Skip to content

Jagrit3500/multi-threaded-http-server

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
resources
resources
 
 
README.md
README.md
 
 
server.py
server.py
 
 

Repository files navigation

Multi-threaded HTTP Server

Repository: Jagrit3500/multi-threaded-http-server

Overview

This project is a multi-threaded HTTP server implemented from scratch using low-level socket programming. The server is designed to handle multiple concurrent clients, serve static and binary files via GET requests, process JSON data via POST requests, and enforce security measures such as path traversal protection and host validation. It supports HTTP/1.1 features like persistent connections and connection timeouts.

Features

  • Configurable server:

    • Default host: localhost (127.0.0.1)
    • Default port: 8080
    • Configurable thread pool size (default: 10)
    • Command-line arguments:
      python server.py [port] [host] [max_threads]

  • TCP socket communication:

    • Handles client connections using TCP sockets
    • Queue size for incoming connections: ≥ 50

  • Multi-threading & concurrency:

    • Thread pool with configurable size
    • Queues connections if all threads are busy
    • Proper synchronization of shared resources

  • HTTP request handling:

    • Supports GET and POST methods
    • Parses request method, path, version, and headers
    • Returns appropriate error codes for invalid requests

  • File serving:

    • Serves .html files for browser rendering
    • Serves .png, .jpg/.jpeg, .txt files as binary downloads
    • Only these file types allowed; others return error

  • POST uploads:

    • Accepts only application/json for uploads
    • Saves JSON files in resources/uploads/ with timestamped filenames

  • Security:

    • Prevents directory traversal and access to unauthorized paths
    • Validates Host header for incoming requests

  • Connection management:

    • Supports keep-alive/persistent connections
    • 30 second timeout for persistent connections
    • Maximum 100 requests per connection

  • Comprehensive logging:

    • Logs startup, request handling, thread pool status, file transfers, and security events, all with timestamps

Directory Structure

project/
├── server.py
├── resources/
│   ├── index.html
│   ├── about.html
│   ├── contact.html
│   ├── sample.txt
│   ├── logo.png
│   ├── logo2.png
│   ├── photo.jpg
│   ├── photo2.jpg
│   └── uploads/

How to Run

Prerequisites:

  • Python 3.x (no external dependencies required)

Commands:

python server.py                   # Runs on localhost:8080, 10 threads
python server.py 8000              # Runs on localhost:8000, 10 threads
python server.py 8000 0.0.0.0 20   # Runs on 0.0.0.0:8000, 20 threads

Testing

Prepare the resources/ directory as shown above.
Recommended files:

  • At least 3 HTML files (index.html, about.html, contact.html)
  • At least 2 PNG images (one >1MB)
  • At least 2 JPEG images
  • At least 2 text files
  • Sample JSON files for POST testing

Example requests:

  • GET / → Serves index.html
  • GET /about.html → Serves HTML
  • GET /logo.png, /photo.jpg, /sample.txt → Downloads file
  • POST /upload (with JSON) → Uploads JSON file

Error handling:

  • GET /nonexistent.png → 404 Not Found
  • PUT /index.html → 405 Method Not Allowed
  • POST /upload (non-JSON) → 415 Unsupported Media Type

Security tests:

  • Path traversal attempts (/../etc/passwd, /./././../config) → 403 Forbidden
  • Invalid Host / missing Host → 400/403

Concurrency:

  • Handles multiple simultaneous downloads
  • Queues connections when thread pool is full

Example POST using curl:

curl -X POST -H "Content-Type: application/json" -d "{\"key\":\"value\"}" http://127.0.0.1:8080/upload

Implementation Highlights

  • Files sent in binary mode with 8KB buffer for efficient transfer
  • Uses Content-Disposition header for downloads
  • Strict path validation and host checking for security
  • Thread pool managed with Python's queue.Queue and threading
  • All server activity logged with timestamps

Known Limitations

  • Only supports GET and POST methods
  • Only serves files from resources/
  • Only .html, .txt, .png, .jpg/.jpeg files supported
  • No HTTPS/SSL, no authentication
  • POST uploads limited to JSON

Sample Server Logs

[2025-10-10 13:30:00] HTTP Server started on http://127.0.0.1:8080
[2025-10-10 13:30:00] Thread pool size: 10
[2025-10-10 13:30:15] [Thread-1] Connection from 127.0.0.1:54321
[2025-10-10 13:30:15] [Thread-1] Request: GET /image.png HTTP/1.1
[2025-10-10 13:30:15] [Thread-1] Sending binary file: image.png (45678 bytes)
[2025-10-10 13:35:00] Thread pool status: 8/10 active
[2025-10-10 13:35:30] Warning: Thread pool saturated, queuing connection

Contact

For questions or problems, please open an issue.

About

Multi-threaded HTTP Server built with Python sockets.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages