Merge pull request #11 from theopak/master

Disallow XML config files
Cimpress-MCP · Sep 3, 2015 · 4431049 · 4431049
2 parents fbf614e + 8be4fe5
commit 4431049
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 6 deletions.
diff --git a/lib/proxy_manager.js b/lib/proxy_manager.js
@@ -165,13 +165,12 @@ function loadConfigFiles(cb) {
     /* istanbul ignore if */
     if (err) return cb(err);
 
-    // Require a '.json' or '.xml' file ending and reject dotfiles
-    // TODO (@theopak): Write unit tests for this.
+    // Require a '.json' file ending and reject dotfiles
     var config_files = [];
     for (var i in files) {
       if (path.basename(files[i])[0] === '.') {
         continue;
-      } else if (!/^.*\.(json|xml)$/i.test(files[i])) {
+      } else if (!/^.*\.(json)$/i.test(files[i])) {
         continue;
       } else {
         config_files.push(files[i]);

diff --git a/readme.md b/readme.md
@@ -1,6 +1,9 @@
 # oauth_reverse_proxy
 
-[![Build Status](https://travis-ci.org/Cimpress-MCP/oauth_reverse_proxy.svg?branch=master)](https://travis-ci.org/Cimpress-MCP/oauth_reverse_proxy) [![Coverage Status](https://img.shields.io/coveralls/Cimpress-MCP/oauth_reverse_proxy.svg)](https://coveralls.io/r/Cimpress-MCP/oauth_reverse_proxy?branch=master)
+[![npm version](https://badge.fury.io/js/oauth_reverse_proxy.svg)](http://badge.fury.io/js/oauth_reverse_proxy)
+[![Build Status](https://travis-ci.org/Cimpress-MCP/oauth_reverse_proxy.svg?branch=master)](https://travis-ci.org/Cimpress-MCP/oauth_reverse_proxy)
+[![Coverage Status](https://img.shields.io/coveralls/Cimpress-MCP/oauth_reverse_proxy.svg)](https://coveralls.io/r/Cimpress-MCP/oauth_reverse_proxy?branch=master)
+[![Dependency Status](https://img.shields.io/david/Cimpress-MCP/oauth_reverse_proxy.svg)](https://david-dm.org/Cimpress-MCP/oauth_reverse_proxy)
 
 Layer to add authentication to APIs by checking caller credentials, reverse-proxying inbound traffic to your API, and then signing outbound traffic back to callers.
 
@@ -10,7 +13,7 @@ Authentication for web applications, particularly applications created for machi
 
 ##### Installation
 
-Since this project is published with [npm](https://www.npmjs.com), the installation and run commands are the same on Windows, OS X, and Linux. Here's a full bash example that includes configuration:
+Since this project is published with [npm](https://www.npmjs.com/package/oauth_reverse_proxy), the installation and run commands are the same on Windows, OS X, and Linux. Here's a full bash example that includes configuration:
 
 ```bash
 # Install the versioned node package from the public npm repo
@@ -98,7 +101,7 @@ Zero-legged OAuth 1.0a is built on the assumption that a service provider can se
         }
     }
 
-Proxy configuration files can be JSON or XML. The following fields are required in a proxy configuration file:
+Proxy configuration files must be JSON, must have a filename ending with `.json`, and cannot have a filename beginning with a dot. All other files will be ignored. The following fields are required in a proxy configuration file:
 
 - **service_name** - The name of the service for which we are proxying.  This is used in logging to disambiguate messages for multiple proxies running within the same process.
 - **from_port** - The port this proxy will open to the outside world.  In the case of a reverse proxy, all inbound traffic to your service should be directed to this port to ensure that only authenticated requests reach your application.  Note that only one proxy can be bound to any given `from_port`.