden: make(map[string]struct{}, len(forbid)),
+	}
+
+	for i := 0; i < len(forbid); i++ {
+		// skip empty lines
+		if forbid[i] == "" {
+			continue
+		}
+		ef.forbidden[forbid[i]] = struct{}{}
+	}
+
+	for i := 0; i < len(allow); i++ {
+		// skip empty lines
+		if allow[i] == "" {
+			continue
+		}
+		ef.allowed[allow[i]] = struct{}{}
+	}
+
+	// check if any forbidden items presented in the allowed
+	// if presented, delete such items from allowed
+	for k := range ef.allowed {
+		if _, ok := ef.forbidden[k]; ok {
+			delete(ef.allowed, k)
+		}
+	}
+
+	return ef
+}
+
+type FileSystem struct {
+	ef *ExtensionFilter
+	// embedded
+	http.FileSystem
+}
+
+// Open wrapper around http.FileSystem Open method, name here is the name of the
+func (f FileSystem) Open(name string) (http.File, error) {
+	file, err := f.FileSystem.Open(name)
+	if err != nil {
+		return nil, err
+	}
+
+	fstat, err := file.Stat()
+	if err != nil {
+		return nil, fs.ErrNotExist
+	}
+
+	if fstat.IsDir() {
+		return nil, fs.ErrPermission
+	}
+
+	ext := strings.ToLower(filepath.Ext(fstat.Name()))
+	if _, ok := f.ef.forbidden[ext]; ok {
+		return nil, fs.ErrPermission
+	}
+
+	// if file extension is allowed, append it to the FileInfo slice
+	if _, ok := f.ef.allowed[ext]; ok {
+		return file, nil
+	}
+
+	return nil, fs.ErrNotExist
+}
+
+// StaticFilesHandler is a constructor for the http.FileSystem
+func StaticFilesHandler(config *httpConfig.Static) http.FileSystem {
+	return FileSystem{NewExtensionFilter(config.Allow, config.Forbid), http.Dir(config.Dir)}
+}
diff --git a/plugins/static/config.go b/plugins/static/config.go
deleted file mode 100644
index 2519c04f..00000000
--- a/plugins/static/config.go
+++ /dev/null
@@ -1,52 +0,0 @@
-package static
-
-import (
-	"os"
-
-	"github.com/spiral/errors"
-)
-
-// Config describes file location and controls access to them.
-type Config struct {
-	Static *struct {
-		// Dir contains name of directory to control access to.
-		Dir string
-
-		// forbid specifies list of file extensions which are forbidden for access.
-		// example: .php, .exe, .bat, .htaccess and etc.
-		Forbid []string
-
-		// Allow specifies list of file extensions which are allowed for access.
-		// example: .php, .exe, .bat, .htaccess and etc.
-		Allow []string
-
-		// Always specifies list of extensions which must always be served by static
-		// service, even if file not found.
-		Always []string
-
-		// Request headers to add to every static.
-		Request map[string]string
-
-		// Response headers to add to every static.
-		Response map[string]string
-	}
-}
-
-// Valid returns nil if config is valid.
-func (c *Config) Valid() error {
-	const op = errors.Op("static_plugin_valid")
-	st, err := os.Stat(c.Static.Dir)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return errors.E(op, errors.Errorf("root directory '%s' does not exists", c.Static.Dir))
-		}
-
-		return err
-	}
-
-	if !st.IsDir() {
-		return errors.E(op, errors.Errorf("invalid root directory '%s'", c.Static.Dir))
-	}
-
-	return nil
-}
diff --git a/plugins/static/plugin.go b/plugins/static/plugin.go
deleted file mode 100644
index b6c25f3d..00000000
--- a/plugins/static/plugin.go
+++ /dev/null
@@ -1,186 +0,0 @@
-package static
-
-import (
-	"io/fs"
-	"net/http"
-	"path"
-	"strings"
-
-	"github.com/spiral/errors"
-	"github.com/spiral/roadrunner/v2/plugins/config"
-	"github.com/spiral/roadrunner/v2/plugins/logger"
-)
-
-// ID contains default service name.
-const PluginName = "static"
-
-const RootPluginName = "http"
-
-// Plugin serves static files. Potentially convert into middleware?
-type Plugin struct {
-	// server configuration (location, forbidden files and etc)
-	cfg *Config
-
-	log logger.Logger
-
-	// root is initiated http directory
-	root http.Dir
-
-	// file extensions which are allowed to be served
-	allowedExtensions map[string]struct{}
-
-	// file extensions which are forbidden to be served
-	forbiddenExtensions map[string]struct{}
-
-	alwaysServe map[string]struct{}
-}
-
-// Init must return configure service and return true if service hasStatus enabled. Must return error in case of
-// misconfiguration. Services must not be used without proper configuration pushed first.
-func (s *Plugin) Init(cfg config.Configurer, log logger.Logger) error {
-	const op = errors.Op("static_plugin_init")
-	if !cfg.Has(RootPluginName) {
-		return errors.E(op, errors.Disabled)
-	}
-
-	err := cfg.UnmarshalKey(RootPluginName, &s.cfg)
-	if err != nil {
-		return errors.E(op, errors.Disabled, err)
-	}
-
-	if s.cfg.Static == nil {
-		return errors.E(op, errors.Disabled)
-	}
-
-	s.log = log
-	s.root = http.Dir(s.cfg.Static.Dir)
-
-	err = s.cfg.Valid()
-	if err != nil {
-		return errors.E(op, err)
-	}
-
-	// create 2 hashmaps with the allowed and forbidden file extensions
-	s.allowedExtensions = make(map[string]struct{}, len(s.cfg.Static.Allow))
-	s.forbiddenExtensions = make(map[string]struct{}, len(s.cfg.Static.Forbid))
-	s.alwaysServe = make(map[string]struct{}, len(s.cfg.Static.Always))
-
-	for i := 0; i < len(s.cfg.Static.Forbid); i++ {
-		s.forbiddenExtensions[s.cfg.Static.Forbid[i]] = struct{}{}
-	}
-
-	for i := 0; i < len(s.cfg.Static.Allow); i++ {
-		s.forbiddenExtensions[s.cfg.Static.Allow[i]] = struct{}{}
-	}
-
-	// check if any forbidden items presented in the allowed
-	// if presented, delete such items from allowed
-	for k := range s.forbiddenExtensions {
-		if _, ok := s.allowedExtensions[k]; ok {
-			delete(s.allowedExtensions, k)
-		}
-	}
-
-	for i := 0; i < len(s.cfg.Static.Always); i++ {
-		s.alwaysServe[s.cfg.Static.Always[i]] = struct{}{}
-	}
-
-	// at this point we have distinct allowed and forbidden hashmaps, also with alwaysServed
-
-	return nil
-}
-
-func (s *Plugin) Name() string {
-	return PluginName
-}
-
-// Middleware must return true if request/response pair is handled within the middleware.
-func (s *Plugin) Middleware(next http.Handler) http.HandlerFunc {
-	// Define the http.HandlerFunc
-	return func(w http.ResponseWriter, r *http.Request) {
-		if s.cfg.Static.Request != nil {
-			for k, v := range s.cfg.Static.Request {
-				r.Header.Add(k, v)
-			}
-		}
-
-		if s.cfg.Static.Response != nil {
-			for k, v := range s.cfg.Static.Response {
-				w.Header().Set(k, v)
-			}
-		}
-
-		fPath := path.Clean(r.URL.Path)
-		ext := strings.ToLower(path.Ext(fPath))
-
-		// check that file is in forbidden list
-		if _, ok := s.forbiddenExtensions[ext]; ok {
-			http.Error(w, "file is forbidden", 404)
-			return
-		}
-
-		f, err := s.root.Open(fPath)
-		if err != nil {
-			// if we should always serve files with some extensions
-			// show error to the user and invoke next middleware
-			if _, ok := s.alwaysServe[ext]; ok {
-				//http.Error(w, err.Error(), 404)
-				w.WriteHeader(404)
-				next.ServeHTTP(w, r)
-				return
-			}
-			// else, return with error
-			http.Error(w, err.Error(), 404)
-			return
-		}
-
-		defer func() {
-			err = f.Close()
-			if err != nil {
-				s.log.Error("file close error", "error", err)
-			}
-		}()
-
-		// here we know, that file extension is not in the AlwaysServe and file exists
-		// (or by some reason, there is no error from the http.Open method)
-
-		// if we have some allowed extensions, we should check them
-		if len(s.allowedExtensions) > 0 {
-			if _, ok := s.allowedExtensions[ext]; ok {
-				d, err := s.check(f)
-				if err != nil {
-					http.Error(w, err.Error(), 404)
-					return
-				}
-
-				http.ServeContent(w, r, d.Name(), d.ModTime(), f)
-			}
-			// otherwise we guess, that all file extensions are allowed
-		} else {
-			d, err := s.check(f)
-			if err != nil {
-				http.Error(w, err.Error(), 404)
-				return
-			}
-
-			http.ServeContent(w, r, d.Name(), d.ModTime(), f)
-		}
-
-		next.ServeHTTP(w, r)
-	}
-}
-
-func (s *Plugin) check(f http.File) (fs.FileInfo, error) {
-	const op = errors.Op("http_file_check")
-	d, err := f.Stat()
-	if err != nil {
-		return nil, err
-	}
-
-	// do not serve directories
-	if d.IsDir() {
-		return nil, errors.E(op, errors.Str("directory path provided, should be path to the file"))
-	}
-
-	return d, nil
-}