From d7f3825596d7bcfde1a8249ad00b34a4c3b7f4bf Mon Sep 17 00:00:00 2001 From: Tom Date: Wed, 11 Dec 2019 21:52:39 +1000 Subject: [PATCH] File limit error references #58 (#59) * minor style change * start fixing file form upload to show error instead of showing ugly nginx * modify express-fileupload, udpate deps and now use dynamicresponse when upload too large files --- README.md | 12 +++- controllers/forms.js | 16 ++++- gulp/res/css/style.css | 10 ++-- gulp/res/js/progress.js | 4 ++ package-lock.json | 90 ++++++++++++++++++++++++---- package.json | 6 +- views/includes/webringboardtable.pug | 2 +- views/pages/home.pug | 34 +++++------ 8 files changed, 134 insertions(+), 40 deletions(-) diff --git a/README.md b/README.md index 346e7105..24c5bfa7 100644 --- a/README.md +++ b/README.md @@ -61,12 +61,22 @@ $ nvm install --lts Configure nginx. Modify the example config included in configs/nginx.example and put it in /etc/nginx/sites-available, then symlink it to /etc/nginx/sites-enabled. Make sure the sites enabled folder is included by the main nginx.conf Next, get https with a certificate generated from [letsencrypt](https://wiki.debian.org/LetsEncrypt). +If you need support for Country flags, [follow this guide](http://archive.is/2SMOb) to set them up in nginx. +Then edit your `/etc/nginx/nginx.conf` and put these directives within the http block: +``` +#geoip settings +geoip_country /usr/share/GeoIP/GeoIP.dat; +geoip_city /usr/share/GeoIP/GeoIPCity.dat; + +``` Now clone the repo, browse to the folder and set some things up. ```bash # in repo directory $ cp configs/main.js.example configs/main.js && nano configs/main.js #copy example config and edit -$ npm run-script setup #install dependencies, pm2, gulp and run gulp tasks +$ npm install #install dependencies +$ npm run-script setup #install global modules pm2 and gulp, then runs gulp tasks +$ gulp reset #clear the database, create test board and account username:admin, password:changeme $ npm run-script start #start all the backend processes $ pm2 list #list running pm2 processes $ pm2 logs #see logs diff --git a/controllers/forms.js b/controllers/forms.js index 41563c13..5cf5d2b5 100644 --- a/controllers/forms.js +++ b/controllers/forms.js @@ -14,28 +14,40 @@ const express = require('express') , verifyCaptcha = require(__dirname+'/../helpers/captcha/captchaverify.js') , csrf = require(__dirname+'/../helpers/checks/csrfmiddleware.js') , sessionRefresh = require(__dirname+'/../helpers/sessionrefresh.js') + , dynamicResponse = require(__dirname+'/../helpers/dynamic.js') + , uploadLimitFunction = (req, res, next) => { + return dynamicResponse(req, res, 413, 'message', { + 'title': 'Payload Too Large', + 'message': 'Your upload was too large', + 'redirect': req.headers.referer + }); + } , upload = require('express-fileupload') , postFiles = upload({ + debug: false, createParentPath: true, safeFileNames: /[^\w\s-]+/g, preserveExtension: 4, limits: { + totalSize: globalLimits.postFilesSize.max, fileSize: globalLimits.postFilesSize.max, files: globalLimits.postFiles.max }, - abortOnLimit: true, + limitHandler: uploadLimitFunction, useTempFiles: true, tempFileDir: __dirname+'/../tmp/' }) , bannerFiles = upload({ + debug: false, createParentPath: true, safeFileNames: /[^\w\s-]+/g, preserveExtension: 3, limits: { + totalSize: globalLimits.postFilesSize.max, fileSize: globalLimits.bannerFilesSize.max, files: globalLimits.bannerFiles.max }, - abortOnLimit: true, + limitHandler: uploadLimitFunction, useTempFiles: true, tempFileDir: __dirname+'/../tmp/' }) diff --git a/gulp/res/css/style.css b/gulp/res/css/style.css index 061f1d67..0a9f81be 100644 --- a/gulp/res/css/style.css +++ b/gulp/res/css/style.css @@ -347,6 +347,10 @@ table { width: 700px; } +.w900 { + width: 900px; +} + th { background: var(--label-color); } @@ -909,10 +913,8 @@ table.boardtable td:nth-child(6) { visibility: visible; } -@media only screen and (max-width: 700px) { - table { - width: 100%; - } +table, .boardtable { + max-width: 100%; } @media only screen and (max-width: 600px) { diff --git a/gulp/res/js/progress.js b/gulp/res/js/progress.js index 3ade22b5..a49af2ae 100644 --- a/gulp/res/js/progress.js +++ b/gulp/res/js/progress.js @@ -165,6 +165,10 @@ window.addEventListener('DOMContentLoaded', () => { captcha[0].dispatchEvent(new Event('dblclick')); } } else { + if (xhr.status === 413) { + clearFiles(); + } + xhr.abort(); //not 200 status, so some error/failed post, wrong captcha, etc if (json) { doModal(json); diff --git a/package-lock.json b/package-lock.json index 3930c1a1..4ef82b16 100644 --- a/package-lock.json +++ b/package-lock.json @@ -179,6 +179,29 @@ } } }, + "@pm2/pm2-version-check": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/@pm2/pm2-version-check/-/pm2-version-check-1.0.3.tgz", + "integrity": "sha512-SBuYsh+o35knItbRW97vl5/5nEc5c5DYP7PxjyPLOfmm9bMaDsVeATXjXMBy6+KLlyrYWHZxGbfXe003NnHClg==", + "requires": { + "debug": "^4.1.1" + }, + "dependencies": { + "debug": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", + "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", + "requires": { + "ms": "^2.1.1" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } + }, "@tohru/gm": { "version": "github:fatchan/gm#07df8fbf131b6b18c32fa010a84e67964e132955", "from": "github:fatchan/gm", @@ -2250,7 +2273,7 @@ } }, "express-fileupload": { - "version": "github:fatchan/express-fileupload#9820cb0a52f69ccc7f200418b74b1812acb29431", + "version": "github:fatchan/express-fileupload#f72901fd27b615664ca30fc4c4148b62c5c77fe9", "from": "github:fatchan/express-fileupload", "requires": { "busboy": "^0.3.1" @@ -3612,6 +3635,35 @@ "glogg": "^1.0.0" } }, + "handlebars": { + "version": "4.5.3", + "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.5.3.tgz", + "integrity": "sha512-3yPecJoJHK/4c6aZhSvxOyG4vJKDshV36VHp0iVCDVh7o9w2vwi3NSnL2MMPj3YdduqaBcu7cGbggJQM0br9xA==", + "requires": { + "neo-async": "^2.6.0", + "optimist": "^0.6.1", + "source-map": "^0.6.1", + "uglify-js": "^3.1.4" + }, + "dependencies": { + "commander": { + "version": "2.20.3", + "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz", + "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==", + "optional": true + }, + "uglify-js": { + "version": "3.7.2", + "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.7.2.tgz", + "integrity": "sha512-uhRwZcANNWVLrxLfNFEdltoPNhECUR3lc+UdJoG9CBpMcSnKyWA94tc3eAujB1GcMY5Uwq8ZMp4qWpxWYDQmaA==", + "optional": true, + "requires": { + "commander": "~2.20.3", + "source-map": "~0.6.1" + } + } + } + }, "har-schema": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", @@ -3709,9 +3761,12 @@ } }, "highlight.js": { - "version": "9.16.2", - "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.16.2.tgz", - "integrity": "sha512-feMUrVLZvjy0oC7FVJQcSQRqbBq9kwqnYE4+Kj9ZjbHh3g+BisiPgF49NyQbVLNdrL/qqZr3Ca9yOKwgn2i/tw==" + "version": "9.17.0", + "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.17.0.tgz", + "integrity": "sha512-PyO7FK7z8ZC7FqBlmAxm4d+1DYaoS6+uaxt9KGkyP1AnmGRLnWmNod1yp9BFjUyHoDF00k+V57gF6X9ifY7f/A==", + "requires": { + "handlebars": "^4.5.3" + } }, "homedir-polyfill": { "version": "1.0.3", @@ -4683,9 +4738,9 @@ } }, "mongodb": { - "version": "3.3.5", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.3.5.tgz", - "integrity": "sha512-6NAv5gTFdwRyVfCz+O+KDszvjpyxmZw+VlmqmqKR2GmpkeKrKFRv/ZslgTtZba2dc9JYixIf99T5Gih7TIWv7Q==", + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.4.0.tgz", + "integrity": "sha512-W90jm/n8F0Edm47ljkVRK9l8qGW9g8T9ZSiZWRiUP58wLhsCJCeN/JxdpVnH0CUwwAw2hITUcCo9x58udpX2Uw==", "requires": { "bson": "^1.1.1", "require_optional": "^1.0.1", @@ -4769,6 +4824,11 @@ "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.2.tgz", "integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==" }, + "neo-async": { + "version": "2.6.1", + "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.1.tgz", + "integrity": "sha512-iyam8fBuCUpWeKPGpaNMetEocMt364qkCsfL9JuhjXX6dRnguRVOfk2GZaDpPjcOKiiXCPINZC1GczQ7iTq3Zw==" + }, "netmask": { "version": "1.0.6", "resolved": "https://registry.npmjs.org/netmask/-/netmask-1.0.6.tgz", @@ -5035,6 +5095,15 @@ "wrappy": "1" } }, + "optimist": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz", + "integrity": "sha1-2j6nRob6IaGaERwybpDrFaAZZoY=", + "requires": { + "minimist": "~0.0.1", + "wordwrap": "~0.0.2" + } + }, "optionator": { "version": "0.8.3", "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.3.tgz", @@ -5347,13 +5416,14 @@ } }, "pm2": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/pm2/-/pm2-4.2.0.tgz", - "integrity": "sha512-toj4yv5zd1Nf5K7GFoL/bPEZvEJFgXSoHsmgp4axjCf+TEhsrBRjgMPsSSLtVcDeDNApOtZmJAY5TuH5sA1eOA==", + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/pm2/-/pm2-4.2.1.tgz", + "integrity": "sha512-y75VuMJmMoTgEMSveF4fQGbu3on4YkZXm5Mu4pPW1NlPgdD7yoWu8yfXzAKs94tKCIDrbL54Z5BfFBfUgmFSIw==", "requires": { "@pm2/agent": "^0.5.26", "@pm2/io": "^4.3.2", "@pm2/js-api": "^0.5.60", + "@pm2/pm2-version-check": "^1.0.3", "async": "^3.1.0", "blessed": "0.1.81", "chalk": "2.4.2", diff --git a/package.json b/package.json index da40071b..3ff02b15 100644 --- a/package.json +++ b/package.json @@ -25,12 +25,12 @@ "gulp-less": "^4.0.1", "gulp-pug": "^4.0.1", "gulp-uglify-es": "^1.0.4", - "highlight.js": "^9.16.2", + "highlight.js": "^9.17.0", "ioredis": "^4.14.1", - "mongodb": "^3.3.5", + "mongodb": "^3.4.0", "node-fetch": "^2.6.0", "path": "^0.12.7", - "pm2": "^4.2.0", + "pm2": "^4.2.1", "pug": "^2.0.4", "redlock": "^4.1.0", "sanitize-html": "^1.20.1", diff --git a/views/includes/webringboardtable.pug b/views/includes/webringboardtable.pug index 4a336426..b90d4737 100644 --- a/views/includes/webringboardtable.pug +++ b/views/includes/webringboardtable.pug @@ -1,5 +1,5 @@ .table-container.flex-center.mv-10.text-center - table.boardtable + table.boardtable.w900 tr th Board th Description diff --git a/views/pages/home.pug b/views/pages/home.pug index 01761fac..0b74b9b9 100644 --- a/views/pages/home.pug +++ b/views/pages/home.pug @@ -6,31 +6,17 @@ block head block content h1.board-title #{meta.siteName} - .table-container.flex-center.mv-10 + .table-container.flex-center.mv-10.text-center table tr th.alt Welcome tr - td.text-center - p + td + pre.no-m-p | This is an anonymous imageboard, a type of BBS where anyone can post messages and share images. - p - | You do not need to register or provide any personal information to make a post. This lowers the barrier to entry, protects user identities and focuses on what is said, rather than who says it. - p - | Choose a board below to join the discussion, or - a(href='/create.html') create your own - | . + | You don't need to register or provide any personal information to make a post. + | Choose a board below to join the discussion, or #[a(href='/create.html') create your own]. if boards && boards.length > 0 - .table-container.flex-center.mv-10.text-center - table - tr - th Overall Stats - tr - td - p - | There are currently #[span.bold #{totalStats.total-totalStats.unlisted}] public boards, #[span.bold #{totalStats.total}] in total. - | Sitewide, #[span.bold #{totalStats.pph}] posts have been made in the last hour, #[span.bold #{totalStats.posts}] in total. - | #[span.bold #{fileStats.count}] files are being served, totaling #[span.bold #{fileStats.totalSizeString}]. include ../includes/boardtable.pug each board in boards tr @@ -44,3 +30,13 @@ block content td #{board.pph} td #{board.ips} td #{board.sequence_value-1} + .table-container.flex-center.mv-10.text-center + table(style='max-width:450px') + tr + th Overall Stats + tr + td + pre.no-m-p + | There are currently #[span.bold #{totalStats.total-totalStats.unlisted}] public boards, #[span.bold #{totalStats.total}] in total. + | Sitewide, #[span.bold #{totalStats.pph}] post#{totalStats.pph === 1 ? ' has' : 's have'} been made in the last hour, #[span.bold #{totalStats.posts}] in total. + | #[span.bold #{fileStats.count}] file#{fileStats.count === 1 ? ' is' : 's are'} being served, totaling #[span.bold #{fileStats.totalSizeString}].