Commit 5c3c70b8 authored by Aral Balkan's avatar Aral Balkan
Browse files

Now sends out header to tell Google not to track people in Chrome

parent 68c9a5c1
...@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file. ...@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [16.4.0] - 2021-04-15
### Added
- Your server will now send out a `Permissions-Policy: interest-cohort=()` header on every request. Why? Because otherwise Google will soon start tracking the people who view your site using Google Chrome.
__Note:__ if you’re reading this, stop using Google Chrome. It is ridiculous for web servers to essentially have to ask please do not violate the privacy of the people who are viewing this site” with every request. For more info, see: https://plausible.io/blog/google-floc
## [16.3.2] - 2021-04-14 ## [16.3.2] - 2021-04-14
### Fixed ### Fixed
......
...@@ -369,6 +369,17 @@ class Site { ...@@ -369,6 +369,17 @@ class Site {
// Express.js security with HTTP headers. // Express.js security with HTTP headers.
this.app.use(helmet()) this.app.use(helmet())
// Opt out of Google Chrome tracking everything you do.
// Note: if you’re reading this, stop using Google Chrome.
// It is ridiculous for web servers to essentially have to ask
// “please do not violate the privacy of the people who are viewing
// this site” with every request.
// For more info, see: https://plausible.io/blog/google-floc
this.app.use((request, response, next) => {
response.set('Permissions-Policy', 'interest-cohort=()')
next()
})
// Statistics middleware (captures anonymous, ephemeral statistics). // Statistics middleware (captures anonymous, ephemeral statistics).
this.app.use(this.stats.middleware) this.app.use(this.stats.middleware)
......
{ {
"name": "@small-tech/site.js", "name": "@small-tech/site.js",
"version": "16.3.2", "version": "16.4.0",
"description": "Small Web construction set.", "description": "Small Web construction set.",
"keywords": [ "keywords": [
"web server", "web server",
......
...@@ -114,7 +114,7 @@ test('[site.js] Simple dotJS filesystem-based route loading', async t => { ...@@ -114,7 +114,7 @@ test('[site.js] Simple dotJS filesystem-based route loading', async t => {
const server = await site.serve(async () => { const server = await site.serve(async () => {
// Ensure the route is loaded as we expect. // Ensure the route is loaded as we expect.
const routerStack = site.app._router.stack const routerStack = site.app._router.stack
t.strictEquals(routerStack[8].route.path, '/simple', 'the route is as expected in the router stack') t.strictEquals(routerStack[9].route.path, '/simple', 'the route is as expected in the router stack')
let response let response
try { try {
...@@ -180,37 +180,37 @@ async function runDotJsSeparateGetAndPostTests (t, site) { ...@@ -180,37 +180,37 @@ async function runDotJsSeparateGetAndPostTests (t, site) {
const routerStack = site.app._router.stack const routerStack = site.app._router.stack
const getFileNameAsRouteNameRoute = routerStack[8].route const getFileNameAsRouteNameRoute = routerStack[9].route
t.true(getFileNameAsRouteNameRoute.methods.get, 'request method should be GET') t.true(getFileNameAsRouteNameRoute.methods.get, 'request method should be GET')
t.strictEquals(getFileNameAsRouteNameRoute.path, '/file-name-as-route-name', 'path should be correct') t.strictEquals(getFileNameAsRouteNameRoute.path, '/file-name-as-route-name', 'path should be correct')
const getIndexRoute = routerStack[9].route const getIndexRoute = routerStack[10].route
t.true(getIndexRoute.methods.get, 'request method should be GET') t.true(getIndexRoute.methods.get, 'request method should be GET')
t.strictEquals(getIndexRoute.path, '/', 'path should be correct') t.strictEquals(getIndexRoute.path, '/', 'path should be correct')
const getSubRouteFileNameAsRouteNameRoute = routerStack[10].route const getSubRouteFileNameAsRouteNameRoute = routerStack[11].route
t.true(getSubRouteFileNameAsRouteNameRoute.methods.get, 'request method should be GET') t.true(getSubRouteFileNameAsRouteNameRoute.methods.get, 'request method should be GET')
t.strictEquals(getSubRouteFileNameAsRouteNameRoute.path, '/sub-route/file-name-as-route-name', 'path should be correct') t.strictEquals(getSubRouteFileNameAsRouteNameRoute.path, '/sub-route/file-name-as-route-name', 'path should be correct')
const getSubRouteIndexRoute = routerStack[11].route const getSubRouteIndexRoute = routerStack[12].route
t.true(getSubRouteIndexRoute.methods.get, 'request method should be GET') t.true(getSubRouteIndexRoute.methods.get, 'request method should be GET')
t.strictEquals(getSubRouteIndexRoute.path, '/sub-route', 'path should be correct') t.strictEquals(getSubRouteIndexRoute.path, '/sub-route', 'path should be correct')
// Next two routes are the body parser and JSON parser, so we skip those. // Next two routes are the body parser and JSON parser, so we skip those.
const postFileNameAsRouteNameRoute = routerStack[14].route const postFileNameAsRouteNameRoute = routerStack[15].route
t.true(postFileNameAsRouteNameRoute.methods.post, 'request method should be POST') t.true(postFileNameAsRouteNameRoute.methods.post, 'request method should be POST')
t.strictEquals(postFileNameAsRouteNameRoute.path, '/file-name-as-route-name', 'path should be correct') t.strictEquals(postFileNameAsRouteNameRoute.path, '/file-name-as-route-name', 'path should be correct')
const postIndexRoute = routerStack[15].route const postIndexRoute = routerStack[16].route
t.true(postIndexRoute.methods.post, 'request method should be POST') t.true(postIndexRoute.methods.post, 'request method should be POST')
t.strictEquals(postIndexRoute.path, '/', 'path should be correct') t.strictEquals(postIndexRoute.path, '/', 'path should be correct')
const postSubRouteFileNameAsRouteNameRoute = routerStack[16].route const postSubRouteFileNameAsRouteNameRoute = routerStack[17].route
t.true(postSubRouteFileNameAsRouteNameRoute.methods.post, 'request method should be POST') t.true(postSubRouteFileNameAsRouteNameRoute.methods.post, 'request method should be POST')
t.strictEquals(postSubRouteFileNameAsRouteNameRoute.path, '/sub-route/file-name-as-route-name', 'path should be correct') t.strictEquals(postSubRouteFileNameAsRouteNameRoute.path, '/sub-route/file-name-as-route-name', 'path should be correct')
const postSubRouteIndexRoute = routerStack[17].route const postSubRouteIndexRoute = routerStack[18].route
t.true(postSubRouteIndexRoute.methods.post, 'request method should be POST') t.true(postSubRouteIndexRoute.methods.post, 'request method should be POST')
t.strictEquals(postSubRouteIndexRoute.path, '/sub-route', 'path should be correct') t.strictEquals(postSubRouteIndexRoute.path, '/sub-route', 'path should be correct')
...@@ -290,19 +290,19 @@ test('[site.js] Separate .https and .wss folders with separate .get and .post fo ...@@ -290,19 +290,19 @@ test('[site.js] Separate .https and .wss folders with separate .get and .post fo
// Index 17 is that static router. // Index 17 is that static router.
// The WSS routes start at index 18. // The WSS routes start at index 18.
const webSocketFileNameAsRouteNameRoute = routerStack[19].route const webSocketFileNameAsRouteNameRoute = routerStack[20].route
t.true(webSocketFileNameAsRouteNameRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)') t.true(webSocketFileNameAsRouteNameRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)')
t.strictEquals(webSocketFileNameAsRouteNameRoute.path, '/file-name-as-route-name/.websocket', 'path should be correct') t.strictEquals(webSocketFileNameAsRouteNameRoute.path, '/file-name-as-route-name/.websocket', 'path should be correct')
const webSocketIndexRoute = routerStack[20].route const webSocketIndexRoute = routerStack[21].route
t.true(webSocketIndexRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)') t.true(webSocketIndexRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)')
t.strictEquals(webSocketIndexRoute.path, '/.websocket', 'path should be correct') t.strictEquals(webSocketIndexRoute.path, '/.websocket', 'path should be correct')
const webSocketSubRouteFileNameAsRouteNameRoute = routerStack[21].route const webSocketSubRouteFileNameAsRouteNameRoute = routerStack[22].route
t.true(webSocketSubRouteFileNameAsRouteNameRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)') t.true(webSocketSubRouteFileNameAsRouteNameRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)')
t.strictEquals(webSocketSubRouteFileNameAsRouteNameRoute.path, '/sub-route/file-name-as-route-name/.websocket', 'path should be correct') t.strictEquals(webSocketSubRouteFileNameAsRouteNameRoute.path, '/sub-route/file-name-as-route-name/.websocket', 'path should be correct')
const webSocketSubRouteIndexRoute = routerStack[22].route const webSocketSubRouteIndexRoute = routerStack[23].route
t.true(webSocketSubRouteIndexRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)') t.true(webSocketSubRouteIndexRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)')
t.strictEquals(webSocketSubRouteIndexRoute.path, '/sub-route/.websocket', 'path should be correct') t.strictEquals(webSocketSubRouteIndexRoute.path, '/sub-route/.websocket', 'path should be correct')
...@@ -351,11 +351,11 @@ test('[site.js] dynamic route loading from routes.js file', async t => { ...@@ -351,11 +351,11 @@ test('[site.js] dynamic route loading from routes.js file', async t => {
const routerStack = site.app._router.stack const routerStack = site.app._router.stack
const getRouteWithParameter = routerStack[11].route const getRouteWithParameter = routerStack[12].route
t.true(getRouteWithParameter.methods.get, 'request method should be GET') t.true(getRouteWithParameter.methods.get, 'request method should be GET')
t.strictEquals(getRouteWithParameter.path, '/hello/:thing', 'path should be correct and contain parameter') t.strictEquals(getRouteWithParameter.path, '/hello/:thing', 'path should be correct and contain parameter')
const wssRoute = routerStack[12].route const wssRoute = routerStack[13].route
t.true(wssRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)') t.true(wssRoute.methods.get, 'request method should be GET (prior to WebSocket upgrade)')
t.strictEquals(wssRoute.path, '/echo/.websocket', 'path should be correct and contain parameter') t.strictEquals(wssRoute.path, '/echo/.websocket', 'path should be correct and contain parameter')
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment