jrtechs
/
jrtechs-NodeJSBlog
mirror of https://github.com/jrtechs/NodeJSBlog.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Browse Source

Fixed potential memory overflow attack via the cache system.

pull/34/head
jrtechs 6 years ago
parent
4e5160de3b
commit
5f1d6d523d
7 changed files with 53 additions and 42 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      includes/includes.js
  2. +1
    -1
      posts/category.js
  3. +2
    -5
      posts/posts.js
  4. +2
    -2
      posts/renderBatchOfPreviewes.js
  5. +34
    -25
      posts/renderNextBar.js
  6. +13
    -5
      sites/blog.js
  7. +0
    -3
      sites/projects.js

+ 1
- 1
includes/includes.js View File

@ -50,9 +50,9 @@ const sendCachedContent = function(path, type, result)
'Vary': 'Accept-Encoding'});
result.write(content);
result.end();
cache.put(path, content);
}).catch(function(error)
{
cache.del(path);
console.log(error);
});
}

+ 1
- 1
posts/category.js View File

@ -31,7 +31,7 @@ const renderPosts = function(resultURL, page)
}
else
{
return utils.print404();
reject("Page Not Found");
}
};

+ 2
- 5
posts/posts.js View File

@ -30,7 +30,7 @@ const renderPost = function(requestURL)
}
else
{
return utils.print404();
reject("Page Not Found");
}
}).then(function(html)
{
@ -42,10 +42,7 @@ const renderPost = function(requestURL)
}
else
{
utils.print404().then(function(html)
{
resolve("<div class='col-md-8'>" + html + "</div>");
});
reject("Page Not Found");
}
});
};

+ 2
- 2
posts/renderBatchOfPreviewes.js View File

@ -17,9 +17,9 @@ module.exports=
{
currentPage = Number(currentPage);
}
return new Promise(function(resolve, reject)
{
const promises = [];
for(var i = (currentPage-1) * numOfPosts; i < (currentPage-1) * numOfPosts + numOfPosts; i++)
{
@ -33,7 +33,7 @@ module.exports=
res(html);
}).catch(function(error)
{
rej(error);
reject(error)
})
}));
}

+ 34
- 25
posts/renderNextBar.js View File

@ -1,38 +1,47 @@
const isValidPage = function(page, postsPerPage, totalPosts)
{
return (!(page === 0 || page -1 >= totalPosts/postsPerPage));
return !(page === 0 || page -1 >= totalPosts/postsPerPage);
};
module.exports=
{
main: function(baseURL, currentPage, postsPerPage, totalPosts)
{
var nextPage = currentPage + 1;
var previousPage = currentPage - 1;
return new Promise(function(resolve, reject)
{
var olderPosts = "";
var newerPosts = "";
if(!isValidPage(currentPage, postsPerPage, totalPosts))
{
reject("Invalid Page");
}
if (isValidPage(previousPage, postsPerPage, totalPosts))
{
newerPosts = "<button class=\"btn btn-secondary btn-lg " +
"w3-padding-large w3-white w3-border\" onclick=\"location.href='" +
baseURL + "?page=" + previousPage +
"'\"><b>Newer Posts &raquo;</b></button>";
}
var nextPage = currentPage + 1;
var previousPage = currentPage - 1;
var olderPosts = "";
var newerPosts = "";
if (isValidPage(previousPage, postsPerPage, totalPosts))
{
newerPosts = "<button class=\"btn btn-secondary btn-lg " +
"w3-padding-large w3-white w3-border\" onclick=\"location.href='" +
baseURL + "?page=" + previousPage +
"'\"><b>Newer Posts &raquo;</b></button>";
}
if (isValidPage(nextPage, postsPerPage, totalPosts))
{
olderPosts = "<button class=\"btn btn-secondary btn-lg " +
"w3-padding-large w3-white w3-border\" onclick=\"location.href='" +
baseURL + "?page=" + nextPage +
"'\"><b>Older Posts &raquo;</b></button>";
}
resolve(" <div class=\"row\">\n" +
" <div class=\"col-6\">" + newerPosts + "</div>\n" +
" <div class=\"col-6\"><span class=\"float-right\">" + olderPosts + "</span></div>\n" +
" <br><br></div>");
})
if (isValidPage(nextPage, postsPerPage, totalPosts))
{
olderPosts = "<button class=\"btn btn-secondary btn-lg " +
"w3-padding-large w3-white w3-border\" onclick=\"location.href='" +
baseURL + "?page=" + nextPage +
"'\"><b>Older Posts &raquo;</b></button>";
}
return " <div class=\"row\">\n" +
" <div class=\"col-6\">" + newerPosts + "</div>\n" +
" <div class=\"col-6\"><span class=\"float-right\">" + olderPosts + "</span></div>\n" +
" <br><br></div>";
}
};

+ 13
- 5
sites/blog.js View File

@ -8,6 +8,9 @@ const contentLoader = require('../includes/staticContentServer.js');
//caching program to make the application run faster
const cache = require('memory-cache');
//file io
const utils = require('../utils/utils.js');
/**
* @author Jeffery Russell 11-3-18
*
@ -59,12 +62,14 @@ module.exports=
if (urlSplit.length >= 2 && urlSplit[1] === 'category') //single category page
file = "../posts/category.js";
else
{
file = "../posts/posts.js";
page = 1; // all posts are single page, everyone must be one to ensure
// cache is not tricked into storing same blog post a ton of times
}
}
Promise.all([includes.printHeader(),
require(file).main(filename, request),
includes.printFooter()]).then(function (content)
@ -72,11 +77,14 @@ module.exports=
result.write(content.join(''));
result.end();
cache.put(filename + "?page=" + page, content.join(''));
}).catch(function (err)
{
console.log(err);
throw err;
cache.del(filename + "?page=" + page);
utils.print404().then(function(content)
{
result.write(content);
result.end();
})
});
}
else

+ 0
- 3
sites/projects.js View File

@ -1,6 +1,3 @@
//file io
const utils = require('../utils/utils.js');
//used to parse the request URL
const url = require('url');

Write Preview
Loading…
Cancel
Save