npm - hof - Versions diffs - 19.14.2 → 20.0.0-beta.2 - Mend

hof 19.14.2 → 20.0.0-beta.2

Files changed (89) hide show

package/utilities/helpers/index.js CHANGED Viewed

@@ -94,7 +94,7 @@ module.exports = class Helpers {
   /**
    * utility function which returns undefined on
    * failed translations instead of returning the key
-   * @param {Function} translate - the translate function
+   * @param {Function} translate - the translate funtion
    * @param {String} key - the key to translate
    * @returns {String|undefined} the string result if successful, undefined if not
    */
@@ -131,19 +131,4 @@ module.exports = class Helpers {
       `pages.${key}.header`
     ]) || key;
   }
-  /**
-   * utility function which returns true or false on
-   * forks depending on whether a value exists on the page
-   * @param {Object} req - an http request object
-   * @param {Object} res - an http response object
-   * @param {Function|Object} condition - a field condition that is either a function or object
-   * @returns {Boolean} the boolean result of whether a field value is set on the page or session for a fork
-   */
-  static isFieldValueInPageOrSessionValid(req, res, condition) {
-    return _.isFunction(condition) ?
-      condition(req, res) :
-      condition.value === (req.form.values[condition.field] ||
-      (!Object.keys(req.form.values).includes(condition.field) &&
-      _.get(req, `form.historicalValues[${condition.field}]`)));
-  }
 };

package/wizard/index.js CHANGED Viewed

@@ -69,7 +69,6 @@ const Wizard = (steps, fields, setts) => {
     options.confirmStep = settings.confirmStep;
     options.clearSession = options.clearSession || false;
     options.fieldsConfig = _.cloneDeep(fields);
-    options.sanitiseInputs = settings.sanitiseInputs;
     options.defaultFormatters = [].concat(settings.formatters);

package/config/rate-limits.js DELETED Viewed

@@ -1,20 +0,0 @@
-module.exports = {
-  rateLimits: {
-    env: process.env.NODE_ENV,
-    requests: {
-      active: false,
-      windowSizeInMinutes: 5,
-      maxWindowRequestCount: 100,
-      windowLogIntervalInMinutes: 1,
-      errCode: 'DDOS_RATE_LIMIT'
-    },
-    submissions: {
-      active: false,
-      windowSizeInMinutes: 10,
-      maxWindowRequestCount: 1,
-      windowLogIntervalInMinutes: 1,
-      errCode: 'SUBMISSION_RATE_LIMIT'
-    }
-  }
-};

package/config/sanitisation-rules.js DELETED Viewed

@@ -1,29 +0,0 @@
-'use strict';
-/* eslint no-process-env: "off" */
-const sanitisationBlacklistArray = {
-  // Input will be sanitised using the below rules
-  // The key is what we're sanitising out
-  // The regex is the rule we used to find them (note some dictate repeating characters)
-  // And the replace is what we're replacing that pattern with. Usually nothing sometimes a
-  // single character or sometimes a single character followed by a "-"
-  '/*': { regex: '\/\\*', replace: '-' },
-  '*/': { regex: '\\*\\/', replace: '-' },
-  '|': { regex: '\\|', replace: '-' },
-  '&&': { regex: '&&+', replace: '&' },
-  '@@': { regex: '@@+', replace: '@' },
-  '/..;/': { regex: '/\\.\\.;/', replace: '-' }, // Purposely input before ".." as they conflict
-  '..': { regex: '\\.\\.+', replace: '.' },
-  '/etc/passwd': { regex: '\/etc\/passwd', replace: '-' },
-  'c:\\': { regex: 'c:\\\\', replace: '-' },
-  'cmd.exe': { regex: 'cmd\\.exe', replace: '-' },
-  '<': { regex: '<', replace: '<-' },
-  '>': { regex: '>', replace: '>-' },
-  '[': { regex: '\\[+', replace: '[-' },
-  ']': { regex: '\\]+', replace: ']-' },
-  '~': { regex: '~', replace: '~-' },
-  '&#': { regex: '&#', replace: '&#-' },
-  '%U': { regex: '%U', replace: '%U-' }
-};
-module.exports = sanitisationBlacklistArray;

package/frontend/govuk-template/govuk_template.html DELETED Viewed

@@ -1,109 +0,0 @@
-<!DOCTYPE html>
-<!--[if lt IE 9]><html class="lte-ie8" lang="{{htmlLang}}"><![endif]-->
-<!--[if gt IE 8]><!--><html lang="{{htmlLang}}"><!--<![endif]-->
-  <head>
-    <meta charset="utf-8" />
-    <title>{{$pageTitle}}{{/pageTitle}}</title>
-    <!--[if gt IE 8]><!--><link rel="stylesheet" media="screen" href="{{govukAssetPath}}stylesheets/govuk-template.css?0.26.0"/><!--<![endif]-->
-    <!--[if IE 6]><link rel="stylesheet" media="screen" href="{{govukAssetPath}}stylesheets/govuk-template-ie6.css?0.26.0"/><![endif]-->
-    <!--[if IE 7]><link rel="stylesheet" media="screen" href="{{govukAssetPath}}stylesheets/govuk-template-ie7.css?0.26.0"/><![endif]-->
-    <!--[if IE 8]><link rel="stylesheet" media="screen" href="{{govukAssetPath}}stylesheets/govuk-template-ie8.css?0.26.0"/><![endif]-->
-    <link rel="stylesheet" media="print" href="{{govukAssetPath}}stylesheets/govuk-template-print.css?0.26.0"/>
-    <link rel="stylesheet" media="all" href="{{govukAssetPath}}stylesheets/fonts.css?0.26.0"/>
-    <!--[if lt IE 9]><script src="{{govukAssetPath}}javascripts/ie.js?0.26.0"></script><![endif]-->
-    <link rel="shortcut icon" href="{{govukAssetPath}}images/favicon.ico?0.26.0" type="image/x-icon" />
-    <link rel="mask-icon" href="{{govukAssetPath}}images/gov.uk_logotype_crown.svg?0.26.0" color="#0b0c0c">
-    <link rel="apple-touch-icon" sizes="180x180" href="{{govukAssetPath}}images/apple-touch-icon-180x180.png?0.26.0">
-    <link rel="apple-touch-icon" sizes="167x167" href="{{govukAssetPath}}images/apple-touch-icon-167x167.png?0.26.0">
-    <link rel="apple-touch-icon" sizes="152x152" href="{{govukAssetPath}}images/apple-touch-icon-152x152.png?0.26.0">
-    <link rel="apple-touch-icon" href="{{govukAssetPath}}images/apple-touch-icon.png?0.26.0">
-    <meta name="theme-color" content="#0b0c0c" />
-    <meta name="viewport" content="width=device-width, initial-scale=1">
-    {{$head}}{{/head}}
-    <meta property="og:image" content="{{govukAssetPath}}images/opengraph-image.png?0.26.0">
-  </head>
-  <body class="{{$bodyClasses}}{{/bodyClasses}}">
-    <script {{#nonce}}nonce="{{nonce}}"{{/nonce}}>document.body.className = ((document.body.className) ? document.body.className + ' js-enabled' : 'js-enabled');</script>
-    <div id="skiplink-container">
-      <div>
-        <a href="#content" class="skiplink">{{$skipLinkMessage}}Skip to main content{{/skipLinkMessage}}</a>
-      </div>
-    </div>
-    <div id="global-cookie-message">
-        {{$cookieMessage}}{{/cookieMessage}}
-    </div>
-    <header role="banner" id="global-header" class="{{$headerClass}}{{/headerClass}}">
-      <div class="header-wrapper">
-        <div class="header-global">
-          <div class="header-logo">
-            <a href="{{$homepageUrl}}https://www.gov.uk{{/homepageUrl}}" title="{{$logoLinkTitle}}Go to the GOV.UK homepage{{/logoLinkTitle}}" id="logo" class="content" data-module="track-click" data-track-category="homeLinkClicked" data-track-action="homeHeader">
-              <img src="{{govukAssetPath}}images/gov.uk_logotype_crown_invert_trans.png?0.26.0" width="36" height="32" alt=""> {{$globalHeaderText}}GOV.UK{{/globalHeaderText}}
-            </a>
-          </div>
-          {{$insideHeader}}{{/insideHeader}}
-        </div>
-        {{$propositionHeader}}{{/propositionHeader}}
-      </div>
-    </header>
-    {{$afterHeader}}{{/afterHeader}}
-    <div id="global-header-bar"></div>
-    {{$main}}{{/main}}
-    <footer class="group js-footer" id="footer" role="contentinfo">
-      <div class="footer-wrapper">
-        {{$footerTop}}{{/footerTop}}
-        <div class="footer-meta">
-          <div class="footer-meta-inner">
-            {{$footerSupportLinks}}{{/footerSupportLinks}}
-            <div class="open-government-licence">
-              <p class="logo"><a href="https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/" rel="license">Open Government Licence</a></p>
-                {{$licenceMessage}}<p>All content is available under the <a href="https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/" rel="license">Open Government Licence v3.0</a>, except where otherwise stated</p>{{/licenceMessage}}
-            </div>
-          </div>
-          <div class="copyright">
-            <a href="https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/">{{$crownCopyrightMessage}}© Crown copyright{{/crownCopyrightMessage}}</a>
-          </div>
-        </div>
-      </div>
-    </footer>
-    <div id="global-app-error" class="app-error hidden"></div>
-    <script src="{{govukAssetPath}}javascripts/govuk-template.js?0.26.0"></script>
-    {{$bodyEnd}}{{/bodyEnd}}
-    <script {{#nonce}}nonce="{{nonce}}"{{/nonce}}>if (typeof window.GOVUK === 'undefined') document.body.className = document.body.className.replace('js-enabled', '');</script>
-  </body>
-</html>

package/frontend/template-partials/views/rate-limit-error.html DELETED Viewed

@@ -1,10 +0,0 @@
-{{<layout}}
-  {{$header}}
-    {{content.title}}
-  {{/header}}
-  {{$content}}
-    <p>{{content.message}}</p>
-    <p>{{content.preTimeToWait}}{{content.timeToWait}}{{content.postTimeToWait}}</p>
-    <a href="/" class="button" role="button">{{#t}}buttons.try-again{{/t}}</a>
-  {{/content}}
-{{/layout}}

package/frontend/themes/gov-uk/views/partials/form.html DELETED Viewed

@@ -1,9 +0,0 @@
-<form action="" method="POST" {{$encoding}}{{/encoding}} autocomplete="off" novalidate="true" spellcheck="false">
-  {{$intro}}
-    {{#intro}}<p>{{intro}}</p>{{/intro}}
-  {{/intro}}
-  {{$form}}{{/form}}
-  {{#csrf-token}}
-    <input type="hidden" name="x-csrf-token" value="{{csrf-token}}" />
-  {{/csrf-token}}
-</form>

package/frontend/themes/gov-uk/views/partials/forms/option-group.html DELETED Viewed

@@ -1,28 +0,0 @@
-<div id="{{key}}-group" class="form-group{{#className}} {{className}} {{/className}}{{#formGroupClassName}} {{formGroupClassName}}{{/formGroupClassName}}{{#error}} validation-error{{/error}}">
-    <fieldset role="{{role}}"{{#ariaRequired}} aria-required="true"{{/ariaRequired}}{{#hint}} aria-describedby="{{key}}-hint"{{/hint}}>
-        <legend>
-            <span{{#legendClassName}} class="{{legendClassName}}"{{/legendClassName}}>{{legend}}</span>
-            {{#hint}}<span id="{{key}}-hint" class="form-hint">{{hint}}</span>{{/hint}}
-            {{#error}}<span id="{{key}}-error" class="error-message">{{error.message}}</span>{{/error}}
-        </legend>
-        {{#options}}
-        <div class="multiple-choice">
-            <input
-                type="{{type}}"
-                name="{{key}}"
-                id="{{key}}-{{value}}"
-                value="{{value}}"
-                {{#toggle}} data-toggle="{{toggle}}"{{/toggle}}
-                {{#selected}} checked="checked"{{/selected}}
-                {{^error}}{{#optionHint}} aria-describedby="{{key}}-{{value}}-hint"{{/optionHint}}{{^optionHint}}{{#hint}} aria-describedby="{{key}}-hint"{{/hint}}{{/optionHint}}{{/error}}
-                {{#error}} aria-describedby="{{key}}-error" aria-invalid="true"{{/error}}
-            >
-            <label class="block-label" for="{{key}}-{{value}}">
-                {{{label}}}
-                {{#optionHint}}<span id="{{key}}-{{value}}-hint" class="form-hint">{{optionHint}}</span>{{/optionHint}}
-            </label>
-        </div>
-        {{#renderChild}}{{/renderChild}}
-        {{/options}}
-    </fieldset>
-</div>

package/frontend/themes/gov-uk/views/partials/mixins/panel.html DELETED Viewed

@@ -1,3 +0,0 @@
-<div id="{{toggle}}-panel" class="reveal js-hidden panel panel-border-narrow">
-  {{#renderMixin}}{{/renderMixin}}
-</div>

package/frontend/themes/gov-uk/views/partials/validation-summary.html DELETED Viewed

@@ -1,24 +0,0 @@
-{{#errorlist.length}}
-<div class="validation-summary error-summary" tabindex="-1">
-    {{$errorlist-title}}
-      {{#errorLength.single}}
-        <h2>{{#t}}errorlist.title.single{{/t}}</h2>
-      {{/errorLength.single}}
-      {{#errorLength.multiple}}
-        <h2>{{#t}}errorlist.title.multiple{{/t}}</h2>
-      {{/errorLength.multiple}}
-    {{/errorlist-title}}
-    {{<partials-validation-list}}
-        {{$validation-list}}
-            {{#errorlist}}
-                {{#message}}
-                  <li><a href="#{{key}}">{{ message }}</a></li>
-                {{/message}}
-            {{/errorlist}}
-        {{/validation-list}}
-    {{/partials-validation-list}}
-</div>
-{{/errorlist.length}}

package/middleware/rate-limiter.js DELETED Viewed

@@ -1,96 +0,0 @@
-const moment = require('moment');
-const redis = require('redis');
-module.exports = (options, rateLimitType) => {
-  const logger = options.logger || { log: (func, msg) => console[func](msg) };
-  const rateLimits = options.rateLimits[rateLimitType];
-  const timestampName = `${rateLimitType}TimeStamp`;
-  const countName = `${rateLimitType}Count`;
-  const WINDOW_SIZE_IN_MINUTES = rateLimits.windowSizeInMinutes;
-  const MAX_WINDOW_REQUEST_COUNT = rateLimits.maxWindowRequestCount;
-  const WINDOW_LOG_INTERVAL_IN_MINUTES = rateLimits.windowLogIntervalInMinutes;
-  const ERROR_CODE = rateLimits.errCode;
-  return async (req, res, next) => {
-    const redisClient = redis.createClient();
-    // check that redis client exists
-    if (!redisClient) {
-      logger.log('error', 'Redis client does not exist!');
-      return next();
-    }
-    const closeConnection = async err => {
-      await redisClient.quit();
-      return next(err);
-    };
-    try {
-      // fetch records of current user using IP address, returns null when no record is found
-      return await redisClient.get(req.ip, async (err, record) => {
-        if (err) {
-          logger.log('error', `Error with requesting redis session for rate limiting: ${err}`);
-          return await closeConnection();
-        }
-        const currentRequestTime = moment();
-        const windowStartTimestamp = moment().subtract(WINDOW_SIZE_IN_MINUTES, 'minutes').unix();
-        let oldRecord = false;
-        let data;
-        //  if no record is found , create a new record for user and store to redis
-        if (record) {
-          data = JSON.parse(record);
-          oldRecord = data[data.length - 1][timestampName] < windowStartTimestamp;
-        }
-        if (!record || oldRecord) {
-          const newRecord = [];
-          const requestLog = {
-            [timestampName]: currentRequestTime.unix(),
-            [countName]: 1
-          };
-          newRecord.push(requestLog);
-          await redisClient.set(req.ip, JSON.stringify(newRecord));
-          return await closeConnection();
-        }
-        // if record is found, parse it's value and calculate number of requests users has made within the last window
-        const requestsWithinWindow = data.filter(entry => entry[timestampName] > windowStartTimestamp);
-        const totalWindowRequestsCount = requestsWithinWindow.reduce((accumulator, entry) => {
-          return accumulator + entry[countName];
-        }, 0);
-        if (!options.rateLimits.env || options.rateLimits.env === 'development') {
-          const requestsRemaining = MAX_WINDOW_REQUEST_COUNT - totalWindowRequestsCount;
-          const msg = `Requests made by client: ${totalWindowRequestsCount}\nRequests remaining: ${requestsRemaining}`;
-          logger.log('info', msg);
-        }
-        // if number of requests made is greater than or equal to the desired maximum, return error
-        if (totalWindowRequestsCount >= MAX_WINDOW_REQUEST_COUNT) {
-          return await closeConnection({ code: ERROR_CODE });
-        }
-        // if number of requests made is less than allowed maximum, log new entry
-        const lastRequestLog = data[data.length - 1];
-        const potentialCurrentWindowIntervalStartTimeStamp = currentRequestTime
-          .subtract(WINDOW_LOG_INTERVAL_IN_MINUTES, 'minutes')
-          .unix();
-        //  if interval has not passed since last request log, increment counter
-        if (lastRequestLog[timestampName] > potentialCurrentWindowIntervalStartTimeStamp) {
-          lastRequestLog[countName]++;
-          data[data.length - 1] = lastRequestLog;
-        } else {
-          //  if interval has passed, log new entry for current user and timestamp
-          data.push({
-            [timestampName]: currentRequestTime.unix(),
-            [countName]: 1
-          });
-        }
-        await redisClient.set(req.ip, JSON.stringify(data));
-        return await closeConnection();
-      });
-    } catch (err) {
-      return await closeConnection(err);
-    }
-  };
-};

package/sandbox/apps/sandbox/views/confirmation.html DELETED Viewed

@@ -1,15 +0,0 @@
-<title>{{#t}}pages.confirmation.title{{/t}} – GOV.UK</title>
-{{<partials-page}}
-  {{$page-content}}
-    <div class="alert-complete" role="alert">
-      <span class="icon icon-complete" role="presentation"></span>
-      <div class="alert-message">
-        <h1>{{#t}}pages.confirmation.alert{{/t}}</h1>
-      </div>
-    </div>
-    <h2>{{#t}}pages.confirmation.subheader{{/t}}</h2>
-    <p>{{#t}}pages.confirmation.content{{/t}}</p>
-    <a href="/landing-page" class="button" role="button">{{#t}}buttons.start-again{{/t}}</a>
-  {{/page-content}}
-{{/partials-page}}