webupdatev1
This commit is contained in:
Local Server
@@ -6,6 +6,7 @@ const fs = require("fs");
|
||||
const helmet = require("helmet");
|
||||
const cors = require("cors");
|
||||
const compressionMiddleware = require("./middleware/compression");
|
||||
const { imageOptimization } = require("./middleware/imageOptimization");
|
||||
const { pool, healthCheck } = require("./config/database");
|
||||
const logger = require("./config/logger");
|
||||
const { apiLimiter, authLimiter } = require("./config/rateLimiter");
|
||||
@@ -18,6 +19,9 @@ const {
|
||||
} = require("./config/constants");
|
||||
require("dotenv").config();
|
||||
|
||||
// SAFEGUARD: Register global process error handlers FIRST
|
||||
require("./middleware/processHandlers");
|
||||
|
||||
const app = express();
|
||||
const PORT = process.env.PORT || 5000;
|
||||
const baseDir = getBaseDir();
|
||||
@@ -59,6 +63,8 @@ app.use(
|
||||
"https://fonts.gstatic.com",
|
||||
],
|
||||
connectSrc: ["'self'", "https://cdn.jsdelivr.net"],
|
||||
objectSrc: ["'none'"],
|
||||
upgradeInsecureRequests: !isDevelopment() ? [] : null,
|
||||
},
|
||||
},
|
||||
hsts: {
|
||||
@@ -66,6 +72,10 @@ app.use(
|
||||
includeSubDomains: true,
|
||||
preload: true,
|
||||
},
|
||||
frameguard: { action: "deny" },
|
||||
xssFilter: true,
|
||||
noSniff: true,
|
||||
referrerPolicy: { policy: "strict-origin-when-cross-origin" },
|
||||
})
|
||||
);
|
||||
|
||||
@@ -128,26 +138,47 @@ app.get("/index", (req, res) => {
|
||||
app.use(
|
||||
express.static(path.join(baseDir, "public"), {
|
||||
index: false,
|
||||
maxAge: "1d", // Cache static files for 1 day
|
||||
maxAge: "30d", // Cache static files for 30 days
|
||||
etag: true,
|
||||
lastModified: true,
|
||||
setHeaders: (res, filepath) => {
|
||||
// Aggressive caching for versioned files
|
||||
if (
|
||||
filepath.includes("?v=") ||
|
||||
filepath.match(/\.(\w+)\.[a-f0-9]{8,}\./)
|
||||
) {
|
||||
res.setHeader("Cache-Control", "public, max-age=31536000, immutable");
|
||||
}
|
||||
},
|
||||
})
|
||||
);
|
||||
app.use(
|
||||
"/assets",
|
||||
express.static(path.join(baseDir, "assets"), {
|
||||
maxAge: "7d", // Cache assets for 7 days
|
||||
maxAge: "365d", // Cache assets for 1 year
|
||||
etag: true,
|
||||
lastModified: true,
|
||||
immutable: true,
|
||||
setHeaders: (res, filepath) => {
|
||||
// Add immutable for all asset files
|
||||
res.setHeader("Cache-Control", "public, max-age=31536000, immutable");
|
||||
|
||||
// Add resource hints for fonts
|
||||
if (filepath.endsWith(".woff2") || filepath.endsWith(".woff")) {
|
||||
res.setHeader("Access-Control-Allow-Origin", "*");
|
||||
}
|
||||
},
|
||||
})
|
||||
);
|
||||
// Optimized image serving with aggressive caching
|
||||
app.use("/uploads", imageOptimization(path.join(baseDir, "uploads")));
|
||||
app.use(
|
||||
"/uploads",
|
||||
express.static(path.join(baseDir, "uploads"), {
|
||||
maxAge: "1d", // Cache uploads for 1 day
|
||||
maxAge: "365d", // Cache uploads for 1 year
|
||||
etag: true,
|
||||
lastModified: true,
|
||||
immutable: true,
|
||||
})
|
||||
);
|
||||
|
||||
@@ -166,10 +197,11 @@ app.use(
|
||||
secure: !isDevelopment(),
|
||||
httpOnly: true,
|
||||
maxAge: SESSION_CONFIG.COOKIE_MAX_AGE,
|
||||
sameSite: "lax",
|
||||
sameSite: isDevelopment() ? "lax" : "strict",
|
||||
},
|
||||
proxy: !isDevelopment(),
|
||||
name: SESSION_CONFIG.SESSION_NAME,
|
||||
rolling: true, // Reset session expiration on each request
|
||||
})
|
||||
);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user