unpkg/server/createServer.js

const fs = require('fs')
const path = require('path')
const http = require('http')
const express = require('express')
const cors = require('cors')
const morgan = require('morgan')

const { fetchStats } = require('./cloudflare')

const checkBlacklist = require('./middleware/checkBlacklist')
const parsePackageURL = require('./middleware/parsePackageURL')
const fetchFile = require('./middleware/fetchFile')
const serveFile = require('./middleware/serveFile')

/**
 * A list of packages we refuse to serve.
 */
const PackageBlacklist = require('./PackageBlacklist').blacklist

morgan.token('fwd', function (req) {
  return req.get('x-forwarded-for').replace(/\s/g, '')
})

function sendHomePage(publicDir) {
  const html = fs.readFileSync(path.join(publicDir, 'index.html'), 'utf8')

  return function (req, res, next) {
    fetchStats(function (error, stats) {
      if (error) {
        next(error)
      } else {
        res.set({
          'Cache-Control': 'public, max-age=60',
          'Cache-Tag': 'home'
        })

        res.send(
          // Replace the __SERVER_DATA__ token that was added to the
          // HTML file in the build process (see scripts/build.js).
          html.replace('__SERVER_DATA__', JSON.stringify({
            cloudflareStats: stats
          }))
        )
      }
    })
  }
}

function errorHandler(err, req, res, next) {
  console.error(err.stack)
  res.status(500).type('text').send('Internal Server Error')
  next(err)
}

function createServer() {
  const app = express()

  app.disable('x-powered-by')

  app.use(morgan(process.env.NODE_ENV === 'production'
    // Modified version of the Heroku router's log format
    // https://devcenter.heroku.com/articles/http-routing#heroku-router-log-format
    ? 'method=:method path=":url" host=:req[host] request_id=:req[x-request-id] cf_ray=:req[cf-ray] fwd=:fwd status=:status bytes=:res[content-length]'
    : 'dev'
  ))

  app.use(errorHandler)
  app.use(cors())

  app.get('/', sendHomePage('build'))

  app.use(express.static('build', {
    maxAge: '365d'
  }))

  app.use('/',
    parsePackageURL,
    checkBlacklist(PackageBlacklist),
    fetchFile,
    serveFile
  )

  const server = http.createServer(app)

  // Heroku dynos automatically timeout after 30s. Set our
  // own timeout here to force sockets to close before that.
  // https://devcenter.heroku.com/articles/request-timeout
  server.setTimeout(25000, function (socket) {
    const message = `Timeout of 25 seconds exceeded`

    socket.end([
      `HTTP/1.1 503 Service Unavailable`,
      `Date: ${(new Date).toGMTString()}`,
      `Content-Type: text/plain`,
      `Content-Length: ${Buffer.byteLength(message)}`,
      `Connection: close`,
      ``,
      message
    ].join(`\r\n`))
  })

  return server
}

module.exports = createServer
Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`const fs = require('fs')`
			`const path = require('path')`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`const http = require('http')`
			`const express = require('express')`
			`const cors = require('cors')`
			`const morgan = require('morgan')`
Add Cache-Tag headers 2017-08-13 00:23:40 +00:00
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`const { fetchStats } = require('./cloudflare')`
Require packages to be downloaded >= 100x/day This should make it more difficult for people who are publishing malicious packages to npm to get them on the CDN. 2017-08-17 05:47:24 +00:00
Add back checkBlacklist middleware 2017-08-17 06:03:28 +00:00			`const checkBlacklist = require('./middleware/checkBlacklist')`
Combine parse + blacklist middleware 2017-08-16 21:55:40 +00:00			`const parsePackageURL = require('./middleware/parsePackageURL')`
Combine fetchPackage and findFile into same middleware 2017-08-16 22:07:34 +00:00			`const fetchFile = require('./middleware/fetchFile')`
Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`const serveFile = require('./middleware/serveFile')`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00
Add back checkBlacklist middleware 2017-08-17 06:03:28 +00:00			`/**`
			`* A list of packages we refuse to serve.`
			`*/`
			`const PackageBlacklist = require('./PackageBlacklist').blacklist`

Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`morgan.token('fwd', function (req) {`
			`return req.get('x-forwarded-for').replace(/\s/g, '')`
			`})`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00
Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`function sendHomePage(publicDir) {`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`const html = fs.readFileSync(path.join(publicDir, 'index.html'), 'utf8')`

Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`return function (req, res, next) {`
			`fetchStats(function (error, stats) {`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`if (error) {`
			`next(error)`
			`} else {`
Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`res.set({`
			`'Cache-Control': 'public, max-age=60',`
			`'Cache-Tag': 'home'`
			`})`

Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`res.send(`
Add comments about __SERVER_DATA__ 2017-05-19 17:59:04 +00:00			`// Replace the __SERVER_DATA__ token that was added to the`
			`// HTML file in the build process (see scripts/build.js).`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`html.replace('__SERVER_DATA__', JSON.stringify({`
			`cloudflareStats: stats`
			`}))`
			`)`
			`}`
			`})`
			`}`
			`}`

Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`function errorHandler(err, req, res, next) {`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`console.error(err.stack)`
Remove min-download checking 2017-08-18 19:35:45 +00:00			`res.status(500).type('text').send('Internal Server Error')`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`next(err)`
			`}`

Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`function createServer() {`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`const app = express()`

			`app.disable('x-powered-by')`

Simplify server log format 2017-06-06 22:50:46 +00:00			`app.use(morgan(process.env.NODE_ENV === 'production'`
			`// Modified version of the Heroku router's log format`
			`// https://devcenter.heroku.com/articles/http-routing#heroku-router-log-format`
Remove space from X-Forwarded-For value in logs 2017-06-06 23:00:40 +00:00			`? 'method=:method path=":url" host=:req[host] request_id=:req[x-request-id] cf_ray=:req[cf-ray] fwd=:fwd status=:status bytes=:res[content-length]'`
Simplify server log format 2017-06-06 22:50:46 +00:00			`: 'dev'`
			`))`
Add LOG_IDS env variable 2017-05-25 04:38:06 +00:00
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`app.use(errorHandler)`
			`app.use(cors())`

Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`app.get('/', sendHomePage('build'))`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00
Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`app.use(express.static('build', {`
Simplify server log format 2017-06-06 22:50:46 +00:00			`maxAge: '365d'`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00			`}))`

Require packages to be downloaded >= 100x/day This should make it more difficult for people who are publishing malicious packages to npm to get them on the CDN. 2017-08-17 05:47:24 +00:00			`app.use('/',`
			`parsePackageURL,`
Add back checkBlacklist middleware 2017-08-17 06:03:28 +00:00			`checkBlacklist(PackageBlacklist),`
Require packages to be downloaded >= 100x/day This should make it more difficult for people who are publishing malicious packages to npm to get them on the CDN. 2017-08-17 05:47:24 +00:00			`fetchFile,`
			`serveFile`
			`)`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00
			`const server = http.createServer(app)`

			`// Heroku dynos automatically timeout after 30s. Set our`
			`// own timeout here to force sockets to close before that.`
			`// https://devcenter.heroku.com/articles/request-timeout`
Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`server.setTimeout(25000, function (socket) {`
Simplify server log format 2017-06-06 22:50:46 +00:00			const message = `Timeout of 25 seconds exceeded`

			`socket.end([`
			`HTTP/1.1 503 Service Unavailable`,
			`Date: ${(new Date).toGMTString()}`,
			`Content-Type: text/plain`,
			`Content-Length: ${Buffer.byteLength(message)}`,
			`Connection: close`,
			``,
			`message`
			].join(`\r\n`))
			`})`
Rewrite frontend using create-react-app 2017-03-26 06:53:54 +00:00
			`return server`
			`}`

Add Cache-Tag headers 2017-08-13 00:23:40 +00:00			`module.exports = createServer`