next/lib/server/constants.ts

import turndown from "turndown";
import { RuntimeConfig } from "nuxt/schema";
export const ContentFilenameRegex = /\.(doc|docx|md|markdown)$/i;

export const emailRegex: RegExp = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$/;
export const usernameRegex: (uname: string) => RegExp = (uname: string) => new RegExp("^" + uname.trim().replace(/\*/g, "\\*") + "$", "i");
export const mammothTemplate = (doc, defaults, content) => {
	return content.replace(/\n|\r\n|\r/gm, "");
};
export const sanitizeConf = {
	allowedTags: [
		"address",
		"article",
		"aside",
		"footer",
		"header",
		"h1",
		"h2",
		"h3",
		"h4",
		"h5",
		"h6",
		"hgroup",
		"main",
		"nav",
		"section",
		"blockquote",
		"dd",
		"div",
		"dl",
		"dt",
		"figcaption",
		"figure",
		"hr",
		"li",
		"main",
		"ol",
		"p",
		"pre",
		"ul",
		"a",
		"abbr",
		"b",
		"bdi",
		"bdo",
		"br",
		"cite",
		"code",
		"data",
		"dfn",
		"em",
		"i",
		"kbd",
		"mark",
		"q",
		"rb",
		"rp",
		"rt",
		"rtc",
		"ruby",
		"s",
		"samp",
		"small",
		"span",
		"strong",
		"sub",
		"sup",
		"time",
		"u",
		"var",
		"wbr",
		"caption",
		"col",
		"colgroup",
		"table",
		"tbody",
		"td",
		"tfoot",
		"th",
		"thead",
		"tr",
	],
	disallowedTagsMode: "discard",
	allowedAttributes: {
		a: ["href", "name", "target"],
		// We don't currently allow img itself by default, but this
		// would make sense if we did. You could add srcset here,
		// and if you do the URL is checked for safety
		img: ["src"],
	},
	// Lots of these won't come up by default because we don't allow them
	selfClosing: ["img", "br", "hr", "area", "base", "basefont", "input", "link", "meta"],
	// URL schemes we permit
	allowedSchemes: ["http", "https", "ftp", "mailto", "tel"],
	allowedSchemesAppliedToAttributes: ["href", "src", "cite"],
	allowProtocolRelative: true,
	enforceHtmlBoundary: false,
	allowedSchemesByTag: {
		img: ["data"],
	},
};

export const messages = {
	[403]: "Forbidden",
	[401]: "Authorization required",
	[404]: "Not found",
};

export const apiRoot = "http://127.0.0.1:4567/api";
export const h2m = new turndown({
	hr: "---",
	codeBlockStyle: "fenced",
	emDelimiter: "*",
	bulletListMarker: "+",
});

export const rc: RuntimeConfig & any = {
	captcha: {
		secret: process.env.CAPTCHASECRET,
		key: process.env.CAPTCHAKEY,
	},
	database: {
		user: process.env.DBUSER,
		password: process.env.DBPASS,
		name: process.env.DBNAME,
		uri: `mongodb://${process.env.DB}`,
	},
	jwt: process.env.JWT,
	public: {
		recaptcha: {
			v2SiteKey: process.env.CAPTCHAKEY,
		},
		auth: {
			computed: {
				origin: "127.0.0.1",
			},
		},
		// apiBase: "/api"
	},
	nodebb: {
		masterToken: process.env.nbb_bearer,
	},
	app: {},
};
export const doNotSelect = ["password", "auth", "ipLog"].map((b) => `-${b}`).join(" ");
refactor(server/utils): add constants file 2023-10-03 00:53:10 -04:00			`import turndown from "turndown";`
refactor(nuxt): move nuxt runtime config to separate exported variable 2024-03-16 21:02:22 -04:00			`import { RuntimeConfig } from "nuxt/schema";`
refactor(server/utils): add constants file 2023-10-03 00:53:10 -04:00			`export const ContentFilenameRegex = /\.(doc\|docx\|md\|markdown)$/i;`

style(*): edit indents 2023-12-29 20:53:29 -05:00			export const emailRegex: RegExp = /^[a-zA-Z0-9.!#$%&'+/=?^_`{\|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)$/;
			`export const usernameRegex: (uname: string) => RegExp = (uname: string) => new RegExp("^" + uname.trim().replace(/\/g, "\\") + "$", "i");`
refactor(server/utils): add constants file 2023-10-03 00:53:10 -04:00			`export const mammothTemplate = (doc, defaults, content) => {`
			`return content.replace(/\n\|\r\n\|\r/gm, "");`
			`};`
			`export const sanitizeConf = {`
			`allowedTags: [`
			`"address",`
			`"article",`
			`"aside",`
			`"footer",`
			`"header",`
			`"h1",`
			`"h2",`
			`"h3",`
			`"h4",`
			`"h5",`
			`"h6",`
			`"hgroup",`
			`"main",`
			`"nav",`
			`"section",`
			`"blockquote",`
			`"dd",`
			`"div",`
			`"dl",`
			`"dt",`
			`"figcaption",`
			`"figure",`
			`"hr",`
			`"li",`
			`"main",`
			`"ol",`
			`"p",`
			`"pre",`
			`"ul",`
			`"a",`
			`"abbr",`
			`"b",`
			`"bdi",`
			`"bdo",`
			`"br",`
			`"cite",`
			`"code",`
			`"data",`
			`"dfn",`
			`"em",`
			`"i",`
			`"kbd",`
			`"mark",`
			`"q",`
			`"rb",`
			`"rp",`
			`"rt",`
			`"rtc",`
			`"ruby",`
			`"s",`
			`"samp",`
			`"small",`
			`"span",`
			`"strong",`
			`"sub",`
			`"sup",`
			`"time",`
			`"u",`
			`"var",`
			`"wbr",`
			`"caption",`
			`"col",`
			`"colgroup",`
			`"table",`
			`"tbody",`
			`"td",`
			`"tfoot",`
			`"th",`
			`"thead",`
			`"tr",`
			`],`
			`disallowedTagsMode: "discard",`
			`allowedAttributes: {`
			`a: ["href", "name", "target"],`
			`// We don't currently allow img itself by default, but this`
			`// would make sense if we did. You could add srcset here,`
			`// and if you do the URL is checked for safety`
			`img: ["src"],`
			`},`
			`// Lots of these won't come up by default because we don't allow them`
style(*): edit indents 2023-12-29 20:53:29 -05:00			`selfClosing: ["img", "br", "hr", "area", "base", "basefont", "input", "link", "meta"],`
refactor(server/utils): add constants file 2023-10-03 00:53:10 -04:00			`// URL schemes we permit`
			`allowedSchemes: ["http", "https", "ftp", "mailto", "tel"],`
			`allowedSchemesAppliedToAttributes: ["href", "src", "cite"],`
			`allowProtocolRelative: true,`
			`enforceHtmlBoundary: false,`
			`allowedSchemesByTag: {`
			`img: ["data"],`
			`},`
			`};`

			`export const messages = {`
			`[403]: "Forbidden",`
			`[401]: "Authorization required",`
			`[404]: "Not found",`
			`};`

			`export const apiRoot = "http://127.0.0.1:4567/api";`
			`export const h2m = new turndown({`
			`hr: "---",`
			`codeBlockStyle: "fenced",`
			`emDelimiter: "*",`
			`bulletListMarker: "+",`
			`});`
refactor(nuxt): move nuxt runtime config to separate exported variable 2024-03-16 21:02:22 -04:00
			`export const rc: RuntimeConfig & any = {`
			`captcha: {`
			`secret: process.env.CAPTCHASECRET,`
			`key: process.env.CAPTCHAKEY,`
			`},`
			`database: {`
			`user: process.env.DBUSER,`
			`password: process.env.DBPASS,`
			`name: process.env.DBNAME,`
			uri: `mongodb://${process.env.DB}`,
			`},`
			`jwt: process.env.JWT,`
			`public: {`
			`recaptcha: {`
			`v2SiteKey: process.env.CAPTCHAKEY,`
			`},`
			`auth: {`
			`computed: {`
			`origin: "127.0.0.1",`
			`},`
			`},`
			`// apiBase: "/api"`
			`},`
			`nodebb: {`
			`masterToken: process.env.nbb_bearer,`
			`},`
			`app: {},`
			`};`
refactor(server/utils): update server-side constants define array of sensitive user model fields to exclude when querying and returning 2024-04-02 01:33:15 -04:00			export const doNotSelect = ["password", "auth", "ipLog"].map((b) => `-${b}`).join(" ");