import express from 'express' import path from 'path' import morgan from 'morgan' import cookieParser from 'cookie-parser' import bodyParser from 'body-parser' import helmet from 'helmet' import compression from 'compression' const env = process.env.NODE_ENV ?? 'testing' const config = require('./config/config')[env] const lang = 'DE' const app = express() app.set('port', config.app.port) app.set('views', path.join(__dirname, '/views')) app.set('view engine', 'pug') // app.use(helmet()) app.use(compression()) app.use(morgan('combined')) app.use(cookieParser()) app.use(bodyParser.json()) app.use(bodyParser.urlencoded({ extended: false })) app.use(express.static(path.join(__dirname, 'public'))) app.use( helmet.contentSecurityPolicy({ useDefaults: true, directives: { 'font-src': ["'self'", 'https://use.fontawesome.com'], 'img-src': ["'self'", 'https://transfer.hft-stuttgart.de'], 'script-src': ["'self'", 'https://code.jquery.com/jquery-3.3.1.min.js', 'https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js', 'https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js'], 'style-src': ["'self'", 'https://use.fontawesome.com/releases/v5.8.2/css/all.css'], 'frame-src': ["'self'"] }, reportOnly: true }) ) app.use(compression()) app.use(morgan('combined')) app.use(cookieParser()) app.use(bodyParser.json()) app.use(bodyParser.urlencoded({ extended: false })) app.use(express.static(path.join(__dirname, 'public'))) // caching disabled for every route // NOTE: Works in Firefox and Opera. Does not work in Edge app.use(function (req, res, next) { res.set('Cache-Control', 'no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0') next() }) require('./routes/project')(app) // Handle 404 app.use(function (req: any, res: any) { res.status(404).render(lang + '/404') }) // Handle 500 - any server error app.use(function (err: any, req: any, res: any, next: any) { console.error(err.stack) res.status(500).render(lang + '/500', { error: err }) }) app.listen(app.get('port'), function () { console.log('Project Page listening on port ' + String(app.get('port'))) })