-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.js
94 lines (81 loc) · 2.31 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
const express = require('express');
const helmet = require('helmet')
const hbs = require('hbs');
const fs = require('fs');
const csp = require('express-csp-header');
const cspMiddleware = csp({
policies: {
'default-src': [csp.NONE],
'script-src': [csp.NONCE],
'style-src': [csp.NONCE],
'img-src': [csp.SELF],
'font-src': [csp.NONCE, 'fonts.gstatic.com'],
'object-src': [csp.NONE],
'block-all-mixed-content': true,
'frame-ancestors': [csp.NONE]
}
});
const port = process.env.PORT || 3000;
var app = express();
app.use(helmet());
app.use(cspMiddleware);
hbs.registerPartials(__dirname + '/views/partials')
app.set('view engine', 'hbs');
app.use((req, res, next) => {
var now = new Date().toString();
var log = `${now}: ${req.method} ${req.url}`;
console.log(log);
fs.appendFile('server.log', log + '\n', err =>{
if(err) console.log("Unable to append to server.log")
});
next();
});
// app.use((req, res, next) => {
// res.render('maintenance.hbs');
// });
app.use(express.static(__dirname + '/public'));
hbs.registerHelper('getCurrentYear', () => {
return new Date().getFullYear();
});
hbs.registerHelper('screamIt', (text) => {
return text.toUpperCase();
});
app.get('/', (req, res) => {
res.render('home.hbs', {
pageTitle: 'Home Page',
welcomeMessage: 'Welcome to my website'
});
});
app.get('/about', (req, res) => {
res.render('about.hbs', {
pageTitle: 'About Page'
});
});
app.get('/projects', (req, res) => {
res.render('projects.hbs', {
pageTitle: 'Projects'
});
});
app.get('/aa', (req, res) => {
console.log(req.nonce)
res.send(`
<h1>Hello World</h1>
<style nonce=${req.nonce}>
.blue { background: cornflowerblue; color: white; }
</style>
<p class="blue">This should have a blue background because of the loaded styles</p>
<style>
.red { background: maroon; color: white; }
</style>
<p class="red">This should not have a red background, the styles are not loaded because of the missing nonce.</p>
`);
});
// /bad - send back json with errorMessage
app.get('/bad', (req, res) => {
res.send({
errorMessage: 'Unable to handle request'
});
});
app.listen(port, () => {
console.log(`Server is up on port ${port}`);
});