UNPKG

@a11ywatch/core

Version:

a11ywatch central API

github.com/a11ywatch/core

a11ywatch/core

135 lines 5.98 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
"use strict"; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; Object.defineProperty(exports, "__esModule", { value: true }); exports.scanAuthenticated = exports.scanSimple = void 0; const utils_1 = require("../../core/utils"); const actions_1 = require("../../core/actions"); const extracter_1 = require("../params/extracter"); const strings_1 = require("../../core/strings"); const models_1 = require("../../core/models"); const message_1 = require("../messages/message"); const is_client_1 = require("../../core/utils/is-client"); const config_1 = require("../../config/config"); const scanSimple = (req, res) => __awaiter(void 0, void 0, void 0, function* () { var _a, _b; const baseUrl = (0, extracter_1.paramParser)(req, "websiteUrl") || (0, extracter_1.paramParser)(req, "url"); const url = baseUrl ? decodeURIComponent(baseUrl) : ""; if (!url) { res.status(400); res.send((0, models_1.responseModel)({ code: message_1.StatusCode.BadRequest, data: null, message: strings_1.WEBSITE_URL_ERROR, })); return; } const isClient = (0, is_client_1.frontendClientOrigin)(req.headers["origin"]) || (0, is_client_1.frontendClientOrigin)(req.headers["host"]) || (0, is_client_1.frontendClientOrigin)(req.headers["referer"]); const user = (0, utils_1.getUserFromToken)(req.headers["authorization"] || ((_a = req === null || req === void 0 ? void 0 : req.cookies) === null || _a === void 0 ? void 0 : _a.jwt)); if (!isClient) { if (!user) { res.status(403); res.send((0, models_1.responseModel)({ code: message_1.StatusCode.Error, data: null, message: strings_1.GENERAL_ERROR, })); return; } } const pageInsights = (0, extracter_1.paramParser)(req, "pageInsights"); const resData = yield (0, actions_1.scanWebsite)({ url, noStore: true, pageInsights, userId: (_b = user === null || user === void 0 ? void 0 : user.payload) === null || _b === void 0 ? void 0 : _b.keyid, }); res.send(resData); }); exports.scanSimple = scanSimple; const scanAuthenticated = (req, res) => __awaiter(void 0, void 0, void 0, function* () { var _c, _d; const baseUrl = (0, extracter_1.paramParser)(req, "websiteUrl") || (0, extracter_1.paramParser)(req, "url"); const html = (0, extracter_1.paramParser)(req, "html"); const url = baseUrl ? decodeURIComponent(baseUrl) : ""; if (!url && !html) { res.status(400); res.send((0, models_1.responseModel)({ code: message_1.StatusCode.BadRequest, data: null, message: strings_1.WEBSITE_URL_ERROR, })); return; } const userNext = yield (0, utils_1.getUserFromApi)(((_c = req === null || req === void 0 ? void 0 : req.headers) === null || _c === void 0 ? void 0 : _c.authorization) || ((_d = req === null || req === void 0 ? void 0 : req.cookies) === null || _d === void 0 ? void 0 : _d.jwt), req, res); const userId = userNext === null || userNext === void 0 ? void 0 : userNext.id; let resData = {}; if ((0, extracter_1.validateUID)(userId) || config_1.SUPER_MODE) { const pageInsights = (0, extracter_1.paramParser)(req, "pageInsights"); const standard = (0, extracter_1.paramParser)(req, "standard"); const ignore = (0, extracter_1.paramParser)(req, "ignore"); const rules = (0, extracter_1.paramParser)(req, "rules"); const runners = (0, extracter_1.paramParser)(req, "runners"); const accessRules = []; if (rules && Array.isArray(rules)) { for (let i = 0; i < rules.length; i++) { const rule = rules[i]; if (rule && typeof rule === "string" && rule.length < 200) { accessRules.push(rule); } if (i > 250) { break; } } } const ignoreRules = []; if (ignore && Array.isArray(ignore)) { for (let i = 0; i < ignore.length; i++) { const rule = ignore[i]; if (rule && typeof rule === "string" && rule.length < 200) { ignoreRules.push(rule); } if (i > 250) { break; } } } const testRunners = []; if (runners && Array.isArray(runners)) { for (let i = 0; i < runners.length; i++) { const runner = runners[i]; if (runner && typeof runner === "string" && (runner === "axe" || runner === "htmlcs")) { testRunners.push(runner); } if (i > 3) { break; } } } resData = yield (0, actions_1.crawlPage)({ url, userId, pageInsights, sendSub: false, standard, html, ignore: ignoreRules, rules: accessRules, runners: testRunners, }, false, true); } res.send(resData); }); exports.scanAuthenticated = scanAuthenticated; //# sourceMappingURL=scan.js.map