CSP & sentry error fix & log-that-http

hse-mtc · Nov 26, 2020 · 6700331 · 6700331
1 parent 23b9256
commit 6700331
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 8 deletions.
diff --git a/package.json b/package.json
@@ -38,12 +38,13 @@
         "packages:outdated": "npm outdated",
         "packages:upgrade": "npm upgrade --save",
         "packages:prune": "npm prune",
-        "start": "ENV=production pm2 start ./configs/pm2.config.js",
-        "pm2:dev": "ENV=development pm2-dev start ./configs/pm2.config.js",
-        "pm2:dev:ts": "ENV=development pm2-dev start ts-node -- -P tsconfig.json ./src/bin/starter.ts",
-        "start:dev": "ENV=development DEBUG='express:*' nodemon --require log-that-http src/bin/starter.ts --config configs/nodemon.json",
-        "start:dev:schedule": "ENV=development nodemon src/bin/starter.ts --mode=downloader --config configs/nodemon.json",
-        "start:dev:serverOnly": "ENV=development nodemon src/bin/starter.ts --mode=serverOnly --config configs/nodemon.json",
+        "start": "NODE_PATH=. NODE_HEAPDUMP_OPTIONS=nosignal ENV=production pm2 start ./configs/pm2.config.js",
+        "pm2:dev": "NODE_PATH=. NODE_HEAPDUMP_OPTIONS=nosignal ENV=development pm2-dev start ./configs/pm2.config.js",
+        "pm2:dev:ts": "NODE_PATH=. NODE_HEAPDUMP_OPTIONS=nosignal ENV=development pm2-dev start ts-node -- -P tsconfig.json ./src/bin/starter.ts",
+        "start:dev": "NODE_PATH=. NODE_HEAPDUMP_OPTIONS=nosignal ENV=development nodemon src/bin/starter.ts --config configs/nodemon.json",
+        "start:dev:express": "DEBUG='express:*' && npm run start:dev",
+        "start:dev:schedule": "NODE_PATH=. NODE_HEAPDUMP_OPTIONS=nosignal ENV=development nodemon src/bin/starter.ts --mode=downloader --config configs/nodemon.json",
+        "start:dev:serverOnly": "NODE_PATH=. NODE_HEAPDUMP_OPTIONS=nosignal ENV=development nodemon src/bin/starter.ts --mode=serverOnly --config configs/nodemon.json",
         "test": "jest --config=configs/jest.json",
         "test:watch": "jest --watch --coverage --config=configs/jest.json",
         "test:coverage": "jest --coverage --config=configs/jest.json",

diff --git a/src/api/v1/routes/debug.ts b/src/api/v1/routes/debug.ts
@@ -23,7 +23,7 @@ debugRoutes.get("/heapdump", [
 
         const profileFilename = format(
             new Date(),
-            `${global.process.pid}_YYYY-MM-DDTHH:mm:ss`,
+            `${global.process.pid}_yyyy-MM-ddTHH:mm:ss`,
         );
 
         const filename = path.join(

diff --git a/src/bin/starter.ts b/src/bin/starter.ts
@@ -44,6 +44,10 @@ const starter = async (): Promise<void> => {
             Bot.setup();
             await Server.setup({ useBot: true });
 
+            if (["development", "debug"].includes(mode)) {
+                require("log-that-http");
+            }
+
             break;
         }
         case "serverOnly": {

diff --git a/src/modules/Server.ts b/src/modules/Server.ts
@@ -118,7 +118,16 @@ class ExpressApp {
         );
 
         /* Add some security */
-        this._app.use(helmet());
+        this._app.use(
+            helmet({
+                contentSecurityPolicy: {
+                    directives: {
+                        "default-src":
+                            "'self' 'unsafe-inline' mc.yandex.ru hse-military-bot.herokuapp.com",
+                    },
+                },
+            }),
+        );
 
         /* Add some compression */
         this._app.use(compression());