Introduce sandbox folder

.gitignore

@@ -1,3 +1,6 @@
+# Random files to check for function
+sandbox/*
+
 # Logs
 logs
 *.log

index.js

@@ -34,13 +34,16 @@ const DIR=settings.dirname;
 app.use(bodyParser.urlencoded({extended:false}))
 app.use(bodyParser.json())
 
+// Check if a given directory is within the main defined directory or not
 let inDir = (dircheck,dirmain) => !path.relative(path.normalize(dircheck), dirmain).startsWith('..')
 
+
+
+
 //Get folder details
 
 app.post('/files/ls',(req,res,next)=>{
     const location = processing.mergedir(req.body.loc,settings)
-    //console.log(path.relative( path.normalize(settings.dirname) ,location))
 
     //Make sure not escaping the given path; insecure
     if(inDir(settings.dirname,location)){
@@ -64,6 +67,11 @@ app.post('/files/ls',(req,res,next)=>{
     //next()
 })
 
+app.post('/files/ls',(res,rep,next)=>{
+
+})
+
+
 //Attempt to upload a file - Placeholder
 app.put('/files/upload',(req,res)=>{
     console.log("Upload attempted")
@@ -87,4 +95,8 @@ app.listen(port,()=>{
     console.log(`Listening : ${port}`)
 })
 
+app.use((err,req,res,next)=>{
+    res.status(500).json({error:`${err}`})
+})
+
 module.exports = app;

settings.json

@@ -1,5 +1,5 @@
 {
-    "dirname":"./",
+    "dirname":"./sandbox/",
     "sqlFileName":"test.db",
     "showHidden":false,
     "authToUpload":false

test.js

@@ -28,4 +28,10 @@ describe('Page Status',()=>{
             done()
         })
     })
+    it('POST for some file that does not exist',done=>{
+        chai.request(testScript).post('/files/ls').send({'loc':'\\'}).end((err,res)=>{
+            res.should.have.status(500)
+            done()
+        })
+    })
 })