From ffe12ebee76e289352ec29b367606ae26f1cbbbc Mon Sep 17 00:00:00 2001
From: David Bolack <dbolack@gmail.com>
Date: Tue, 7 Nov 2023 20:21:19 -0600
Subject: [PATCH 01/10] Add local statics for images and typefaces

This solves issue #1958.

Add static paths /staticImages and /staticFonts

If a local environment is detected ( per existing loginc for login )
paths are added using the values in HB_IMAGES and HB_FONTS or the default values of /staticImages and /staticFonts respectively.
---
 package-lock.json | 6 ++++++
 package.json      | 3 ++-
 server/app.js     | 4 ++++
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/package-lock.json b/package-lock.json
index eac72a7c5..67b44cbf5 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -24,6 +24,7 @@
         "express": "^4.18.2",
         "express-async-handler": "^1.2.0",
         "express-static-gzip": "2.1.7",
+        "fs": "^0.0.1-security",
         "fs-extra": "11.1.1",
         "js-yaml": "^4.1.0",
         "jwt-simple": "^0.5.6",
@@ -6466,6 +6467,11 @@
         "node": ">= 0.6"
       }
     },
+    "node_modules/fs": {
+      "version": "0.0.1-security",
+      "resolved": "https://registry.npmjs.org/fs/-/fs-0.0.1-security.tgz",
+      "integrity": "sha512-3XY9e1pP0CVEUCdj5BmfIZxRBTSDycnbqhIOGec9QYtmVH2fbLpj86CFWkrNOkt/Fvty4KZG5lTglL9j/gJ87w=="
+    },
     "node_modules/fs-extra": {
       "version": "11.1.1",
       "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.1.1.tgz",
diff --git a/package.json b/package.json
index 08992aff4..5e5d263eb 100644
--- a/package.json
+++ b/package.json
@@ -3,7 +3,7 @@
   "description": "Create authentic looking D&D homebrews using only markdown",
   "version": "3.10.0",
   "engines": {
-		"npm": "^10.2.x",
+    "npm": "^10.2.x",
     "node": ">=20.8.x"
   },
   "repository": {
@@ -93,6 +93,7 @@
     "express": "^4.18.2",
     "express-async-handler": "^1.2.0",
     "express-static-gzip": "2.1.7",
+    "fs": "^0.0.1-security",
     "fs-extra": "11.1.1",
     "js-yaml": "^4.1.0",
     "jwt-simple": "^0.5.6",
diff --git a/server/app.js b/server/app.js
index a19030b3a..9ef4518bc 100644
--- a/server/app.js
+++ b/server/app.js
@@ -8,6 +8,7 @@ const express = require('express');
 const yaml = require('js-yaml');
 const app = express();
 const config = require('./config.js');
+const fs = require('fs');
 
 const { homebrewApi, getBrew } = require('./homebrew.api.js');
 const GoogleActions = require('./googleActions.js');
@@ -416,6 +417,9 @@ if(isLocalEnvironment){
 		const payload = jwt.encode({ username: username, issued: new Date }, config.get('secret'));
 		return res.json(payload);
 	});
+	// Add Static Local Paths
+	app.use('/staticImages', express.static(config.get('hb_images') && fs.existsSync(config.get('hb_images')) ? config.get('hb_images') :'staticImages'));
+	app.use(express.static(config.get('hb_fonts')  && fs.existsSync(config.get('hb_fonts')) ? config.get('hb_fonts'):'staticFonts'));
 }
 
 //Render the page

From 1b855108bf5a634ee9d269c0973de9d8b8852bc2 Mon Sep 17 00:00:00 2001
From: David Bolack <dbolack@gmail.com>
Date: Tue, 7 Nov 2023 21:26:11 -0600
Subject: [PATCH 02/10] Correct omitted static path

---
 server/app.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/app.js b/server/app.js
index 9ef4518bc..6ee2d5da0 100644
--- a/server/app.js
+++ b/server/app.js
@@ -419,7 +419,7 @@ if(isLocalEnvironment){
 	});
 	// Add Static Local Paths
 	app.use('/staticImages', express.static(config.get('hb_images') && fs.existsSync(config.get('hb_images')) ? config.get('hb_images') :'staticImages'));
-	app.use(express.static(config.get('hb_fonts')  && fs.existsSync(config.get('hb_fonts')) ? config.get('hb_fonts'):'staticFonts'));
+	app.use('/staticFonts', express.static(config.get('hb_fonts')  && fs.existsSync(config.get('hb_fonts')) ? config.get('hb_fonts'):'staticFonts'));
 }
 
 //Render the page

From e9a76dd018f9a11a47f5f2e193e380ce7c1bb39d Mon Sep 17 00:00:00 2001
From: Trevor Buckner <calculuschild@gmail.com>
Date: Mon, 4 Dec 2023 22:28:48 -0500
Subject: [PATCH 03/10] Use existing dependency fs-extra instead of adding new
 one

---
 server/app.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/app.js b/server/app.js
index 6ee2d5da0..4c9899d80 100644
--- a/server/app.js
+++ b/server/app.js
@@ -8,7 +8,7 @@ const express = require('express');
 const yaml = require('js-yaml');
 const app = express();
 const config = require('./config.js');
-const fs = require('fs');
+const fs = require('fs-extra');
 
 const { homebrewApi, getBrew } = require('./homebrew.api.js');
 const GoogleActions = require('./googleActions.js');

From 2e459118aaa9d0a5f60060eeb9c04c7b91942fc6 Mon Sep 17 00:00:00 2001
From: "G.Ambatte" <sean@robertson-family.nz>
Date: Thu, 5 Sep 2024 16:45:07 +1200
Subject: [PATCH 04/10] Update content-negotiation.js

---
 server/middleware/content-negotiation.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/server/middleware/content-negotiation.js b/server/middleware/content-negotiation.js
index 201e64a25..823da94e7 100644
--- a/server/middleware/content-negotiation.js
+++ b/server/middleware/content-negotiation.js
@@ -2,11 +2,11 @@ module.exports = (req, res, next)=>{
 	const isImageRequest = req.get('Accept')?.split(',')
         ?.filter((h)=>!h.includes('q='))
         ?.every((h)=>/image\/.*/.test(h));
-	if(isImageRequest) {
+	if(isImageRequest && !req.url?.startsWith('/staticImages/') {
 		return res.status(406).send({
 			message : 'Request for image at this URL is not supported'
 		});
 	}
 
 	next();
-};
\ No newline at end of file
+};

From 235969a485de06feae3ac7189ae1b0bf5ade7b4f Mon Sep 17 00:00:00 2001
From: "G.Ambatte" <sean@robertson-family.nz>
Date: Thu, 5 Sep 2024 16:50:19 +1200
Subject: [PATCH 05/10] Fix a dropped bracket

---
 server/middleware/content-negotiation.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/middleware/content-negotiation.js b/server/middleware/content-negotiation.js
index 823da94e7..a0c91c81f 100644
--- a/server/middleware/content-negotiation.js
+++ b/server/middleware/content-negotiation.js
@@ -2,7 +2,7 @@ module.exports = (req, res, next)=>{
 	const isImageRequest = req.get('Accept')?.split(',')
         ?.filter((h)=>!h.includes('q='))
         ?.every((h)=>/image\/.*/.test(h));
-	if(isImageRequest && !req.url?.startsWith('/staticImages/') {
+	if(isImageRequest && !req.url?.startsWith('/staticImages/')) {
 		return res.status(406).send({
 			message : 'Request for image at this URL is not supported'
 		});

From d19aaf6c780a8a8584ca4af5bbcc35bd5cdf8df1 Mon Sep 17 00:00:00 2001
From: David Bolack <dbolack@gmail.com>
Date: Fri, 6 Sep 2024 11:50:46 -0500
Subject: [PATCH 06/10] Except staticImages and staticFonts paths from
 middleware evaluation if in a local ENV.

---
 config/default.json                      |  2 +-
 server/middleware/content-negotiation.js | 23 ++++++++++++++---------
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/config/default.json b/config/default.json
index 12b35e6cf..7d36368f6 100644
--- a/config/default.json
+++ b/config/default.json
@@ -7,4 +7,4 @@
 	"enable_themes" : true,
 	"local_environments" : ["docker", "local"],
 	"publicUrl" : "https://homebrewery.naturalcrit.com"
-}
+	}
diff --git a/server/middleware/content-negotiation.js b/server/middleware/content-negotiation.js
index 201e64a25..4eb9137ba 100644
--- a/server/middleware/content-negotiation.js
+++ b/server/middleware/content-negotiation.js
@@ -1,12 +1,17 @@
-module.exports = (req, res, next)=>{
-	const isImageRequest = req.get('Accept')?.split(',')
-        ?.filter((h)=>!h.includes('q='))
-        ?.every((h)=>/image\/.*/.test(h));
-	if(isImageRequest) {
-		return res.status(406).send({
-			message : 'Request for image at this URL is not supported'
-		});
-	}
+const config = require('../config.js');
+const nodeEnv = config.get('node_env');
+const isLocalEnvironment = config.get('local_environments').includes(nodeEnv);
 
+module.exports = (req, res, next)=>{
+	if((!isLocalEnvironment) && (!req.url?.startsWith('/staticImages') && !req.url?.startsWith('/staticFonts'))) {
+		const isImageRequest = req.get('Accept')?.split(',')
+			?.filter((h)=>!h.includes('q='))
+			?.every((h)=>/image\/.*/.test(h));
+		if(isImageRequest) {
+			return res.status(406).send({
+				message : 'Request for image at this URL is not supported'
+			});
+		}
+	}
 	next();
 };
\ No newline at end of file

From 67e265b23f95c4686debce6adf631988560bbf83 Mon Sep 17 00:00:00 2001
From: David Bolack <dbolack@gmail.com>
Date: Sun, 15 Sep 2024 21:55:18 -0500
Subject: [PATCH 07/10] Set default values for hb_images and hb_fonts in the
 config.

Remove stray tab.
---
 config/default.json | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/config/default.json b/config/default.json
index 7d36368f6..bea3b2663 100644
--- a/config/default.json
+++ b/config/default.json
@@ -6,5 +6,7 @@
 	"enable_v3" : true,
 	"enable_themes" : true,
 	"local_environments" : ["docker", "local"],
-	"publicUrl" : "https://homebrewery.naturalcrit.com"
-	}
+	"publicUrl" : "https://homebrewery.naturalcrit.com",
+	"hb_images" : null,
+	"hb_fonts" : null
+}

From ffaca4ec1095a7379302e95b83b9aa7001d9dff8 Mon Sep 17 00:00:00 2001
From: David Bolack <dbolack@abquintic.com>
Date: Wed, 18 Sep 2024 16:21:31 -0500
Subject: [PATCH 08/10] Update server/middleware/content-negotiation.js

Co-authored-by: Trevor Buckner <calculuschild@gmail.com>
---
 server/middleware/content-negotiation.js | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/server/middleware/content-negotiation.js b/server/middleware/content-negotiation.js
index 120b707f5..113d6ba34 100644
--- a/server/middleware/content-negotiation.js
+++ b/server/middleware/content-negotiation.js
@@ -6,9 +6,7 @@ module.exports = (req, res, next)=>{
 	const isImageRequest = req.get('Accept')?.split(',')
         ?.filter((h)=>!h.includes('q='))
         ?.every((h)=>/image\/.*/.test(h));
-	if(isImageRequest &&
-		(!isLocalEnvironment && !req.url?.startsWith('/staticImages'))
-	) {
+	if(isImageRequest && !isLocalEnvironment && !req.url?.startsWith('/staticImages') {
 		return res.status(406).send({
 			message : 'Request for image at this URL is not supported'
 		});

From c4b754e4670489a1eb5c398061fb6a3c69f4a309 Mon Sep 17 00:00:00 2001
From: David Bolack <dbolack@gmail.com>
Date: Mon, 7 Oct 2024 14:45:33 -0500
Subject: [PATCH 09/10] Lost a stray ) on update

---
 server/middleware/content-negotiation.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/middleware/content-negotiation.js b/server/middleware/content-negotiation.js
index 113d6ba34..a5bc7dc83 100644
--- a/server/middleware/content-negotiation.js
+++ b/server/middleware/content-negotiation.js
@@ -6,7 +6,7 @@ module.exports = (req, res, next)=>{
 	const isImageRequest = req.get('Accept')?.split(',')
         ?.filter((h)=>!h.includes('q='))
         ?.every((h)=>/image\/.*/.test(h));
-	if(isImageRequest && !isLocalEnvironment && !req.url?.startsWith('/staticImages') {
+	if(isImageRequest && !isLocalEnvironment && !req.url?.startsWith('/staticImages')) {
 		return res.status(406).send({
 			message : 'Request for image at this URL is not supported'
 		});

From a6efaf0e8b3bd976ae1fbadc2cffdcbeb32c20e9 Mon Sep 17 00:00:00 2001
From: Gazook89 <John.W.Jones89@gmail.com>
Date: Tue, 8 Oct 2024 10:12:53 -0500
Subject: [PATCH 10/10] Remove unused Nav components

---
 client/homebrew/navbar/editTitle.navitem.jsx | 34 ---------------
 client/homebrew/navbar/reddit.navitem.jsx    | 44 --------------------
 2 files changed, 78 deletions(-)
 delete mode 100644 client/homebrew/navbar/editTitle.navitem.jsx
 delete mode 100644 client/homebrew/navbar/reddit.navitem.jsx

diff --git a/client/homebrew/navbar/editTitle.navitem.jsx b/client/homebrew/navbar/editTitle.navitem.jsx
deleted file mode 100644
index 94ae5d0b0..000000000
--- a/client/homebrew/navbar/editTitle.navitem.jsx
+++ /dev/null
@@ -1,34 +0,0 @@
-const React = require('react');
-const createClass = require('create-react-class');
-const cx = require('classnames');
-const Nav = require('naturalcrit/nav/nav.jsx');
-
-const MAX_TITLE_LENGTH = 50;
-
-
-const EditTitle = createClass({
-	displayName     : 'EditTitleNavItem',
-	getDefaultProps : function() {
-		return {
-			title    : '',
-			onChange : function(){}
-		};
-	},
-
-	handleChange : function(e){
-		if(e.target.value.length > MAX_TITLE_LENGTH) return;
-		this.props.onChange(e.target.value);
-	},
-	render : function(){
-		return <Nav.item className='editTitle'>
-			<input placeholder='Brew Title' type='text' value={this.props.title} onChange={this.handleChange} />
-
-			<div className={cx('charCount', { 'max': this.props.title.length >= MAX_TITLE_LENGTH })}>
-				{this.props.title.length}/{MAX_TITLE_LENGTH}
-			</div>
-		</Nav.item>;
-	},
-
-});
-
-module.exports = EditTitle;
diff --git a/client/homebrew/navbar/reddit.navitem.jsx b/client/homebrew/navbar/reddit.navitem.jsx
deleted file mode 100644
index 1d9f95604..000000000
--- a/client/homebrew/navbar/reddit.navitem.jsx
+++ /dev/null
@@ -1,44 +0,0 @@
-const React = require('react');
-const createClass = require('create-react-class');
-const Nav = require('naturalcrit/nav/nav.jsx');
-
-const MAIN_URL = 'https://www.reddit.com/r/UnearthedArcana/submit?selftext=true';
-
-
-const RedditShare = createClass({
-	displayName     : 'RedditShareNavItem',
-	getDefaultProps : function() {
-		return {
-			brew : {
-				title    : '',
-				sharedId : '',
-				text     : ''
-			}
-		};
-	},
-
-	getText : function(){
-
-	},
-
-
-	handleClick : function(){
-		const url = [
-			MAIN_URL,
-			`title=${encodeURIComponent(this.props.brew.title ? this.props.brew.title : 'Check out my brew!')}`,
-			`text=${encodeURIComponent(this.props.brew.text)}`
-		].join('&');
-
-		window.open(url, '_blank');
-	},
-
-
-	render : function(){
-		return <Nav.item icon='fa-reddit-alien' color='red' onClick={this.handleClick}>
-			share on reddit
-		</Nav.item>;
-	},
-
-});
-
-module.exports = RedditShare;