gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

reverse the attempts to allow cross site scripts and just use relative paths for now

Browse Source
This commit is contained in:
Michael Q Larson
2015-02-17 15:35:16 -08:00
parent 5d9e82f9cb
commit 4ef8e7eda4
5 changed files with 23 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app.js
View File

@ -64,6 +64,7 @@ mongoose.connection.on('error', function () {
* Express configuration. * Express configuration.
*/ */
app.set('port', process.env.PORT || 3000); app.set('port', process.env.PORT || 3000);
app.set('views', path.join(__dirname, 'views')); app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade'); app.set('view engine', 'jade');
@ -106,6 +107,11 @@ app.disable('x-powered-by');
app.use(helmet.xssFilter()); app.use(helmet.xssFilter());
app.use(helmet.noSniff()); app.use(helmet.noSniff());
app.use(helmet.xframe()); app.use(helmet.xframe());
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
var trusted = [ var trusted = [
"'self'", "'self'",

27
controllers/resources.js
View File

@ -114,26 +114,25 @@ module.exports = {
}, },
trelloCalls: function(req, res) { trelloCalls: function(req, res) {
client.get('https://trello.com/1/boards/BA3xVpz9/cards?key=' + secrets.trello.key, function(trello, res2) { client.get('https://trello.com/1/boards/BA3xVpz9/cards?key=' + secrets.trello.key, function(trello, res2) {
trello = trello ? (JSON.parse(trello)).length : "Can't connecto to Trello"; trello = trello ? (JSON.parse(trello)).length : "Can't connect to to Trello";
res.send({"trello": trello}); res.send({"trello": trello});
}); });
}, },
bloggerCalls: function(req, res) { bloggerCalls: function(req, res) {
client.get('https://www.googleapis.com/blogger/v3/blogs/2421288658305323950/posts?key=' + secrets.blogger.key, function (blog, res5) { client.get('https://www.googleapis.com/blogger/v3/blogs/2421288658305323950/posts?key=' + secrets.blogger.key, function (blog, res5) {
var blog = blog.length > 100 ? JSON.parse(blog) : ""; var blog = blog.length > 100 ? JSON.parse(blog) : "";
res.type("application/javascript"); res.send({
var blogData = { "blog1Title": blog ? blog["items"][0]["title"] : "Can't connect to Blogger", blog1Title: blog ? blog["items"][0]["title"] : "Can't connect to Blogger",
"blog1Link": blog ? blog["items"][0]["url"] : "http://blog.freecodecamp.com", blog1Link: blog ? blog["items"][0]["url"] : "http://blog.freecodecamp.com",
"blog2Title": blog ? blog["items"][1]["title"] : "Can't connect to Blogger", blog2Title: blog ? blog["items"][1]["title"] : "Can't connect to Blogger",
"blog2Link": blog ? blog["items"][1]["url"] : "http://blog.freecodecamp.com", blog2Link: blog ? blog["items"][1]["url"] : "http://blog.freecodecamp.com",
"blog3Title": blog ? blog["items"][2]["title"] : "Can't connect to Blogger", blog3Title: blog ? blog["items"][2]["title"] : "Can't connect to Blogger",
"blog3Link": blog ? blog["items"][2]["url"] : "http://blog.freecodecamp.com", blog3Link: blog ? blog["items"][2]["url"] : "http://blog.freecodecamp.com",
"blog4Title": blog ? blog["items"][3]["title"] : "Can't connect to Blogger", blog4Title: blog ? blog["items"][3]["title"] : "Can't connect to Blogger",
"blog4Link": blog ? blog["items"][3]["url"] : "http://blog.freecodecamp.com", blog4Link: blog ? blog["items"][3]["url"] : "http://blog.freecodecamp.com",
"blog5Title": blog ? blog["items"][4]["title"] : "Can't connect to Blogger", blog5Title: blog ? blog["items"][4]["title"] : "Can't connect to Blogger",
"blog5Link": blog ? blog["items"][4]["url"] : "http://blog.freecodecamp.com" blog5Link: blog ? blog["items"][4]["url"] : "http://blog.freecodecamp.com"
}; });
res.json(blogData);
}); });
}, },

6
views/partials/blogger.jade
View File

@ -2,10 +2,8 @@
script. script.
(function() { (function() {
$.ajax({ $.ajax({
url: 'http://freecodecamp.com/api/blogger', url: '/api/blogger',
type: 'GET', type: 'GET'
crossDomain: true,
dataType: 'jsonp'
}).done( }).done(
function(data) { function(data) {
var props = Object.keys(data); var props = Object.keys(data);

3
views/partials/github.jade
View File

@ -2,12 +2,11 @@
script. script.
(function() { (function() {
$.ajax({ $.ajax({
url: 'http://freecodecamp.com/api/github', url: '/api/github',
type: 'GET' type: 'GET'
}).done( }).done(
function(data) { function(data) {
var github = document.createElement('div'); var github = document.createElement('div');
console.log(data);
$(github).html('<div class="row"><div class="col-xs-6 text-right">Open Issues:</div><div class="col-xs-6 text-left">' + data.issues + ' <a href="https://github.com/freecodecamp/freecodecamp/issues">(create one)</a></div></div><div class="row"><div class="col-xs-6 text-right">Open Pull Requests:</div><div class="col-xs-6 text-left">' + data.pulls + ' <a href="https://github.com/freecodecamp/freecodecamp/pulls">(create one)</a></div></div>').prependTo($('#github')) $(github).html('<div class="row"><div class="col-xs-6 text-right">Open Issues:</div><div class="col-xs-6 text-left">' + data.issues + ' <a href="https://github.com/freecodecamp/freecodecamp/issues">(create one)</a></div></div><div class="row"><div class="col-xs-6 text-right">Open Pull Requests:</div><div class="col-xs-6 text-left">' + data.pulls + ' <a href="https://github.com/freecodecamp/freecodecamp/pulls">(create one)</a></div></div>').prependTo($('#github'))
} }
); );

2
views/partials/trello.jade
View File

@ -2,7 +2,7 @@
script. script.
(function() { (function() {
$.ajax({ $.ajax({
url: 'http://freecodecamp.com/api/trello', url: '/api/trello',
type: 'GET' type: 'GET'
}).done( }).done(
function(data) { function(data) {