forked from h5bp/server-configs
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
more updates to the file according to issue h5bp#46
- Loading branch information
Showing
1 changed file
with
69 additions
and
68 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,77 +1,78 @@ | ||
|
|
||
|
|
||
| var h5bp = modules.exports, | ||
| /* h5bp server-configs project | ||
| * | ||
| * maintainer: @xonecas, <insert your name here> | ||
| */ | ||
| var h5bp = module.exports, | ||
| _http = require('http'); | ||
|
|
||
| h5bp = { | ||
| // send the IE=Edge and chrome=1 headers for IE browsers | ||
| // on html/htm resquests. | ||
| ieEdgeChromeFrameHeader: function () { | ||
| return function (req, res, next) { | ||
| var url = req.url, | ||
| ua = req.headers['user-agent']; | ||
| // send the IE=Edge and chrome=1 headers for IE browsers | ||
| // on html/htm resquests. | ||
| h5bp.ieEdgeChromeFrameHeader = function () { | ||
| return function (req, res, next) { | ||
| var url = req.url, | ||
| ua = req.headers['user-agent']; | ||
|
|
||
| if (ua && ua.indexOf('MSIE') && /html?$/.test(url)) { | ||
| res.setHeader('X-UA-Compatible', 'IE=Edge,chrome=1'); | ||
| } | ||
| next(); | ||
| }; | ||
| }, | ||
| if (ua && ua.indexOf('MSIE') && /html?$/.test(url)) { | ||
| res.setHeader('X-UA-Compatible', 'IE=Edge,chrome=1'); | ||
| } | ||
| next(); | ||
| }; | ||
| }; | ||
|
|
||
| // block access to hidden files and directories. | ||
| protectDotfiles: function () { | ||
| return function (req, res, next) { | ||
| var error; | ||
| if (/(^|\/)\./.test(req.url)) { | ||
| error = new Error(_http.STATUS_CODES[405]); // 405, not allowed | ||
| error.status = 405; | ||
| } | ||
| next(error); | ||
| }; | ||
| }, | ||
| h5bp.protectDotfiles = function () { | ||
| return function (req, res, next) { | ||
| var error; | ||
| if (/(^|\/)\./.test(req.url)) { | ||
| error = new Error(_http.STATUS_CODES[405]); // 405, not allowed | ||
| error.status = 405; | ||
| } | ||
| next(error); | ||
| }; | ||
| }; | ||
|
|
||
| // Enable CORS cross domain rules, more info at http://enble-cors.org/ | ||
| crossDomainRules: function () { | ||
| return function (req, res, next) { | ||
| res.setHeader('Access-Control-Allow-Origin', '*'); | ||
| res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With'); | ||
| next(); | ||
| }; | ||
| }, | ||
| // Enable CORS cross domain rules, more info at http://enble-cors.org/ | ||
| h5bp.crossDomainRules = function () { | ||
| return function (req, res, next) { | ||
| res.setHeader('Access-Control-Allow-Origin', '*'); | ||
| res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With'); | ||
| next(); | ||
| }; | ||
| }; | ||
|
|
||
| // Suppress or force 'www' in the urls | ||
| // @param suppress = boolean | ||
| suppressWww: function (suppress) { | ||
| return function (req, res, next) { | ||
| var url = req.url; | ||
| if (suppress && /^www\./.test(url)) { | ||
| res.status = 302; | ||
| res.setHeader('Location', url.replace(/^www\./,'')); | ||
| } | ||
| if (!suppress && !/^www\./.test(url)) { | ||
| res.status = 302; | ||
| res.setHeader('Location', "www."+url); | ||
| } | ||
| next(); | ||
| }; | ||
| }, | ||
| // Suppress or force 'www' in the urls | ||
| // @param suppress = boolean | ||
| h5bp.suppressWww = function (suppress) { | ||
| return function (req, res, next) { | ||
| var url = req.url; | ||
| if (suppress && /^www\./.test(url)) { | ||
| res.status = 302; | ||
| res.setHeader('Location', url.replace(/^www\./,'')); | ||
| } | ||
| if (!suppress && !/^www\./.test(url)) { | ||
| res.status = 302; | ||
| res.setHeader('Location', "www."+url); | ||
| } | ||
| next(); | ||
| }; | ||
| }; | ||
|
|
||
| // return a express/connect server with the default middlewares. | ||
| // @param serverConstructor = express/connect server instance | ||
| server: function (serverContructor) { | ||
| return serverContructor.createServer( | ||
| serverContructor.logger('dev'), | ||
| this.ieEdgeChromeFrameHeader(), | ||
| this.protectDotfiles(), | ||
| this.crossDomainRules(), | ||
| this.suppressWww(true), | ||
| serverContructor['static'](__.dirname), // static is a reserved keyword | ||
| serverContructor.favicon(__dirname), | ||
| serverContructor.errorHandler({ | ||
| stack: true, | ||
| message: true, | ||
| dump: true | ||
| }) | ||
| ); | ||
| } | ||
| // return a express/connect server with the default middlewares. | ||
| // @param serverConstructor = express/connect server instance | ||
| // @param options = { root: 'path/to/public/files' } | ||
| h5bp.server = function (serverContructor, options) { | ||
| return serverContructor.createServer( | ||
| serverContructor.logger('dev'), | ||
| this.ieEdgeChromeFrameHeader(), | ||
| this.protectDotfiles(), | ||
| this.crossDomainRules(), | ||
| this.suppressWww(true), | ||
| serverContructor['static'](options.root), // static is a reserved keyword | ||
| serverContructor.favicon(options.root), | ||
| serverContructor.errorHandler({ | ||
| stack: true, | ||
| message: true, | ||
| dump: true | ||
| }) | ||
| ); | ||
| }; |