f.weber/homebrewery
0
0
Fork 0
mirror of https://github.com/naturalcrit/homebrewery.git synced 2026-01-08 09:42:43 +00:00
Code Wiki Activity

Merge pull request #2620 from jeddai/content-negotiation-middleware

Browse Source 
Fixes #2595: Add content negotiation middleware
This commit is contained in:
Trevor Buckner
2023-04-10 09:54:48 -04:00
committed by GitHub
parent 9bb1cac547 0720677824
commit ba72f1ab22
4 changed files with 61 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
changelog.md
View File

@@ -82,6 +82,13 @@ For a full record of development, visit our [Github Page](https://github.com/nat
### XXXXday DD/MM/2023 - v3.8.0 ### XXXXday DD/MM/2023 - v3.8.0
{{taskList {{taskList
##### Jeddai
* [X] Add content negotiation to exclude image requests from our API calls
Fixes issue [#2595](https://github.com/naturalcrit/homebrewery/issues/2595)
##### G-Ambatte ##### G-Ambatte
* [x] Update server build scripts to fix Admin page * [x] Update server build scripts to fix Admin page

3
server/app.js
View File

@@ -43,8 +43,7 @@ const sanitizeBrew = (brew, accessType)=>{
}; };
app.use('/', serveCompressedStaticAssets(`build`)); app.use('/', serveCompressedStaticAssets(`build`));
app.use(require('./middleware/content-negotiation.js'));
//app.use(express.static(`${__dirname}/build`));
app.use(require('body-parser').json({ limit: '25mb' })); app.use(require('body-parser').json({ limit: '25mb' }));
app.use(require('cookie-parser')()); app.use(require('cookie-parser')());
app.use(require('./forcessl.mw.js')); app.use(require('./forcessl.mw.js'));

12
server/middleware/content-negotiation.js Normal file
View File

@@ -0,0 +1,12 @@
module.exports = (req, res, next)=>{
const isImageRequest = req.get('Accept')?.split(',')
?.filter((h)=>!h.includes('q='))
?.every((h)=>/image\/.*/.test(h));
if(isImageRequest) {
return res.status(406).send({
message : 'Request for image at this URL is not supported'
});
}
next();
};

41
server/middleware/content-negotiation.spec.js Normal file
View File

@@ -0,0 +1,41 @@
const contentNegotiationMiddleware = require('./content-negotiation.js');
describe('content-negotiation-middleware', ()=>{
let request;
let response;
let next;
beforeEach(()=>{
request = {
get : function(key) {
return this[key];
}
};
response = {
status : jest.fn(()=>response),
send : jest.fn(()=>{})
};
next = jest.fn();
});
it('should return 406 on image request', ()=>{
contentNegotiationMiddleware({
Accept : 'image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8',
...request
}, response);
expect(response.status).toHaveBeenLastCalledWith(406);
expect(response.send).toHaveBeenCalledWith({
message : 'Request for image at this URL is not supported'
});
});
it('should call next on non-image request', ()=>{
contentNegotiationMiddleware({
Accept : 'text,image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8',
...request
}, response, next);
expect(next).toHaveBeenCalled();
});
});