diff --git a/app.js b/app.js index 8e8cae292..d265531da 100755 --- a/app.js +++ b/app.js @@ -33,6 +33,7 @@ var sessionStore = new MongoStore({ mongoose_connection: db }); // See https://hacks.mozilla.org/2013/01/building-a-node-js-server-that-wont-melt-a-node-js-holiday-season-part-5/ app.use(function (aReq, aRes, aNext) { // check if we're toobusy + toobusy.maxLag(100); if (toobusy()) { statusCodePage(aReq, aRes, aNext, { statusCode: 503, diff --git a/routes.js b/routes.js index 47b00e758..0be279afe 100644 --- a/routes.js +++ b/routes.js @@ -150,6 +150,34 @@ module.exports = function (aApp) { // Home route app_route('/').get(main.home); + // Order is important here... + // Only referer check statics otherwise SEO will have issues + aApp.use(function (aReq, aRes, aNext) { + if (process.env.NODE_ENV === 'production' + && !/^https?:\/\/(?:.*\.)?(?:openuserjs|oujs)\.org/.test(aReq.headers.referer)) { + + // Whitelist + switch (aReq.url) { + case '/images/favicon.ico': + case '/images/favicon16.ico': + case '/images/favicon64.png': + case '/xml/opensearch-groups.xml': + case '/xml/opensearch-libraries.xml': + case '/xml/opensearch-scripts.xml': + case '/xml/opensearch-users.xml': + aNext(); + break; + default: + statusCodePage(aReq, aRes, aNext, { + statusCode: 404, + statusMessage: 'This is not the page you\'re are looking for!' + }); + } + } else { + aNext(); + } + }); + // Static Routes require('./routesStatic')(aApp); diff --git a/routesStatic.js b/routesStatic.js index 8d99771e5..35157db8d 100644 --- a/routesStatic.js +++ b/routesStatic.js @@ -32,7 +32,7 @@ module.exports = function (aApp) { } } - aApp.use(express.static(path.join(__dirname, '/public'), { maxage: day * 1 })); + aApp.use(express.static(path.join(__dirname, 'public'), { maxage: day * 1 })); serveModule('/redist/npm', 'bootstrap', { 'dist/js/bootstrap.js': { maxage: day * 1 }