fixed leaky app.state on the server-side. fixes #928

This commit is contained in:
Danny Coates 2018-09-18 16:23:58 -07:00
parent 17a0393ce0
commit 99055b1342
No known key found for this signature in database
GPG Key ID: 4C442633C62E00CB
4 changed files with 52 additions and 50 deletions

View File

@ -1,3 +1,5 @@
import { browserName } from './utils';
async function checkCrypto() { async function checkCrypto() {
try { try {
const key = await crypto.subtle.generateKey( const key = await crypto.subtle.generateKey(
@ -76,10 +78,7 @@ export default async function capabilities() {
streamDownload: streamDownload:
nativeStreams && nativeStreams &&
'serviceWorker' in navigator && 'serviceWorker' in navigator &&
!( browserName() !== 'safari',
/safari/i.test(navigator.userAgent) &&
!/chrome/i.test(navigator.userAgent)
),
multifile: nativeStreams || polyStreams multifile: nativeStreams || polyStreams
}; };
} }

View File

@ -1,6 +1,6 @@
import 'fast-text-encoding'; // MS Edge support import 'fast-text-encoding'; // MS Edge support
import 'fluent-intl-polyfill'; import 'fluent-intl-polyfill';
import app from './routes'; import routes from './routes';
import capabilities from './capabilities'; import capabilities from './capabilities';
import locale from '../common/locales'; import locale from '../common/locales';
import fileManager from './fileManager'; import fileManager from './fileManager';
@ -14,6 +14,7 @@ import './main.css';
import User from './user'; import User from './user';
(async function start() { (async function start() {
const app = routes();
if (navigator.doNotTrack !== '1' && window.RAVEN_CONFIG) { if (navigator.doNotTrack !== '1' && window.RAVEN_CONFIG) {
Raven.config(window.SENTRY_ID, window.RAVEN_CONFIG).install(); Raven.config(window.SENTRY_ID, window.RAVEN_CONFIG).install();
} }

View File

@ -11,23 +11,25 @@ const profile = require('../templates/userAccount');
const modal = require('../templates/modal'); const modal = require('../templates/modal');
nanotiming.disabled = true; nanotiming.disabled = true;
const app = choo();
function banner(state, emit) { module.exports = function() {
if (state.promo && !state.route.startsWith('/unsupported/')) { const app = choo();
return fxPromo(state, emit);
function banner(state, emit) {
if (state.promo && !state.route.startsWith('/unsupported/')) {
return fxPromo(state, emit);
}
} }
}
function modalDialog(state, emit) { function modalDialog(state, emit) {
if (state.modal) { if (state.modal) {
return modal(state, emit); return modal(state, emit);
}
} }
}
function body(template) { function body(template) {
return function(state, emit) { return function(state, emit) {
const b = html`<body class="background ${activeBackground(state)}"> const b = html`<body class="background ${activeBackground(state)}">
${modalDialog(state, emit)} ${modalDialog(state, emit)}
${banner(state, emit)} ${banner(state, emit)}
<main class="main"> <main class="main">
@ -59,32 +61,32 @@ function body(template) {
</main> </main>
${footer(state)} ${footer(state)}
</body>`; </body>`;
if (state.layout) { if (state.layout) {
// server side only // server side only
return state.layout(state, b); return state.layout(state, b);
} }
return b; return b;
}; };
}
app.route('/', body(require('../pages/welcome')));
app.route('/share/:id', body(require('../pages/share')));
app.route('/download/:id', body(download));
app.route('/download/:id/:key', body(download));
app.route('/unsupported/:reason', body(require('../pages/unsupported')));
app.route('/legal', body(require('../pages/legal')));
app.route('/error', body(require('../pages/error')));
app.route('/blank', body(require('../pages/blank')));
app.route('/signin', body(require('../pages/signin')));
app.route('/api/fxa/oauth', async function(state, emit) {
try {
await state.user.finishLogin(state.query.code);
emit('replaceState', '/');
} catch (e) {
emit('replaceState', '/error');
setTimeout(() => emit('render'));
} }
});
app.route('*', body(require('../pages/notFound')));
module.exports = app; app.route('/', body(require('../pages/welcome')));
app.route('/share/:id', body(require('../pages/share')));
app.route('/download/:id', body(download));
app.route('/download/:id/:key', body(download));
app.route('/unsupported/:reason', body(require('../pages/unsupported')));
app.route('/legal', body(require('../pages/legal')));
app.route('/error', body(require('../pages/error')));
app.route('/blank', body(require('../pages/blank')));
app.route('/signin', body(require('../pages/signin')));
app.route('/api/fxa/oauth', async function(state, emit) {
try {
await state.user.finishLogin(state.query.code);
emit('replaceState', '/');
} catch (e) {
emit('replaceState', '/error');
setTimeout(() => emit('render'));
}
});
app.route('*', body(require('../pages/notFound')));
return app;
};

View File

@ -10,11 +10,11 @@ function stripEvents(str) {
module.exports = { module.exports = {
index: function(req, res) { index: function(req, res) {
res.send(stripEvents(routes.toString('/', state(req)))); res.send(stripEvents(routes().toString('/', state(req))));
}, },
blank: function(req, res) { blank: function(req, res) {
res.send(stripEvents(routes.toString('/blank', state(req)))); res.send(stripEvents(routes().toString('/blank', state(req))));
}, },
download: async function(req, res, next) { download: async function(req, res, next) {
@ -24,7 +24,7 @@ module.exports = {
res.set('WWW-Authenticate', `send-v1 ${nonce}`); res.set('WWW-Authenticate', `send-v1 ${nonce}`);
res.send( res.send(
stripEvents( stripEvents(
routes.toString( routes().toString(
`/download/${id}`, `/download/${id}`,
Object.assign(state(req), { Object.assign(state(req), {
downloadMetadata: { nonce, pwd } downloadMetadata: { nonce, pwd }
@ -40,7 +40,7 @@ module.exports = {
unsupported: function(req, res) { unsupported: function(req, res) {
res.send( res.send(
stripEvents( stripEvents(
routes.toString( routes().toString(
`/unsupported/${req.params.reason}`, `/unsupported/${req.params.reason}`,
Object.assign(state(req), { fira: true }) Object.assign(state(req), { fira: true })
) )
@ -49,10 +49,10 @@ module.exports = {
}, },
legal: function(req, res) { legal: function(req, res) {
res.send(stripEvents(routes.toString('/legal', state(req)))); res.send(stripEvents(routes().toString('/legal', state(req))));
}, },
notfound: function(req, res) { notfound: function(req, res) {
res.status(404).send(stripEvents(routes.toString('/404', state(req)))); res.status(404).send(stripEvents(routes().toString('/404', state(req))));
} }
}; };