npm - zsyp - Versions diffs - 1.0.1 → 1.1.0 - Mend

zsyp 1.0.1 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/Readme.md CHANGED Viewed

@@ -74,8 +74,8 @@ MIT © [Damian Krzeminski](https://pirxpilot.me)
 [npm-image]: https://img.shields.io/npm/v/zsyp
 [npm-url]: https://npmjs.org/package/zsyp
-[build-url]: https://travis-ci.com/pirxpilot/zsyp
-[build-image]: https://img.shields.io/travis/com/pirxpilot/zsyp
+[build-url]: https://github.com/pirxpilot/zsyp/actions/workflows/check.yaml
+[build-image]: https://img.shields.io/github/workflow/status/pirxpilot/zsyp/check
 [deps-image]: https://img.shields.io/librariesio/release/npm/zsyp
 [deps-url]: https://libraries.io/npm/zsyp

package/index.js CHANGED Viewed

@@ -1,24 +1,15 @@
 require('dotenv').config({ path: '/etc/default/zsyp' });
-const connect = require('@pirxpilot/connect');
-const router = require('./lib/csp');
-const makeLogger = require('./lib/logger');
+const logger = require('./lib/logger');
+const makeApp = require('./lib/app');
 const {
   ZSYP_PORT: PORT = 3090,
-  ZSYP_DOMAINS: domains,
-  ZSYP_DB: database = 'mongodb://localhost/zsyp'
 } = process.env;
-const app = connect();
-const log = makeLogger({ database });
-app.use(function (req, res, next) {
-  req.log = log;
-  next();
+const app = makeApp({
+  logger
 });
-app.use(router({ domains }));
 module.exports = app;

package/lib/app.js ADDED Viewed

@@ -0,0 +1,21 @@
+const connect = require('@pirxpilot/connect');
+const { json } = require('body-parser');
+const router = require('./router');
+module.exports = makeApp;
+const {
+  ZSYP_DOMAINS: domains,
+} = process.env;
+function makeApp(opts) {
+  const app = connect();
+  app.use(json({ limit: 5000, type: ['*/json', 'application/csp-report'] }));
+  app.use('/csp', router({ ...opts, name: 'csp', domains }));
+  app.use('/event', router({ ...opts, name: 'event' }));
+  return app;
+}

package/lib/filter.js CHANGED Viewed

@@ -4,18 +4,17 @@ module.exports = makeFilter;
 function makeFilter({ domains }) {
-  const domainRe = domains && new RegExp(domains);
+  if (!domains) {
+    return;
+  }
+  const domainRe = domains && new RegExp(domains);
   return filter;
   function filter({ body: csp }, res, next) {
-    if (!domainRe) {
-      return next();
-    }
     const uri = csp['csp-report']['document-uri'];
     const { hostname } = new URL(uri);
     if (domainRe.test(hostname)) {
-      console.log('OK!!!!!!!!');
       return next();
     }
   }

package/lib/from.js CHANGED Viewed

@@ -3,7 +3,8 @@ const { parse } = require('useragent');
 module.exports = from;
 function from(req, res, next) {
-  const ua = req.headers['user-agent'];
+  const { headers, body } = req;
+  const ua = body?.from?.ua ??  headers['user-agent'];
   const {
     family,
     major,
@@ -20,7 +21,7 @@ function from(req, res, next) {
       name: os.family,
       version: os.major
     },
-    ip: req.headers['x-forwarded-for'] || req.connection.remoteAddress
+    ip: body?.from?.ip ?? headers['x-forwarded-for'] ?? req.connection.remoteAddress
   };
   if (device.family !== 'Other') {
     data.device = device.family;

package/lib/logger.js CHANGED Viewed

@@ -1,16 +1,23 @@
-const { db } = require('mniam');
+const mniam = require('mniam');
 const debug = require('debug')('zsyp:logger');
 module.exports = makeLogger;
-function makeLogger({ database }) {
-  const csp = db(database).collection({ name: 'csp'});
+const {
+  ZSYP_DB: database = 'mongodb://localhost/zsyp'
+} = process.env;
+const db = mniam.db(database);
+function makeLogger({ name }) {
+  const collection = db.collection({ name });
   return log;
   function log(report) {
     debug('saving %j', report);
-    csp.insertOne(report, function(err) {
+    collection.insertOne(report, function(err) {
       if (err) {
         console.error(err);
       }

package/lib/router.js ADDED Viewed

@@ -0,0 +1,44 @@
+const Router = require('router');
+const debug = require('debug')('zsyp:router');
+const from = require('./from');
+const makeFilter = require('./filter');
+function respond(req, res, next) {
+  res.statusCode = 204; // empty
+  res.end();
+  next();
+}
+module.exports = function (opts) {
+  const router = new Router({
+    strict: true,
+    caseSensitive: true
+  });
+  const stack = [
+    from,
+    respond
+  ];
+  const filter = makeFilter(opts);
+  if (filter) {
+    stack.push(filter);
+  }
+  const logger = opts.logger(opts);
+  router.post('/', ...stack, log);
+  return router;
+  function log({ from, body }) {
+    const report = {
+      ...body,
+      from
+    };
+    debug('Logging report %j', report);
+    logger(report);
+  }
+};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "zsyp",
-  "version": "1.0.1",
+  "version": "1.1.0",
   "description": "CSP violation reports logger.",
   "author": {
     "name": "Damian Krzeminski",
@@ -22,6 +22,7 @@
     "dotenv": "~16",
     "mniam": "^2.1.0",
     "router": "~1",
+    "supertest": "~6",
     "useragent": "^2.3.0"
   },
   "devDependencies": {

package/lib/csp.js DELETED Viewed

@@ -1,36 +0,0 @@
-const Router = require('router');
-const { json } = require('body-parser');
-const from = require('./from');
-const makeFilter = require('./filter');
-function respond(req, res, next) {
-  res.statusCode = 204; // empty
-  res.end();
-  next();
-}
-function log({ from, body: csp, log }) {
-  const report = {
-    from,
-    ...csp
-  };
-  log(report);
-}
-module.exports = function (opts) {
-  const router = new Router();
-  const filter = makeFilter(opts);
-  router.post('/csp',
-    from,
-    json({ limit: 5000, type: [ '*/json', 'application/csp-report' ] }),
-    respond,
-    filter,
-    log
-  );
-  return router;
-};