2018-03-25 22:47:01 +02:00
|
|
|
const express = require('express')
|
2018-02-09 07:29:29 +01:00
|
|
|
const compression = require('compression')
|
|
|
|
const sapper = require('sapper')
|
|
|
|
const serveStatic = require('serve-static')
|
2018-03-25 22:47:01 +02:00
|
|
|
const app = express()
|
2018-04-16 00:39:45 +02:00
|
|
|
const helmet = require('helmet')
|
2018-04-15 00:50:16 +02:00
|
|
|
|
|
|
|
const headScriptChecksum = require('./inline-script-checksum').checksum
|
2018-01-07 00:51:25 +01:00
|
|
|
|
2018-02-09 07:29:29 +01:00
|
|
|
const { PORT = 4002 } = process.env
|
2018-01-07 00:51:25 +01:00
|
|
|
|
2018-02-08 17:22:14 +01:00
|
|
|
// this allows us to do e.g. `fetch('/_api/blog')` on the server
|
2018-02-09 07:29:29 +01:00
|
|
|
const fetch = require('node-fetch')
|
2018-01-07 00:51:25 +01:00
|
|
|
global.fetch = (url, opts) => {
|
2018-02-09 07:29:29 +01:00
|
|
|
if (url[0] === '/') url = `http://localhost:${PORT}${url}`
|
|
|
|
return fetch(url, opts)
|
|
|
|
}
|
2018-01-07 00:51:25 +01:00
|
|
|
|
2018-02-09 07:29:29 +01:00
|
|
|
app.use(compression({ threshold: 0 }))
|
2018-01-07 00:51:25 +01:00
|
|
|
|
2018-04-16 00:39:45 +02:00
|
|
|
app.use(helmet({
|
|
|
|
contentSecurityPolicy: {
|
|
|
|
directives: {
|
|
|
|
scriptSrc: [`'self'`, `'sha256-${headScriptChecksum}'`],
|
|
|
|
workerSrc: [`'self'`],
|
|
|
|
styleSrc: [`'self'`, `'unsafe-inline'`],
|
|
|
|
frameSrc: [`'none'`],
|
|
|
|
objectSrc: [`'none'`],
|
|
|
|
manifestSrc: [`'self'`]
|
|
|
|
}
|
2018-04-15 00:50:16 +02:00
|
|
|
}
|
|
|
|
}))
|
|
|
|
|
2018-03-21 04:46:37 +01:00
|
|
|
app.use(serveStatic('assets', {
|
|
|
|
setHeaders: (res) => {
|
2018-03-26 06:31:40 +02:00
|
|
|
res.setHeader('Cache-Control', 'public,max-age=600')
|
2018-03-21 04:46:37 +01:00
|
|
|
}
|
|
|
|
}))
|
2018-01-07 00:51:25 +01:00
|
|
|
|
2018-03-25 22:47:01 +02:00
|
|
|
app.use('/report.html', express.static('.sapper/client/report.html'))
|
|
|
|
app.use('/stats.json', express.static('.sapper/client/stats.json'))
|
|
|
|
|
2018-02-09 07:29:29 +01:00
|
|
|
app.use(sapper())
|
2018-01-07 00:51:25 +01:00
|
|
|
|
|
|
|
app.listen(PORT, () => {
|
2018-02-09 07:29:29 +01:00
|
|
|
console.log(`listening on port ${PORT}`)
|
|
|
|
})
|