added workaround for bug in restify restify/node-restify#1959

county-of-simcoe-gis · Sep 25, 2023 · f59b759 · f59b759
1 parent b4e31f1
commit f59b759
Show file tree

Hide file tree

Showing 3 changed files with 67 additions and 8 deletions.
diff --git a/_workaround.js b/_workaround.js
@@ -0,0 +1,26 @@
+/**
+ * Cleans up sloppy URLs on the request object, like /foo////bar/// to /foo/bar.
+ *
+ * @private
+ * @function strip
+ * @param    {Object} path - a url path to clean up
+ * @returns  {String} cleaned path
+ */
+module.exports = {
+  strip: (path) => {
+    var cur;
+    var next;
+    var str = "";
+    for (var i = 0; i < path.length; i++) {
+      cur = path.charAt(i);
+      if (i !== path.length - 1) {
+        next = path.charAt(i + 1);
+      }
+      if (cur === "/" && (next === "/" || (next === "?" && i > 0))) {
+        continue;
+      }
+      str += cur;
+    }
+    return str;
+  },
+};
diff --git a/api-doc.json b/api-doc.json
@@ -1132,12 +1132,26 @@
             },
             "description": "Details of the logged action"
           },
+          {
+            "name": "x-real-ip",
+            "in": "header",
+            "schema": {
+              "type": "string"
+            }
+          },
           {
             "name": "proxy-ip",
             "in": "header",
             "schema": {
               "type": "string"
             }
+          },
+          {
+            "name": "x-forwarded-for",
+            "in": "header",
+            "schema": {
+              "type": "string"
+            }
           }
         ],
         "responses": {

diff --git a/app.js b/app.js
@@ -6,6 +6,7 @@ const fs = require("fs");
 const packageJson = require("./package.json");
 var corsMiddleware = require("restify-cors-middleware2");
 const documentationOutputFile = require("path").join(__dirname, "./api-doc.json");
+const _workaround = require("./_workaround");
 
 // CORS FOR RESTIFY
 var cors = corsMiddleware({
@@ -29,8 +30,18 @@ server.use(cors.actual);
 // Ensure we don't drop data on uploads
 server.pre(restify.pre.pause());
 
+//TEMPORARY WORKAROUND FOR BUG IN RESTIFY
+server.pre((req, res, next) => {
+  try {
+    if (!_workaround.strip(req.url)) req.url = "/";
+    restify.pre.sanitizePath()(req, res, next);
+  } catch (e) {
+    console.error(e);
+  }
+});
+//REMOVED BECAUSE OF BUG IN RESTIFY
 // Clean up sloppy paths like //todo//////1//
-server.pre(restify.pre.sanitizePath());
+// server.pre(restify.pre.sanitizePath());
 
 // Handles annoying user agents (curl)
 server.pre(restify.pre.userAgentConnection());
@@ -42,15 +53,16 @@ server.use(restify.plugins.requestLogger());
 server.use(function (req, res, next) {
   var err = null;
   try {
-    decodeURIComponent(req.path);
+    if (!req.path) throw new Error("Invalid URL");
+    else decodeURIComponent(req.path);
   } catch (e) {
     err = e;
   }
   if (err) {
-    logger.warn(`Invalid URL Request- ${req.url}`);
+    console.warn(`Invalid URL Request- ${req.url}`);
     res.status(404);
     res.send();
-    return next();
+    next();
   }
   next();
 });
@@ -77,7 +89,7 @@ require("./routes/routeBuilder")(server, packageJson.defaultRoute);
 server.get(packageJson.defaultRoute + `/docs.json`, (req, res, next) => {
   const documentation = require(documentationOutputFile);
   res.json(documentation);
-  next();
+  return next();
 });
 
 const swaggerIndexContent = fs
@@ -104,9 +116,16 @@ server.get(
 );
 
 server.get("*", function (req, res, next) {
-  console.warn(`Invalid URL Request- ${req.url}`);
-  res.send(404);
-  next();
+  try {
+    console.warn(`Invalid URL Request- ${req.url}`);
+    res.send(404);
+    next();
+  } catch (e) {
+    console.error(e.stack);
+    res.status(500);
+    res.send();
+    next();
+  }
 });
 
 server.listen(serverPort, function () {