fix firefox CDN issue and ensure twitter handle, email and username are lowercase

2015-01-09 15:10:34 -08:00
parent 5decaf13f0
commit 4e91e94463
5 changed files with 17 additions and 12 deletions
--- a/app.js
+++ b/app.js
@ -102,6 +102,7 @@ app.use(flash());
 app.disable('x-powered-by');

 app.use(helmet.xssFilter());
+app.use(helmet.noSniff());
 app.use(helmet.xframe());

 var trusted = [
--- a/config/passport.js
+++ b/config/passport.js
@ -206,10 +206,11 @@ passport.use(new TwitterStrategy(secrets.twitter, function(req, accessToken, tok
        User.findById(req.user.id, function(err, user) {
          user.twitter = profile.id;
          user.tokens.push({ kind: 'twitter', accessToken: accessToken, tokenSecret: tokenSecret });
+          user.profile.username = user.profile.username || profile.username.toLowerCase();
          user.profile.name = user.profile.name || profile.displayName;
          user.profile.location = user.profile.location || profile._json.location;
          user.profile.picture = user.profile.picture || profile._json.profile_image_url_https.replace('_normal', '');
-          user.profile.twitterHandle = user.profile.twitterHandle || profile.username;
+          user.profile.twitterHandle = user.profile.twitterHandle || profile.username.toLowerCase();
          user.save(function(err) {
            req.flash('info', { msg: 'Twitter account has been linked.' });
            done(err, user);
@ -222,13 +223,13 @@ passport.use(new TwitterStrategy(secrets.twitter, function(req, accessToken, tok
    User.findOne({ twitter: profile.id }, function(err, existingUser) {
      if (existingUser) return done(null, existingUser);
      var user = new User();
-      user.profile.username = profile.username;
+      user.profile.username = profile.username.toLowerCase();
      user.twitter = profile.id;
      user.tokens.push({ kind: 'twitter', accessToken: accessToken, tokenSecret: tokenSecret });
      user.profile.name = profile.displayName;
      user.profile.location = profile._json.location;
      user.profile.picture = profile._json.profile_image_url_https.replace('_normal', '');
-      user.profile.twitterHandle = user.profile.twitterHandle || profile.username;
+      user.profile.twitterHandle = user.profile.twitterHandle || profile.username.toLowerCase();
      user.save(function(err) {
        done(err, user);
      });
--- a/controllers/user.js
+++ b/controllers/user.js
@ -173,7 +173,7 @@ exports.getAccount = function(req, res) {
 */

 exports.returnUser = function(req, res, next) {
-  User.find({'profile.username': req.params.username}, function(err, user) {
+  User.find({'profile.username': req.params.username.toLowerCase()}, function(err, user) {
    if (err) { debug('Username err: ', err); next(err); }
    if (user[0]) {
      var user = user[0];
--- a/public/js/main.js
+++ b/public/js/main.js
@ -47,6 +47,9 @@ profileValidation.controller('profileValidationController', ['$scope', '$http',
    function($scope, $http) {
        $http.get('/account/api').success(function(data) {
            $scope.user = data.user;
+            $scope.user.profile.username = $scope.user.profile.username.toLowerCase();
+            $scope.user.email = $scope.user.email.toLowerCase();
+            $scope.user.profile.twitterHandle = $scope.user.profile.twitterHandle.toLowerCase();
        });
    }
 ]);
--- a/views/layout.jade
+++ b/views/layout.jade
@ -1,14 +1,14 @@
 doctype html
 html(ng-app='profileValidation')
  head
-    script(src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js")
-    script(src="https://ajax.googleapis.com/ajax/libs/angularjs/1.3.8/angular.min.js")
-    script(src="https://cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/0.12.0/ui-bootstrap-tpls.min.js")
-    script(src='https://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/js/bootstrap.min.js')
-    link(rel='shortcut icon', href='https://s3.amazonaws.com/freecodecamp/favicon.ico')
-    link(rel='stylesheet', href='https://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css')
-    link(rel='stylesheet', href='https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css')
-    link(rel='stylesheet', href='https://code.ionicframework.com/ionicons/2.0.0/css/ionicons.min.css')
+    script(src="//ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js")
+    script(src="//ajax.googleapis.com/ajax/libs/angularjs/1.3.8/angular.min.js")
+    script(src="//cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/0.12.0/ui-bootstrap-tpls.min.js")
+    script(src='//maxcdn.bootstrapcdn.com/bootstrap/3.3.1/js/bootstrap.min.js')
+    link(rel='shortcut icon', href='//s3.amazonaws.com/freecodecamp/favicon.ico')
+    link(rel='stylesheet', href='//maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css')
+    link(rel='stylesheet', href='//maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css')
+    link(rel='stylesheet', href='//code.ionicframework.com/ionicons/2.0.0/css/ionicons.min.css')
    include partials/meta
    title #{title} | Free Code Camp
    meta(charset='utf-8')