From 75e5102ffd532a50604f6a95864fa6a13c32c235 Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Sat, 5 Mar 2022 01:29:05 +0330 Subject: rss, WIP --- server.js | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'server.js') diff --git a/server.js b/server.js index ec4350e..6ae2184 100755 --- a/server.js +++ b/server.js @@ -33,6 +33,10 @@ app.engine("ejs", require("ejs").__express); app.use(helmet()); app.use(morgan("combined")); +async function enumerateDir() { + return await fs.readdirSync(path.join(__dirname, "mds")); +} + function renderAndSend(req, res) { try { let viewPath; @@ -90,10 +94,13 @@ app.get("/robots.txt", (req, res) => { res.send(robots_txt); }); -// app.get("/rss/feed", (req, res) => { -// let html = pug.renderFile("./views/rss_feed.pug", merge(options, localls)); -// res.send(html); -// }); +app.get("/rss/feed", (req, res) => { + const compiledFunction = pug.compileFile("./views/rss_feed.pug"); + const files = fs.readdirSync(path.join(__dirname, "mds")); + for (const file of files) { + res.send(compiledFunction(file)); + } +}); app.get("/$", (req, res) => { renderAndSend(req, res); @@ -106,10 +113,6 @@ app.get("/mds/:mdname$", (req, res) => { renderAndSend(req, res); }); -async function enumerateDir() { - return await fs.readdirSync(path.join(__dirname, "mds")); -} - app.use(sitemap(enumerateDir, "https://blog.terminaldweller.com")); app.use((req, res) => { -- cgit v1.2.3 From 607b16ff74512cf70bb49efa553809bf9f5c8a84 Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Fri, 25 Mar 2022 19:06:57 +0430 Subject: wip --- server.js | 36 +++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) (limited to 'server.js') diff --git a/server.js b/server.js index 6ae2184..4b67056 100755 --- a/server.js +++ b/server.js @@ -25,12 +25,46 @@ const morgan = require("morgan"); const pug = require("pug"); const app = express(); +app.disable("x-powered-by"); app.use(express.static(path.join(__dirname, "css"))); app.use(express.static(path.join(__dirname, "static"))); app.set("views", path.join(__dirname, "views")); app.set("view engine", "ejs"); app.engine("ejs", require("ejs").__express); -app.use(helmet()); + +app.use(helmet.crossOriginEmbedderPolicy()); +app.use(helmet.crossOriginOpenerPolicy()); +app.use(helmet.crossOriginResourcePolicy()); +app.use(helmet.dnsPrefetchControl()); +app.use(helmet.expectCt()); +app.use(helmet.frameguard()); +app.use(helmet.hidePoweredBy()); +app.use(helmet.hsts()); +app.use(helmet.ieNoOpen()); +app.use(helmet.noSniff()); +app.use(helmet.originAgentCluster()); +app.use(helmet.permittedCrossDomainPolicies()); +app.use(helmet.referrerPolicy()); +app.use(helmet.xssFilter()); +app.use((req, res, next) => { + res.setHeader( + "Permissions-Policy", + "geolocation=(none),midi=(none),notifications=(none),push=(none),sync-xhr=(none),microphone=(none),camera=(none),magnetometer=(none),gyroscope=(none),speaker=(none),vibrate=(none),fullscreen=(self),payment=(none)" + ); + next(); +}); +app.use( + helmet.contentSecurityPolicy({ + useDefaults: false, + directives: { + baseUri: ["self"], + defaultSrc: ["self"], + scriptSrc: ["none"], + styleSrc: ["self", "https:", "unsafef-inline"], + }, + }) +); + app.use(morgan("combined")); async function enumerateDir() { -- cgit v1.2.3 From acd76a660ad5cc6502e78553fbb3a4ad8f58ec7a Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Fri, 8 Apr 2022 10:45:41 +0430 Subject: updated the permissions policiy --- server.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'server.js') diff --git a/server.js b/server.js index 4b67056..a42072f 100755 --- a/server.js +++ b/server.js @@ -49,7 +49,7 @@ app.use(helmet.xssFilter()); app.use((req, res, next) => { res.setHeader( "Permissions-Policy", - "geolocation=(none),midi=(none),notifications=(none),push=(none),sync-xhr=(none),microphone=(none),camera=(none),magnetometer=(none),gyroscope=(none),speaker=(none),vibrate=(none),fullscreen=(self),payment=(none)" + "geolocation=(self),midi=(self),sync-xhr=(self),microphone=(self),camera=(self),magnetometer=(self),gyroscope=(self),fullscreen=(self),payment=(self),usb=(self)" ); next(); }); -- cgit v1.2.3 From 4eaa437c0a285c617e30a533d1ef369eaa8644a6 Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Tue, 5 Jul 2022 20:19:16 +0430 Subject: WIP, adding rss to the blog --- server.js | 34 +++++++++++++++++++++++++--------- 1 file changed, 25 insertions(+), 9 deletions(-) (limited to 'server.js') diff --git a/server.js b/server.js index a42072f..bd23a1f 100755 --- a/server.js +++ b/server.js @@ -22,15 +22,23 @@ const mit = require("markdown-it")({ html: true }) const spdy = require("spdy"); const helmet = require("helmet"); const morgan = require("morgan"); -const pug = require("pug"); +// const pug = require("pug"); +const model = require("./model"); + +model.dbInit(); +model.populateDB(model.blogPost); const app = express(); app.disable("x-powered-by"); app.use(express.static(path.join(__dirname, "css"))); app.use(express.static(path.join(__dirname, "static"))); app.set("views", path.join(__dirname, "views")); +// app.set("view engine", "ejs"); +// app.engine("ejs", require("ejs").__express); +// app.engine("pug", require("pug").renderFilej); +// app.engine("pug", "pug"); app.set("view engine", "ejs"); -app.engine("ejs", require("ejs").__express); +app.set("view engine", "pug"); app.use(helmet.crossOriginEmbedderPolicy()); app.use(helmet.crossOriginOpenerPolicy()); @@ -85,7 +93,7 @@ function renderAndSend(req, res) { ); //FIXME-this can obviously fail readStream.on("data", (chunk) => { - res.render("index", { + res.render("index.ejs", { cache: true, data: { blogHttp: mit.render(chunk), @@ -111,7 +119,7 @@ app.get("/about", (req, res) => { app.get("/archive", (req, res) => { res.type("text/html"); - res.render("archive", { + res.render("archive.ejs", { cache: true, data: { mds: fs.readdirSync(path.join(__dirname, "mds"), "utf-8"), @@ -129,11 +137,19 @@ app.get("/robots.txt", (req, res) => { }); app.get("/rss/feed", (req, res) => { - const compiledFunction = pug.compileFile("./views/rss_feed.pug"); - const files = fs.readdirSync(path.join(__dirname, "mds")); - for (const file of files) { - res.send(compiledFunction(file)); - } + model.blogPost + .find({}) + .sort("-lastUpdatedAt") + .select("title slug lastUpdatedAt teaser") + .exec(function (err, posts) { + if (err) return err; + return res.render("rss_feed.pug", { cache: true, posts: posts }); + }); + // const compiledFunction = pug.compileFile("./views/rss_feed.pug"); + // const files = fs.readdirSync(path.join(__dirname, "mds")); + // for (const file of files) { + // res.send(compiledFunction(file)); + // } }); app.get("/$", (req, res) => { -- cgit v1.2.3 From dc57f759c616a23b1baf10b1ea71cca6ba581831 Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Wed, 6 Jul 2022 14:31:50 +0430 Subject: now the blog uses the db for everything. now need to decide on how to populate the DB and prevent duplication --- server.js | 93 ++++++++++++++++++++++++++++++++++++--------------------------- 1 file changed, 53 insertions(+), 40 deletions(-) (limited to 'server.js') diff --git a/server.js b/server.js index bd23a1f..4c2be0c 100755 --- a/server.js +++ b/server.js @@ -22,7 +22,6 @@ const mit = require("markdown-it")({ html: true }) const spdy = require("spdy"); const helmet = require("helmet"); const morgan = require("morgan"); -// const pug = require("pug"); const model = require("./model"); model.dbInit(); @@ -33,10 +32,6 @@ app.disable("x-powered-by"); app.use(express.static(path.join(__dirname, "css"))); app.use(express.static(path.join(__dirname, "static"))); app.set("views", path.join(__dirname, "views")); -// app.set("view engine", "ejs"); -// app.engine("ejs", require("ejs").__express); -// app.engine("pug", require("pug").renderFilej); -// app.engine("pug", "pug"); app.set("view engine", "ejs"); app.set("view engine", "pug"); @@ -79,31 +74,29 @@ async function enumerateDir() { return await fs.readdirSync(path.join(__dirname, "mds")); } -function renderAndSend(req, res) { - try { - let viewPath; - if (req.path == "/") { - viewPath = "mds/cstruct2luatable.md"; - } else { - viewPath = req.path; - } - let readStream = fs.createReadStream( - path.join(__dirname, viewPath), - "utf-8" - ); - //FIXME-this can obviously fail - readStream.on("data", (chunk) => { - res.render("index.ejs", { +function renderAndSend_v2(req, res) { + model.blogPost + .findOne( + { _slug: req.path }, + { + projection: { + _id: 0, + title: 0, + teaser: 0, + }, + } + ) + .exec(function (err, blogPost) { + if (err) return err; + return res.render("index.ejs", { cache: true, data: { - blogHttp: mit.render(chunk), - mds: fs.readdirSync(path.join(__dirname, "mds"), "utf-8"), + blogHttp: mit.render(blogPost.body), + lastUpdatedAt: blogPost.lastUpdatedAt, + keywords: blogPost.keywords, }, }); }); - } catch (err) { - console.log(err); - } } app.get("/health", (req, res) => { @@ -119,12 +112,23 @@ app.get("/about", (req, res) => { app.get("/archive", (req, res) => { res.type("text/html"); - res.render("archive.ejs", { - cache: true, - data: { - mds: fs.readdirSync(path.join(__dirname, "mds"), "utf-8"), - }, - }); + model.blogPost + .find({}, { _id: 0, body: 0, teaser: 0, keywords: 0, lastUpdatedAt: 0 }) + .exec(function (err, blogPosts) { + if (err) return err; + res.render("archive.ejs", { + cache: true, + data: { + blogPosts: blogPosts, + }, + }); + }); + // res.render("archive.ejs", { + // cache: true, + // data: { + // mds: fs.readdirSync(path.join(__dirname, "mds"), "utf-8"), + // }, + // }); }); app.get("/robots.txt", (req, res) => { @@ -145,22 +149,31 @@ app.get("/rss/feed", (req, res) => { if (err) return err; return res.render("rss_feed.pug", { cache: true, posts: posts }); }); - // const compiledFunction = pug.compileFile("./views/rss_feed.pug"); - // const files = fs.readdirSync(path.join(__dirname, "mds")); - // for (const file of files) { - // res.send(compiledFunction(file)); - // } }); app.get("/$", (req, res) => { - renderAndSend(req, res); + model.blogPost + .find({}, { projection: { _id: 0, title: 0, teaser: 0 } }) + .limit(1) + .sort({ $natural: -1 }) + .exec(function (err, blogPost) { + if (err) return err; + return res.render("index.ejs", { + cache: true, + data: { + blogHttp: mit.render(blogPost[0].body), + lastUpdatedAt: blogPost[0].lastUpdatedAt, + keywords: blogPost[0].keywords, + }, + }); + }); }); -app.get("/mds/:mdname$", (req, res) => { - if (req.params["mdname"] == "") { +app.get("/posts/:postName", (req, res) => { + if (req.params["postName"] == "") { res.write("nothing requested!"); } - renderAndSend(req, res); + renderAndSend_v2(req, res); }); app.use(sitemap(enumerateDir, "https://blog.terminaldweller.com")); -- cgit v1.2.3 From fc713bcbb320ff692cac6332f5aa587dc817305c Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Wed, 6 Jul 2022 15:54:39 +0430 Subject: WIP, we now have to fix the pug template which is not working --- server.js | 6 ------ 1 file changed, 6 deletions(-) (limited to 'server.js') diff --git a/server.js b/server.js index 4c2be0c..6d51d1b 100755 --- a/server.js +++ b/server.js @@ -123,12 +123,6 @@ app.get("/archive", (req, res) => { }, }); }); - // res.render("archive.ejs", { - // cache: true, - // data: { - // mds: fs.readdirSync(path.join(__dirname, "mds"), "utf-8"), - // }, - // }); }); app.get("/robots.txt", (req, res) => { -- cgit v1.2.3 From c9f5b12ab281c8889364bfb2455dc97fdb92e9f9 Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Wed, 6 Jul 2022 16:23:42 +0430 Subject: a newer simpler template for the rss feed --- server.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'server.js') diff --git a/server.js b/server.js index 6d51d1b..286932d 100755 --- a/server.js +++ b/server.js @@ -25,7 +25,7 @@ const morgan = require("morgan"); const model = require("./model"); model.dbInit(); -model.populateDB(model.blogPost); +// model.populateDB(model.blogPost); const app = express(); app.disable("x-powered-by"); @@ -141,7 +141,7 @@ app.get("/rss/feed", (req, res) => { .select("title slug lastUpdatedAt teaser") .exec(function (err, posts) { if (err) return err; - return res.render("rss_feed.pug", { cache: true, posts: posts }); + return res.render("rss_feed_v2.pug", { cache: true, posts: posts }); }); }); -- cgit v1.2.3 From 4302411fb080456ba5047a2b98700ae52a0fad29 Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Wed, 6 Jul 2022 16:58:04 +0430 Subject: fixed rss validator errors except atom error --- server.js | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'server.js') diff --git a/server.js b/server.js index 286932d..b609018 100755 --- a/server.js +++ b/server.js @@ -74,10 +74,10 @@ async function enumerateDir() { return await fs.readdirSync(path.join(__dirname, "mds")); } -function renderAndSend_v2(req, res) { +function renderAndSend_v2(req, res, slug) { model.blogPost .findOne( - { _slug: req.path }, + { slug: slug }, { projection: { _id: 0, @@ -135,6 +135,7 @@ app.get("/robots.txt", (req, res) => { }); app.get("/rss/feed", (req, res) => { + res.type("application/rss+xml"); model.blogPost .find({}) .sort("-lastUpdatedAt") @@ -145,6 +146,13 @@ app.get("/rss/feed", (req, res) => { }); }); +app.get("/posts/:postName", (req, res) => { + if (req.params["postName"] == "") { + res.write("nothing requested!"); + } + renderAndSend_v2(req, res, req.params.postName); +}); + app.get("/$", (req, res) => { model.blogPost .find({}, { projection: { _id: 0, title: 0, teaser: 0 } }) @@ -163,13 +171,6 @@ app.get("/$", (req, res) => { }); }); -app.get("/posts/:postName", (req, res) => { - if (req.params["postName"] == "") { - res.write("nothing requested!"); - } - renderAndSend_v2(req, res); -}); - app.use(sitemap(enumerateDir, "https://blog.terminaldweller.com")); app.use((req, res) => { -- cgit v1.2.3 From 2c437f4ca76e107ce3eb3c93ae2fc183caf6caab Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Wed, 6 Jul 2022 17:05:17 +0430 Subject: more fixes for the rss feed --- server.js | 1 - 1 file changed, 1 deletion(-) (limited to 'server.js') diff --git a/server.js b/server.js index b609018..eea4695 100755 --- a/server.js +++ b/server.js @@ -25,7 +25,6 @@ const morgan = require("morgan"); const model = require("./model"); model.dbInit(); -// model.populateDB(model.blogPost); const app = express(); app.disable("x-powered-by"); -- cgit v1.2.3