public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Bugfix for not loading plugins until after db, plus moved padursanitize into own module

pull/528/head
Egil Moeller 2012-02-24 23:38:37 +01:00
parent e3770e42b6
commit 0730eb5b8d
3 changed files with 41 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
node/padurlsanitize.js Normal file
View File

@ -0,0 +1,29 @@
var padManager = require('./db/PadManager');
exports.expressServer = function (hook_name, args, cb) {
//redirects browser to the pad's sanitized url if needed. otherwise, renders the html
args.app.param('pad', function (req, res, next, padId) {
//ensure the padname is valid and the url doesn't end with a /
if(!padManager.isValidPadId(padId) || /\/$/.test(req.url))
{
res.send('Such a padname is forbidden', 404);
}
else
{
padManager.sanitizePadId(padId, function(sanitizedPadId) {
//the pad id was sanitized, so we redirect to the sanitized version
if(sanitizedPadId != padId)
{
var real_path = req.path.replace(/^\/p\/[^\/]+/, '/p/' + sanitizedPadId);
res.header('Location', real_path);
res.send('You should be redirected to <a href="' + real_path + '">' + real_path + '</a>', 302);
}
//the pad id was fine, so just render it
else
{
next();
}
});
}
});
}

38
node/server.js
View File

@ -70,6 +70,12 @@ exports.maxAge = 1000*60*60*6;
log4js.setGlobalLogLevel(settings.loglevel); log4js.setGlobalLogLevel(settings.loglevel);
async.waterfall([ async.waterfall([
//initalize the database
function (callback)
{
db.init(callback);
},
plugins.update, plugins.update,
function (callback) { function (callback) {
@ -79,11 +85,6 @@ async.waterfall([
callback(); callback();
}, },
//initalize the database
function (callback)
{
db.init(callback);
},
//initalize the http server //initalize the http server
function (callback) function (callback)
{ {
@ -97,33 +98,6 @@ async.waterfall([
next(); next();
}); });
//redirects browser to the pad's sanitized url if needed. otherwise, renders the html
app.param('pad', function (req, res, next, padId) {
//ensure the padname is valid and the url doesn't end with a /
if(!padManager.isValidPadId(padId) || /\/$/.test(req.url))
{
res.send('Such a padname is forbidden', 404);
}
else
{
padManager.sanitizePadId(padId, function(sanitizedPadId) {
//the pad id was sanitized, so we redirect to the sanitized version
if(sanitizedPadId != padId)
{
var real_path = req.path.replace(/^\/p\/[^\/]+/, '/p/' + sanitizedPadId);
res.header('Location', real_path);
res.send('You should be redirected to <a href="' + real_path + '">' + real_path + '</a>', 302);
}
//the pad id was fine, so just render it
else
{
next();
}
});
}
});
//load modules that needs a initalized db //load modules that needs a initalized db
readOnlyManager = require("./db/ReadOnlyManager"); readOnlyManager = require("./db/ReadOnlyManager");
exporthtml = require("./utils/ExportHtml"); exporthtml = require("./utils/ExportHtml");

6
pluginomatic.json
View File

@ -11,6 +11,12 @@
"hooks": { "hooks": {
"expressServer": "../specialpages:expressServer" "expressServer": "../specialpages:expressServer"
} }
},
{
"name": "padurlsanitize",
"hooks": {
"expressServer": "../padurlsanitize:expressServer"
}
} }
] ]
} }