Update result libs to latest versions & resolve socket.io CVE

Signed-off-by: Michael Irwin <mikesir87@gmail.com>
This commit is contained in:
Michael Irwin
2023-09-18 11:06:45 -04:00
parent f9c58a0b91
commit 67cab556a1
6 changed files with 328 additions and 528 deletions

View File

@@ -1,20 +1,14 @@
var express = require('express'),
async = require('async'),
pg = require('pg'),
{ Pool } = require('pg'),
path = require('path'),
cookieParser = require('cookie-parser'),
bodyParser = require('body-parser'),
methodOverride = require('method-override'),
app = express(),
server = require('http').Server(app),
io = require('socket.io')(server);
io.set('transports', ['polling']);
var port = process.env.PORT || 4000;
io.sockets.on('connection', function (socket) {
io.on('connection', function (socket) {
socket.emit('message', { text : 'Welcome!' });
@@ -23,7 +17,7 @@ io.sockets.on('connection', function (socket) {
});
});
var pool = new pg.Pool({
var pool = new Pool({
connectionString: 'postgres://postgres:postgres@db/postgres'
});
@@ -70,15 +64,7 @@ function collectVotesFromResult(result) {
}
app.use(cookieParser());
app.use(bodyParser());
app.use(methodOverride('X-HTTP-Method-Override'));
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
res.header("Access-Control-Allow-Methods", "PUT, GET, POST, DELETE, OPTIONS");
next();
});
app.use(express.urlencoded());
app.use(express.static(__dirname + '/views'));
app.get('/', function (req, res) {