mirror of
https://github.com/scratchfoundation/scratch-www.git
synced 2024-11-27 01:25:52 -05:00
Merge pull request #188 from thisandagain/bugfix/put
Block PUT, POST, and DEL requests
This commit is contained in:
commit
f2872739da
1 changed files with 15 additions and 1 deletions
|
@ -13,9 +13,23 @@ var log = require('./log');
|
||||||
var proxies = require('./proxies.json');
|
var proxies = require('./proxies.json');
|
||||||
var routes = require('./routes.json');
|
var routes = require('./routes.json');
|
||||||
|
|
||||||
// Server setup
|
// Create server
|
||||||
var app = express();
|
var app = express();
|
||||||
app.disable('x-powered-by');
|
app.disable('x-powered-by');
|
||||||
|
|
||||||
|
// Block POST & PUT requests in production
|
||||||
|
if (process.env.NODE_ENV === 'production') {
|
||||||
|
app.use(function (req, res, next) {
|
||||||
|
if (req.method === 'GET') return next();
|
||||||
|
if (req.method === 'OPTIONS') return next();
|
||||||
|
if (req.method === 'HEAD') return next();
|
||||||
|
|
||||||
|
res.writeHead(405, {'content-type' : 'application/json'});
|
||||||
|
res.end('{"error": "Method not allowed"}');
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
// Server setup
|
||||||
app.use(log());
|
app.use(log());
|
||||||
app.use(compression());
|
app.use(compression());
|
||||||
app.use(express.static(path.resolve(__dirname, '../build'), {
|
app.use(express.static(path.resolve(__dirname, '../build'), {
|
||||||
|
|
Loading…
Reference in a new issue