Feature/update nces fetching #398
Conversation
… a README file), as the JSON file is still used in the 2022 FRF, so must stay at this location
…ing Express app, and caching the data on the Express app's locals object
…ection comment to be consistent with other data stored on Express app's locals object
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| const logMessage = `Server listening on port ${port}`; | ||
| log({ level: "info", message: logMessage }); | ||
| app.use(express.json({ limit: JSON_PAYLOAD_LIMIT || "5mb" })); | ||
| app.use(cookieParser()); |
Check failure
Code scanning / CodeQL
Missing CSRF middleware High
| * Use regex to add trailing slash on static requests | ||
| * (required when using sub path). | ||
| */ | ||
| const pathRegex = new RegExp(`^\\${SERVER_BASE_PATH || ""}$`); |
Check failure
Code scanning / CodeQL
Regular expression injection High
| app.use(basePath, express.static(resolve(__dirname, "public"))); | ||
|
|
||
| /** Ensure that requested client route exists (otherwise send 404). */ | ||
| app.use(checkClientRouteExists); |
Check failure
Code scanning / CodeQL
Missing rate limiting High
| app.use(checkClientRouteExists); | ||
|
|
||
| /** Ensure user is authenticated on all client-side routes except / and /welcome */ | ||
| app.use(protectClientRoutes); |
Check failure
Code scanning / CodeQL
Missing rate limiting High
| app.get("*", (req, res) => { | ||
| res.sendFile(resolve(__dirname, "public/index.html")); | ||
| }); |
Check failure
Code scanning / CodeQL
Missing rate limiting High
Related Issues:
Main Changes:
Steps To Test: