1
0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00

Merge pull request #4178 from node-red/4169-remove-express-header

Ensure express server options are applied consistently
This commit is contained in:
Nick O'Leary 2023-05-22 11:35:32 +01:00 committed by GitHub
commit e9e32550df
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 62 additions and 44 deletions

View File

@ -14,8 +14,6 @@
* limitations under the License.
**/
var express = require("express");
var nodes = require("./nodes");
var flows = require("./flows");
var flow = require("./flow");
@ -37,18 +35,9 @@ module.exports = {
plugins.init(runtimeAPI);
diagnostics.init(settings, runtimeAPI);
var needsPermission = auth.needsPermission;
var adminApp = express();
var defaultServerSettings = {
"x-powered-by": false
}
var serverSettings = Object.assign({},defaultServerSettings,settings.httpServerOptions||{});
for (var eOption in serverSettings) {
adminApp.set(eOption, serverSettings[eOption]);
}
const needsPermission = auth.needsPermission;
const adminApp = apiUtil.createExpressApp(settings)
// Flows
adminApp.get("/flows",needsPermission("flows.read"),flows.get,apiUtil.errorHandler);

View File

@ -46,14 +46,15 @@ module.exports = {
runtimeAPI = _runtimeAPI;
needsPermission = auth.needsPermission;
if (!settings.disableEditor) {
info.init(runtimeAPI);
info.init(settings, runtimeAPI);
comms.init(server,settings,runtimeAPI);
var ui = require("./ui");
ui.init(runtimeAPI);
var editorApp = express();
const editorApp = apiUtil.createExpressApp(settings)
if (settings.requireHttps === true) {
editorApp.enable('trust proxy');
editorApp.use(function (req, res, next) {
@ -86,7 +87,7 @@ module.exports = {
//Projects
var projects = require("./projects");
projects.init(runtimeAPI);
projects.init(settings, runtimeAPI);
editorApp.use("/projects",projects.app());
// Locales

View File

@ -14,9 +14,9 @@
* limitations under the License.
**/
var express = require("express");
var apiUtils = require("../util");
var settings;
var runtimeAPI;
var needsPermission = require("../auth").needsPermission;
@ -77,11 +77,12 @@ function getProjectRemotes(req,res) {
})
}
module.exports = {
init: function(_runtimeAPI) {
init: function(_settings, _runtimeAPI) {
settings = _settings;
runtimeAPI = _runtimeAPI;
},
app: function() {
var app = express();
var app = apiUtils.createExpressApp(settings)
app.use(function(req,res,next) {
runtimeAPI.projects.available().then(function(available) {

View File

@ -18,9 +18,9 @@ var runtimeAPI;
var sshkeys = require("./sshkeys");
module.exports = {
init: function(_runtimeAPI) {
init: function(settings, _runtimeAPI) {
runtimeAPI = _runtimeAPI;
sshkeys.init(runtimeAPI);
sshkeys.init(settings, runtimeAPI);
},
userSettings: function(req, res) {
var opts = {

View File

@ -17,13 +17,15 @@
var apiUtils = require("../util");
var express = require("express");
var runtimeAPI;
var settings;
module.exports = {
init: function(_runtimeAPI) {
init: function(_settings, _runtimeAPI) {
runtimeAPI = _runtimeAPI;
settings = _settings;
},
app: function() {
var app = express();
const app = apiUtils.createExpressApp(settings);
// List all SSH keys
app.get("/", function(req,res) {

View File

@ -19,6 +19,7 @@ var util = require("util");
var path = require("path");
var fs = require("fs");
var clone = require("clone");
const apiUtil = require("../util")
var defaultContext = {
page: {
@ -39,6 +40,7 @@ var defaultContext = {
vendorMonaco: ""
}
};
var settings;
var theme = null;
var themeContext = clone(defaultContext);
@ -91,7 +93,8 @@ function serveFilesFromTheme(themeValue, themeApp, directory, baseDirectory) {
}
module.exports = {
init: function(settings, _runtimeAPI) {
init: function(_settings, _runtimeAPI) {
settings = _settings;
runtimeAPI = _runtimeAPI;
themeContext = clone(defaultContext);
if (process.env.NODE_ENV == "development") {
@ -112,7 +115,15 @@ module.exports = {
var url;
themeSettings = {};
themeApp = express();
themeApp = apiUtil.createExpressApp(settings);
const defaultServerSettings = {
"x-powered-by": false
}
const serverSettings = Object.assign({},defaultServerSettings,settings.httpServerOptions||{});
for (const eOption in serverSettings) {
themeApp.set(eOption, serverSettings[eOption]);
}
if (theme.page) {

View File

@ -37,7 +37,6 @@ var adminApp;
var server;
var editor;
/**
* Initialise the module.
* @param {Object} settings The runtime settings
@ -49,7 +48,7 @@ var editor;
function init(settings,_server,storage,runtimeAPI) {
server = _server;
if (settings.httpAdminRoot !== false) {
adminApp = express();
adminApp = apiUtil.createExpressApp(settings);
var cors = require('cors');
var corsHandler = cors({
@ -64,14 +63,6 @@ function init(settings,_server,storage,runtimeAPI) {
}
}
var defaultServerSettings = {
"x-powered-by": false
}
var serverSettings = Object.assign({},defaultServerSettings,settings.httpServerOptions||{});
for (var eOption in serverSettings) {
adminApp.set(eOption, serverSettings[eOption]);
}
auth.init(settings,storage);
var maxApiRequestSize = settings.apiMaxLength || '5mb';
@ -136,10 +127,11 @@ async function stop() {
editor.stop();
}
}
module.exports = {
init: init,
start: start,
stop: stop,
init,
start,
stop,
/**
* @memberof @node-red/editor-api

View File

@ -14,10 +14,9 @@
* limitations under the License.
**/
const express = require("express");
var log = require("@node-red/util").log; // TODO: separate module
var i18n = require("@node-red/util").i18n; // TODO: separate module
const { log, i18n } = require("@node-red/util");
module.exports = {
errorHandler: function(err,req,res,next) {
@ -64,5 +63,17 @@ module.exports = {
path: req.path,
ip: (req.headers && req.headers['x-forwarded-for']) || (req.connection && req.connection.remoteAddress) || undefined
}
},
createExpressApp: function(settings) {
const app = express();
const defaultServerSettings = {
"x-powered-by": false
}
const serverSettings = Object.assign({},defaultServerSettings,settings.httpServerOptions||{});
for (let eOption in serverSettings) {
app.set(eOption, serverSettings[eOption]);
}
return app
}
}

View File

@ -89,6 +89,15 @@ function init(userSettings,httpServer,_adminApi) {
nodeApp = express();
adminApp = express();
const defaultServerSettings = {
"x-powered-by": false
}
const serverSettings = Object.assign({},defaultServerSettings,userSettings.httpServerOptions||{});
for (let eOption in serverSettings) {
nodeApp.set(eOption, serverSettings[eOption]);
adminApp.set(eOption, serverSettings[eOption]);
}
if (_adminApi) {
adminApi = _adminApi;

View File

@ -61,12 +61,14 @@ describe("api/editor/index", function() {
sinon.stub(NR_TEST_UTILS.require("@node-red/editor-api/lib/editor/"+m),"init").callsFake(function(){});
});
sinon.stub(NR_TEST_UTILS.require("@node-red/editor-api/lib/editor/theme"),"app").callsFake(function(){ return express()});
sinon.stub(NR_TEST_UTILS.require("@node-red/editor-api/lib/editor/settings"),"sshkeys").callsFake(function(){ return express()});
});
after(function() {
mockList.forEach(function(m) {
NR_TEST_UTILS.require("@node-red/editor-api/lib/editor/"+m).init.restore();
})
NR_TEST_UTILS.require("@node-red/editor-api/lib/editor/theme").app.restore();
NR_TEST_UTILS.require("@node-red/editor-api/lib/editor/settings").sshkeys.restore();
auth.needsPermission.restore();
log.error.restore();
});

View File

@ -41,7 +41,7 @@ describe("api/editor/settings", function() {
});
it('returns the user settings', function(done) {
info.init({
info.init({}, {
settings: {
getUserSettings: function(opts) {
if (opts.user !== "fred") {
@ -67,7 +67,7 @@ describe("api/editor/settings", function() {
});
it('updates the user settings', function(done) {
var update;
info.init({
info.init({}, {
settings: {
updateUserSettings: function(opts) {
if (opts.user !== "fred") {

View File

@ -34,7 +34,7 @@ describe("api/editor/sshkeys", function() {
}
}
before(function() {
sshkeys.init(mockRuntime);
sshkeys.init({}, mockRuntime);
app = express();
app.use(bodyParser.json());
app.use("/settings/user/keys", sshkeys.app());