fhirsmith 0.3.0 → 0.5.0

package/registry/api.js

@@ -1,6 +1,7 @@
 // Enhanced registry-api.js with resolver and HTML rendering functions
 
 const { ServerRegistryUtilities } = require('./model');
+const escape = require('escape-html');
 
 class RegistryAPI {
   constructor(crawler) {
@@ -631,19 +632,19 @@ class RegistryAPI {
       html += '<tr>\n';
       
       if (!regCode) {
-        html += `<td><a href="${path}&registry=${row['registry-code']}">${this._escapeHtml(row['registry-name'])}</a></td>\n`;
+        html += `<td><a href="${path}&registry=${row['registry-code']}">${escape(row['registry-name'])}</a></td>\n`;
       }
       if (!serverCode) {
-        html += `<td><a href="${path}&server=${row['server-code']}">${this._escapeHtml(row['server-name'])}</a></td>\n`;
+        html += `<td><a href="${path}&server=${row['server-code']}">${escape(row['server-name'])}</a></td>\n`;
       }
       if (!versionCode) {
         html += `<td><a href="${path}&fhirVersion=${row.fhirVersion}">${row.fhirVersion}</a></td>\n`;
       }
       
-      html += `<td><a href="${this._escapeHtml(row.url)}">${this._escapeHtml(row.url)}</a></td>\n`;
+      html += `<td><a href="${escape(row.url)}">${escape(row.url)}</a></td>\n`;
       
       if (row.error) {
-        html += `<td><span style="color: maroon">Error: ${this._escapeHtml(row.error)}</span> Last OK ${this._formatDuration(row['last-success'])} ago</td>\n`;
+        html += `<td><span style="color: maroon">Error: ${escape(row.error)}</span> Last OK ${this._formatDuration(row['last-success'])} ago</td>\n`;
       } else {
         html += `<td>Last OK ${this._formatDuration(row['last-success'])} ago</td>\n`;
       }
@@ -673,20 +674,20 @@ class RegistryAPI {
     const data = this.crawler.getData();
     let html = '<table class="grid">';
     
-    html += `<tr><td width="130px"><img src="/assets/images/tx-registry-root.gif">&nbsp;Registries</td><td>${data.address} (${this._escapeHtml(data.outcome)})</td></tr>`;
+    html += `<tr><td width="130px"><img src="/assets/images/tx-registry-root.gif">&nbsp;Registries</td><td>${data.address} (${escape(data.outcome)})</td></tr>`;
     
     data.registries.forEach(registry => {
       if (registry.error) {
-        html += `<tr><td title="${this._escapeHtml(registry.name)}">&nbsp;<img src="/assets/images/tx-registry.png">&nbsp;${registry.code}</td><td><a href="${this._escapeHtml(registry.address)}">${this._escapeHtml(registry.address)}</a>. Error: ${this._escapeHtml(registry.error)}</td></tr>`;
+        html += `<tr><td title="${escape(registry.name)}">&nbsp;<img src="/assets/images/tx-registry.png">&nbsp;${registry.code}</td><td><a href="${escape(registry.address)}">${escape(registry.address)}</a>. Error: ${escape(registry.error)}</td></tr>`;
       } else {
-        html += `<tr><td title="${this._escapeHtml(registry.name)}">&nbsp;&nbsp;<img src="/assets/images/tx-registry.png">&nbsp;${registry.code}</td><td><a href="${this._escapeHtml(registry.address)}">${this._escapeHtml(registry.address)}</a></td></tr>`;
+        html += `<tr><td title="${escape(registry.name)}">&nbsp;&nbsp;<img src="/assets/images/tx-registry.png">&nbsp;${registry.code}</td><td><a href="${escape(registry.address)}">${escape(registry.address)}</a></td></tr>`;
       }
       
       registry.servers.forEach(server => {
         if (server.authCSList.length > 0 || server.authVSList.length > 0 || server.usageList.length > 0) {
-          html += `<tr><td title="${this._escapeHtml(server.name)}">&nbsp;&nbsp;&nbsp;&nbsp;<img src="/assets/images/tx-server.png">&nbsp;${server.code}</td><td><a href="${this._escapeHtml(server.address)}">${this._escapeHtml(server.address)}</a>. ${server.description}</td></tr>`;
+          html += `<tr><td title="${escape(server.name)}">&nbsp;&nbsp;&nbsp;&nbsp;<img src="/assets/images/tx-server.png">&nbsp;${server.code}</td><td><a href="${escape(server.address)}">${escape(server.address)}</a>. ${server.description}</td></tr>`;
         } else {
-          html += `<tr><td title="${this._escapeHtml(server.name)}">&nbsp;&nbsp;&nbsp;&nbsp;<img src="/assets/images/tx-server.png">&nbsp;${server.code}</td><td><a href="${this._escapeHtml(server.address)}">${this._escapeHtml(server.address)}</a></td></tr>`;
+          html += `<tr><td title="${escape(server.name)}">&nbsp;&nbsp;&nbsp;&nbsp;<img src="/assets/images/tx-server.png">&nbsp;${server.code}</td><td><a href="${escape(server.address)}">${escape(server.address)}</a></td></tr>`;
         }
         
         server.versions.forEach(version => {
@@ -694,7 +695,7 @@ class RegistryAPI {
           const versionParts = version.version.split('.');
           const majorMinor = versionParts.slice(0, 2).join('.');
           
-          html += `<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<img src="/assets/images/tx-version.png">&nbsp;v${majorMinor}</td><td><a href="${this._escapeHtml(version.address)}">${this._escapeHtml(version.address)}</a>. Status: ${this._escapeHtml(version.details)}. ${version.codeSystems.length} CodeSystems, ${version.valueSets.length} ValueSets</td></tr>`;
+          html += `<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<img src="/assets/images/tx-version.png">&nbsp;v${majorMinor}</td><td><a href="${escape(version.address)}">${escape(version.address)}</a>. Status: ${escape(version.details)}. ${version.codeSystems.length} CodeSystems, ${version.valueSets.length} ValueSets</td></tr>`;
         });
       });
     });

package/registry/crawler.js

@@ -14,7 +14,7 @@ const MASTER_URL = 'https://fhir.github.io/ig-registry/tx-servers.json';
 class RegistryCrawler {
   log;
 
-  constructor(config = {}) {
+  constructor(config = {}, stats) {
     this.config = {
       timeout: config.timeout || 30000, // 30 seconds default
       masterUrl: config.masterUrl || MASTER_URL,
@@ -22,7 +22,8 @@ class RegistryCrawler {
       crawlInterval: config.crawlInterval || 5 * 60 * 1000, // 5 minutes default
       apiKeys: config.apiKeys || {} // Map of server URL or code to API key
     };
-    
+    this.stats = stats;
+
     this.currentData = new ServerRegistries();
     this.crawlTimer = null;
     this.isCrawling = false;
@@ -35,32 +36,32 @@ class RegistryCrawler {
     this.log = logv;
   }
 
-  /**
-   * Start the crawler with periodic updates
-   */
-  start() {
-    if (this.crawlTimer) {
-      return; // Already running
-    }
-    
-    // Initial crawl
-    this.crawl();
-    
-    // Set up periodic crawling
-    this.crawlTimer = setInterval(() => {
-      this.crawl();
-    }, this.config.crawlInterval);
-  }
-
-  /**
-   * Stop the crawler
-   */
-  stop() {
-    if (this.crawlTimer) {
-      clearInterval(this.crawlTimer);
-      this.crawlTimer = null;
-    }
-  }
+  // /**
+  //  * Start the crawler with periodic updates
+  //  */
+  // start() {
+  //   if (this.crawlTimer) {
+  //     return; // Already running
+  //   }
+  //
+  //   // Initial crawl
+  //   this.crawl();
+  //
+  //   // Set up periodic crawling
+  //   this.crawlTimer = setInterval(() => {
+  //     this.crawl();
+  //   }, this.config.crawlInterval);
+  // }
+  //
+  // /**
+  //  * Stop the crawler
+  //  */
+  // stop() {
+  //   if (this.crawlTimer) {
+  //     clearInterval(this.crawlTimer);
+  //     this.crawlTimer = null;
+  //   }
+  // }
 
   /**
    * Main entry point - crawl the registry starting from the master URL
@@ -133,7 +134,8 @@ class RegistryCrawler {
     registry.name = registryConfig.name;
     registry.authority = registryConfig.authority || '';
     registry.address = registryConfig.url;
-    
+    this.stats.task('TxRegistry', 'Checking: '+registry.address);
+
     if (!registry.name) {
       this.addLogEntry('error', 'No name provided for registry', registryConfig.url);
       return registry;

package/registry/model.js

@@ -1,5 +1,6 @@
 // registry-model.js
 // Data model for terminology server registry
+const escape = require('escape-html');
 
 class ServerVersionInformation {
   constructor() {
@@ -36,28 +37,17 @@ class ServerVersionInformation {
   getCsListHtml() {
     if (this.codeSystems.length === 0) return '<ul></ul>';
     return '<ul>' + this.codeSystems.map(cs => 
-      `<li>${this._escapeHtml(cs)}</li>`
+      `<li>${escape(cs)}</li>`
     ).join('') + '</ul>';
   }
 
   getVsListHtml() {
     if (this.valueSets.length === 0) return '<ul></ul>';
     return '<ul>' + this.valueSets.map(vs => 
-      `<li>${this._escapeHtml(vs)}</li>`
+      `<li>${escape(vs)}</li>`
     ).join('') + '</ul>';
   }
 
-  _escapeHtml(text) {
-    const map = {
-      '&': '&amp;',
-      '<': '&lt;',
-      '>': '&gt;',
-      '"': '&quot;',
-      "'": '&#039;'
-    };
-    return text.replace(/[&<>"']/g, m => map[m]);
-  }
-
   toJSON() {
     return {
       version: this.version,
@@ -151,7 +141,7 @@ class ServerInformation {
       if (result) result += '. ';
       result += 'Authoritative for the following CodeSystems: <ul>';
       this.authCSList.forEach(cs => {
-        const escaped = this._escapeHtml(cs).replace('*', '<b>*</b>');
+        const escaped = escape(cs).replace(/\*/g, '<b>*</b>');
         result += `<li>${escaped}</li>`;
       });
       result += '</ul>';
@@ -161,7 +151,7 @@ class ServerInformation {
       if (result) result += '. ';
       result += 'Authoritative for the following ValueSets: <ul>';
       this.authVSList.forEach(vs => {
-        const escaped = this._escapeHtml(vs).replace('*', '<b>*</b>');
+        const escaped = escape(vs).replace(/\*/g, '<b>*</b>');
         result += `<li>${escaped}</li>`;
       });
       result += '</ul>';
@@ -170,17 +160,6 @@ class ServerInformation {
     return result;
   }
 
-  _escapeHtml(text) {
-    const map = {
-      '&': '&amp;',
-      '<': '&lt;',
-      '>': '&gt;',
-      '"': '&quot;',
-      "'": '&#039;'
-    };
-    return text.replace(/[&<>"']/g, m => map[m]);
-  }
-
   toJSON() {
     return {
       code: this.code,

package/registry/readme.md

@@ -195,17 +195,7 @@ npm run test:jest
 
 ## Data Persistence
 
-The crawler can save and load its state:
-
-```javascript
-// Save current state
-const data = crawler.saveData();
-fs.writeFileSync('registry-data.json', JSON.stringify(data));
-
-// Load saved state
-const savedData = JSON.parse(fs.readFileSync('registry-data.json'));
-crawler.loadData(savedData);
-```
+The crawler saves and loads its state in [data]/registry-data.json
 
 ## Development
 

package/registry/registry.js

@@ -8,6 +8,7 @@ const htmlServer = require('../library/html-server');
 const Logger = require('../library/logger');
 const regLog = Logger.getInstance().child({ module: 'registry' });
 const folders = require('../library/folder-setup');
+const escape = require('escape-html');
 
 class RegistryModule {
   constructor(stats) {
@@ -43,7 +44,7 @@ class RegistryModule {
         apiKeys: config.apiKeys || {}
       };
 
-      this.crawler = new RegistryCrawler(crawlerConfig);
+      this.crawler = new RegistryCrawler(crawlerConfig, this.stats);
       this.crawler.useLog(regLog);
       
       // Initialize API with crawler
@@ -119,6 +120,7 @@ class RegistryModule {
     }, 5000);
 
     // Set up periodic crawling
+    this.stats.addTask("TxRegistry", `${intervalMinutes} min`);
     this.crawlInterval = setInterval(() => {
       this.performCrawl();
     }, intervalMs);
@@ -134,6 +136,7 @@ class RegistryModule {
       this.logger.info('Crawl already in progress, skipping...');
       return;
     }
+    this.stats.task('TxRegistry', 'Crawling');
 
     this.crawlInProgress = true;
     this.logger.info('Starting registry crawl...');
@@ -160,9 +163,10 @@ class RegistryModule {
                       `Found ${newData.registries.length} registries, ` +
                       `${metadata.errors.length} errors, ` +
                       `downloaded ${this.crawler.formatBytes(metadata.totalBytes)}`);
-      
+      this.stats.task('TxRegistry', 'Crawling Finished');
     } catch (error) {
       this.logger.error('Crawl failed:', error);
+      this.stats.task('TxRegistry', 'Crawling Error: '+error.message);
     } finally {
       this.crawlInProgress = false;
     }
@@ -487,15 +491,15 @@ class RegistryModule {
 
     for (const server of serverVersions) {
       html += '<tr>';
-      html += `<td><a href="${server.serverUrl}" target="_blank">${this._escapeHtml(server.serverUrl)}</a></td>`;
-      html += `<td>${this._escapeHtml(server.software.replace("Reference Server", "HealthIntersections"))}</td>`;
-      html += `<td>${this._escapeHtml(server.authority.replace("Published by", ""))}</td>`;
-      html += `<td>${this._escapeHtml(server.version)}</td>`;
-      html += `<td>${this._escapeHtml(server.security || '')}</td>`;
+      html += `<td><a href="${server.serverUrl}" target="_blank">${escape(server.serverUrl)}</a></td>`;
+      html += `<td>${escape(server.software.replace("Reference Server", "HealthIntersections"))}</td>`;
+      html += `<td>${escape(server.authority.replace("Published by", ""))}</td>`;
+      html += `<td>${escape(server.version)}</td>`;
+      html += `<td>${escape(server.security || '')}</td>`;
       html += '<td>';
       if (server.usage && server.usage.length > 0) {
         const badges = server.usage.map(tag =>
-          (tag == 'public' ? '' : `<span class="badge badge-info mr-1">${this._escapeHtml(tag)}</span>`)
+          (tag == 'public' ? '' : `<span class="badge badge-info mr-1">${escape(tag)}</span>`)
         );
         html += badges.join(' ');
       }
@@ -534,19 +538,6 @@ class RegistryModule {
     return html;
   }
 
-  /**
-   * Helper function to escape HTML special characters
-   */
-  _escapeHtml(text) {
-    if (!text) return '';
-    return text
-      .replace(/&/g, '&amp;')
-      .replace(/</g, '&lt;')
-      .replace(/>/g, '&gt;')
-      .replace(/"/g, '&quot;')
-      .replace(/'/g, '&#039;');
-  }
-
   /**
    * Gather information about authoritative code systems
    * @returns {Array} Array of objects with code system information
@@ -821,8 +812,8 @@ class RegistryModule {
       // First row for this code system
       const rowspan = cs.servers.length;
       html += '<tr>';
-      html += `<td rowspan="${rowspan}">${this._highlightWildcard(this._escapeHtml(formattedMask))}</td>`;
-      html += `<td><a href="${this._escapeHtml(cs.servers[0].url)}" target="_blank">${this._escapeHtml(cs.servers[0].url)}</a></td>`;
+      html += `<td rowspan="${rowspan}">${this._highlightWildcard(escape(formattedMask))}</td>`;
+      html += `<td><a href="${escape(cs.servers[0].url)}" target="_blank">${escape(cs.servers[0].url)}</a></td>`;
 
       // Format versions as R3/R4/R5
       const formattedVersions = cs.servers[0].versions.map(v => this._formatFhirVersion(v));
@@ -832,7 +823,7 @@ class RegistryModule {
       // Additional rows for this code system (if any)
       for (let i = 1; i < cs.servers.length; i++) {
         html += '<tr>';
-        html += `<td><a href="${this._escapeHtml(cs.servers[i].url)}" target="_blank">${this._escapeHtml(cs.servers[i].url)}</a></td>`;
+        html += `<td><a href="${escape(cs.servers[i].url)}" target="_blank">${escape(cs.servers[i].url)}</a></td>`;
 
         // Format versions as R3/R4/R5
         const formattedVersions = cs.servers[i].versions.map(v => this._formatFhirVersion(v));
@@ -877,8 +868,8 @@ class RegistryModule {
       // First row for this value set
       const rowspan = vs.servers.length;
       html += '<tr>';
-      html += `<td rowspan="${rowspan}">${this._highlightWildcard(this._escapeHtml(vs.mask))}</td>`;
-      html += `<td><a href="${this._escapeHtml(vs.servers[0].url)}" target="_blank">${this._escapeHtml(vs.servers[0].url)}</a></td>`;
+      html += `<td rowspan="${rowspan}">${this._highlightWildcard(escape(vs.mask))}</td>`;
+      html += `<td><a href="${escape(vs.servers[0].url)}" target="_blank">${escape(vs.servers[0].url)}</a></td>`;
 
       // Format versions as R3/R4/R5
       const formattedVersions = vs.servers[0].versions.map(v => this._formatFhirVersion(v));
@@ -888,7 +879,7 @@ class RegistryModule {
       // Additional rows for this value set (if any)
       for (let i = 1; i < vs.servers.length; i++) {
         html += '<tr>';
-        html += `<td><a href="${this._escapeHtml(vs.servers[i].url)}" target="_blank">${this._escapeHtml(vs.servers[i].url)}</a></td>`;
+        html += `<td><a href="${escape(vs.servers[i].url)}" target="_blank">${escape(vs.servers[i].url)}</a></td>`;
 
         // Format versions as R3/R4/R5
         const formattedVersions = vs.servers[i].versions.map(v => this._formatFhirVersion(v));
@@ -1103,11 +1094,11 @@ class RegistryModule {
     html += '<h2 class="card-title">Query Information</h2>';
     html += '</div>';
     html += '<div class="card-body">';
-    html += `<p><strong>FHIR Version:</strong> ${this._escapeHtml(fhirVersion)}</p>`;
-    html += `<p><strong>Resource URL:</strong> ${this._escapeHtml(resourceUrl)}</p>`;
-    html += `<p><strong>Registry URL:</strong> <a href="${result['registry-url']}" target="_blank">${this._escapeHtml(result['registry-url'])}</a></p>`;
+    html += `<p><strong>FHIR Version:</strong> ${escape(fhirVersion)}</p>`;
+    html += `<p><strong>Resource URL:</strong> ${escape(resourceUrl)}</p>`;
+    html += `<p><strong>Registry URL:</strong> <a href="${result['registry-url']}" target="_blank">${escape(result['registry-url'])}</a></p>`;
     if (usage) {
-      html += `<p><strong>Usage:</strong> ${this._escapeHtml(usage)}</p>`;
+      html += `<p><strong>Usage:</strong> ${escape(usage)}</p>`;
     }
     html += '</div>';
     html += '</div>';
@@ -1133,10 +1124,10 @@ class RegistryModule {
 
       result.authoritative.forEach(server => {
         html += '<tr>';
-        html += `<td>${this._escapeHtml(server['server-name'])}</td>`;
-        html += `<td><a href="${server.url}" target="_blank">${this._escapeHtml(server.url)}</a></td>`;
+        html += `<td>${escape(server['server-name'])}</td>`;
+        html += `<td><a href="${server.url}" target="_blank">${escape(server.url)}</a></td>`;
         html += `<td>${this.renderSecurityTags(server)}</td>`;
-        html += `<td>${server.access_info ? this._escapeHtml(server.access_info) : ''}</td>`;
+        html += `<td>${server.access_info ? escape(server.access_info) : ''}</td>`;
         html += '</tr>';
       });
 
@@ -1170,10 +1161,10 @@ class RegistryModule {
 
       result.candidates.forEach(server => {
         html += '<tr>';
-        html += `<td>${this._escapeHtml(server['server-name'])}</td>`;
-        html += `<td><a href="${server.url}" target="_blank">${this._escapeHtml(server.url)}</a></td>`;
+        html += `<td>${escape(server['server-name'])}</td>`;
+        html += `<td><a href="${server.url}" target="_blank">${escape(server.url)}</a></td>`;
         html += `<td>${this.renderSecurityTags(server)}</td>`;
-        html += `<td>${server.access_info ? this._escapeHtml(server.access_info) : ''}</td>`;
+        html += `<td>${server.access_info ? escape(server.access_info) : ''}</td>`;
         html += '</tr>';
       });
 
@@ -1230,7 +1221,7 @@ class RegistryModule {
     html += '<p>';
     html += '<label for="fhirVersion" class="form-label fw-bold">FHIR Version <span class="text-danger">*</span></label>';
     html += `<input type="text" class="form-control" id="fhirVersion" name="fhirVersion" size="8" 
-           value="${this._escapeHtml(fhirVersion)}" required>`;
+           value="${escape(fhirVersion)}" required>`;
     html += '</p>';
     html += '<p class="text-muted small">Examples: R4, 4.0.1, 5.0.0, etc.</p>';
 
@@ -1238,7 +1229,7 @@ class RegistryModule {
     html += '<p>';
     html += '<label for="url" class="form-label fw-bold">Code System URL</label>';
     html += `<input type="url" class="form-control" id="url" name="url" 
-           value="${this._escapeHtml(url)}">`;
+           value="${escape(url)}">`;
     html += '</p>';
     html += '<p class="text-muted small">Example: http://loinc.org</p>';
 
@@ -1246,7 +1237,7 @@ class RegistryModule {
     html += '<p>';
     html += '<label for="valueSet" class="form-label fw-bold">Value Set URL</label>';
     html += `<input type="url" class="form-control" id="valueSet" name="valueSet" 
-           value="${this._escapeHtml(valueSet)}">`;
+           value="${escape(valueSet)}">`;
     html += '</p>';
     html += '<p class="text-muted small">Example: http://hl7.org/fhir/ValueSet/observation-codes</p>';
 
@@ -1382,7 +1373,7 @@ class RegistryModule {
         }
 
         // Format: [time] [LEVEL] message
-        html += `<span style="color: #666;">[${timeDisplay}]</span> <span style="${levelStyle}">[${log.level.toUpperCase()}]</span> ${this._escapeHtml(log.message)}\n`;
+        html += `<span style="color: #666;">[${timeDisplay}]</span> <span style="${levelStyle}">[${log.level.toUpperCase()}]</span> ${escape(log.message)}\n`;
       });
     }
 

package/server.js

@@ -11,6 +11,8 @@ const express = require('express');
 const path = require('path');
 const fs = require('fs');
 const folders = require('./library/folder-setup');  // <-- ADD: load early
+const { statSync, readdirSync } = require('fs');
+const escape = require('escape-html');
 
 // Load configuration BEFORE logger
 let config;
@@ -46,7 +48,7 @@ const packageJson = require('./package.json');
 const htmlServer = require('./library/html-server');
 const ServerStats = require("./stats");
 const {Liquid} = require("liquidjs");
-const {escapeHtml} = require("./library/utilities");
+
 htmlServer.useLog(serverLog);
 
 const app = express();
@@ -182,7 +184,6 @@ async function initializeModules() {
       modules.tx = new TXModule(stats);
       await modules.tx.initialize(config.modules.tx, app);
     } catch (error) {
-      console.log(error);
       serverLog.error('Failed to initialize TX module:', error);
       throw error;
     }
@@ -333,7 +334,7 @@ async function buildRootPageContent() {
   content += '<table class="grid">';
   content += '<tr>';
   content += `<td><strong>Module Count:</strong> ${mc}</td>`;
-  content += `<td><strong>Uptime:</strong> ${escapeHtml(uptimeStr)}</td>`;
+  content += `<td><strong>Uptime:</strong> ${escape(uptimeStr)}</td>`;
   content += `<td><strong>Request Count:</strong> ${stats.requestCount}</td>`;
   content += '</tr>';
   content += '<tr>';
@@ -341,7 +342,7 @@ async function buildRootPageContent() {
   content += `<td><strong>Heap Total:</strong> ${heapTotalMB} MB</td>`;
   content += `<td><strong>Process Memory:</strong> ${rssMB} MB</td>`;
   content += '</tr>';
-
+  content += getLogStats();
   content += '</table>';
 
 
@@ -355,6 +356,7 @@ async function buildRootPageContent() {
     historyJson: JSON.stringify(stats.history),
     startTime: stats.startTime
   });
+  content += stats.taskDetails();
 
   content += '</div>';
   return content;
@@ -388,7 +390,7 @@ app.get('/', async (req, res) => {
         processingTime: Date.now() - startTime
       };
 
-      const html = htmlServer.renderPage('root', config.hostName || 'FHIRsmith Server', content, stats);
+      const html = htmlServer.renderPage('root', escape(config.hostName) || 'FHIRsmith Server', content, stats);
       res.setHeader('Content-Type', 'text/html');
       res.send(html);
     } catch (error) {
@@ -473,6 +475,52 @@ app.get('/health', async (req, res) => {
   res.json(healthStatus);
 });
 
+/**
+ * Get log directory statistics: file count, total size, and disk space info
+ * @returns {string} HTML table row(s) with log stats
+ */
+function getLogStats() {
+  const logDir = folders.logsDir();
+
+  try {
+    const files = readdirSync(logDir).filter(f => f.endsWith('.log'));
+    let totalSize = 0;
+    for (const file of files) {
+      totalSize += statSync(path.join(logDir, file)).size;
+    }
+
+    const sizeMB = (totalSize / 1024 / 1024).toFixed(2);
+
+    let diskInfo = '';
+    try {
+      // statfs available in Node 18.15+
+      const stats = fs.statfsSync(logDir);
+      const blockSize = stats.bsize;
+      const freeSpace = stats.bavail * blockSize;
+      const totalSpace = stats.blocks * blockSize;
+      const freeGB = (freeSpace / 1024 / 1024 / 1024).toFixed(2);
+      const totalGB = (totalSpace / 1024 / 1024 / 1024).toFixed(2);
+      diskInfo = `<td><strong>Disk Space:</strong> ${freeGB} GB of ${totalGB} GB</td>`;
+    } catch {
+      diskInfo = '<td><strong>Disk Space:</strong> unavailable</td>';
+    }
+
+    // Log rotation limit from logger config
+    const loggerOpts = Logger.getInstance().options;
+    const maxFiles = loggerOpts.file.maxFiles;
+    const maxSize = loggerOpts.file.maxSize;
+    const limitInfo = `${maxFiles} files × ${maxSize} each`;
+
+    return '<tr>'
+      + `<td><strong>Existing Logs:</strong> ${files.length} (${sizeMB} MB)</td>`
+      + `<td><strong>Retention Policy:</strong> ${limitInfo}</td>`
+      + diskInfo
+      + '</tr>';
+  } catch (e) {
+    return `<tr><td colspan="3"><strong>Logs:</strong> unable to read (${e.message})</td></tr>`;
+  }
+}
+
 // Initialize everything
 async function startServer() {
   try {

package/shl/shl.js

@@ -222,24 +222,6 @@ class SHLModule {
     }
   }
 
-  // Enhanced HTML escaping
-  escapeHtml(str) {
-    if (!str || typeof str !== 'string') return '';
-
-    const escapeMap = {
-      '&': '&',
-      '<': '&lt;',
-      '>': '&gt;',
-      '"': '&quot;',
-      "'": '&#x27;',
-      '/': '&#x2F;',
-      '`': '&#x60;',
-      '=': '&#x3D;'
-    };
-
-    return str.replace(/[&<>"'`=/]/g, (match) => escapeMap[match]);
-  }
-
   // URL validation
   validateExternalUrl(url) {
     try {

package/static/assets/js/statuspage.js

@@ -1,13 +1,5 @@
 <!--- admin -->
-
-String.prototype.escapeHTML = function () {                                       
-        return(                                                                 
-            this.replace(/&/g,'&amp;').                                         
-                replace(/>/g,'&gt;').                                           
-                replace(/</g,'&lt;').                                           
-                replace(/"/g,'&quot;')                                         
-        );                                                                     
-    };
+const escape = require('escape-html');
 
 function setCookie(c_name,value,exdays)
 {