From 238be93b186e352db374f95384a03fffbf14e7d0 Mon Sep 17 00:00:00 2001
From: janrembold <janrembold@gmx.net>
Date: Thu, 25 Jan 2024 13:35:26 +0100
Subject: [PATCH] fix: sonar topics

---
 Dockerfile                        |   2 +
 config/webpackDevServer.config.js | 243 +++++++++++++++---------------
 proxy/server.js                   |   2 +-
 src/i18n.ts                       |  16 +-
 4 files changed, 134 insertions(+), 129 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 0afb7273b..c02d25df6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,6 +32,8 @@ ENV PORT=$PORT
 # Prod build
 FROM node:$NODE_VERSION
 
+ARG PORT=80
+
 USER node
 WORKDIR /app
 EXPOSE $PORT
diff --git a/config/webpackDevServer.config.js b/config/webpackDevServer.config.js
index c3c4f1de0..696cfe07c 100644
--- a/config/webpackDevServer.config.js
+++ b/config/webpackDevServer.config.js
@@ -13,135 +13,136 @@ const sockHost = process.env.WDS_SOCKET_HOST;
 const sockPath = process.env.WDS_SOCKET_PATH; // default: '/ws'
 const sockPort = process.env.WDS_SOCKET_PORT;
 
+function disableHostCheck(proxy) {
+	return !proxy || process.env.DANGEROUSLY_DISABLE_HOST_CHECK === 'true';
+}
+
+function getDevServerConfig(allowedHost, disableFirewall) {
+	return {
+		// WebpackDevServer 2.4.3 introduced a security fix that prevents remote
+		// websites from potentially accessing local content through DNS rebinding:
+		// https://github.com/webpack/webpack-dev-server/issues/887
+		// https://medium.com/webpack/webpack-dev-server-middleware-security-issues-1489d950874a
+		// However, it made several existing use cases such as development in cloud
+		// environment or subdomains in development significantly more complicated:
+		// https://github.com/facebook/create-react-app/issues/2271
+		// https://github.com/facebook/create-react-app/issues/2233
+		// While we're investigating better solutions, for now we will take a
+		// compromise. Since our WDS configuration only serves files in the `public`
+		// folder we won't consider accessing them a vulnerability. However, if you
+		// use the `proxy` feature, it gets more dangerous because it can expose
+		// remote code execution vulnerabilities in backends like Django and Rails.
+		// So we will disable the host check normally, but enable it if you have
+		// specified the `proxy` setting. Finally, we let you override it if you
+		// really know what you're doing with a special environment variable.
+		// Note: ["localhost", ".localhost"] will support subdomains - but we might
+		// want to allow setting the allowedHosts manually for more complex setups
+		allowedHosts: disableFirewall ? 'all' : [allowedHost],
+		headers: {
+		'Access-Control-Allow-Origin': '*',
+		'Access-Control-Allow-Methods': '*',
+		'Access-Control-Allow-Headers': '*'
+		},
+		// Enable gzip compression of generated files.
+		compress: true,
+		static: {
+			// By default WebpackDevServer serves physical files from current directory
+			// in addition to all the virtual build products that it serves from memory.
+			// This is confusing because those files won’t automatically be available in
+			// production build folder unless we copy them. However, copying the whole
+			// project directory is dangerous because we may expose sensitive files.
+			// Instead, we establish a convention that only files in `public` directory
+			// get served. Our build script will copy `public` into the `build` folder.
+			// In `index.html`, you can get URL of `public` folder with %PUBLIC_URL%:
+			// <link rel="icon" href="%PUBLIC_URL%/favicon.ico">
+			// In JavaScript code, you can access it with `process.env.PUBLIC_URL`.
+			// Note that we only recommend to use `public` folder as an escape hatch
+			// for files like `favicon.ico`, `manifest.json`, and libraries that are
+			// for some reason broken when imported through webpack. If you just want to
+			// use an image, put it in `src` and `import` it from JavaScript instead.
+			directory: paths.appPublic,
+			publicPath: [paths.publicUrlOrPath],
+			// By default files from `contentBase` will not trigger a page reload.
+			watch: {
+				// Reportedly, this avoids CPU overload on some systems.
+				// https://github.com/facebook/create-react-app/issues/293
+				// src/node_modules is not ignored to support absolute imports
+				// https://github.com/facebook/create-react-app/issues/1065
+				ignored: ignoredFiles(paths.appSrc)
+			}
+		},
+		client: {
+		webSocketURL: {
+			// Enable custom sockjs pathname for websocket connection to hot reloading server.
+			// Enable custom sockjs hostname, pathname and port for websocket connection
+			// to hot reloading server.
+			hostname: sockHost,
+			pathname: sockPath,
+			port: sockPort
+		},
+		overlay: {
+			errors: true,
+			warnings: false
+		}
+		},
+		devMiddleware: {
+			// It is important to tell WebpackDevServer to use the same "publicPath" path as
+			// we specified in the webpack config. When homepage is '.', default to serving
+			// from the root.
+			// remove last slash so user can land on `/test` instead of `/test/`
+			publicPath: paths.publicUrlOrPath.slice(0, -1)
+		},
+		https: getHttpsConfig(),
+		host,
+		historyApiFallback: {
+			// Paths with dots should still use the history fallback.
+			// See https://github.com/facebook/create-react-app/issues/387.
+			disableDotRule: true,
+			index: paths.publicUrlOrPath,
+			rewrites: [
+				{ from: /^\/$/, to: '/beratung-hilfe.html' },
+				{ from: /^\/.+/, to: '/beratung-hilfe.html' }
+			]
+		},
+		// `proxy` is run between `before` and `after` `webpack-dev-server` hooks
+		proxy
+	};
+}
+
+function registerUserMiddlewares(middlewares) {
+	if (fs.existsSync(paths.proxySetup)) {
+		const middlewareConfigs = require(paths.proxySetup)(paths.storagePath);
+		middlewareConfigs.reverse().forEach(({ method, middleware: callback, name, path: route }) => {
+			let middleware = callback;
+
+			if (method) {
+				middleware = (req, res, next) => {
+					if (req.method !== method) return next();
+					callback(req, res, next);
+				};
+			}
+
+			middlewares.unshift({
+				name,
+				path: route || undefined,
+				middleware
+			});
+		});
+	}
+}
+
 module.exports = function (proxy, allowedHost) {
-	const disableFirewall =
-		!proxy || process.env.DANGEROUSLY_DISABLE_HOST_CHECK === 'true';
+	const disableFirewall = disableHostCheck(proxy);
+
 	return {
 		devServer: {
-			// WebpackDevServer 2.4.3 introduced a security fix that prevents remote
-			// websites from potentially accessing local content through DNS rebinding:
-			// https://github.com/webpack/webpack-dev-server/issues/887
-			// https://medium.com/webpack/webpack-dev-server-middleware-security-issues-1489d950874a
-			// However, it made several existing use cases such as development in cloud
-			// environment or subdomains in development significantly more complicated:
-			// https://github.com/facebook/create-react-app/issues/2271
-			// https://github.com/facebook/create-react-app/issues/2233
-			// While we're investigating better solutions, for now we will take a
-			// compromise. Since our WDS configuration only serves files in the `public`
-			// folder we won't consider accessing them a vulnerability. However, if you
-			// use the `proxy` feature, it gets more dangerous because it can expose
-			// remote code execution vulnerabilities in backends like Django and Rails.
-			// So we will disable the host check normally, but enable it if you have
-			// specified the `proxy` setting. Finally, we let you override it if you
-			// really know what you're doing with a special environment variable.
-			// Note: ["localhost", ".localhost"] will support subdomains - but we might
-			// want to allow setting the allowedHosts manually for more complex setups
-			allowedHosts: disableFirewall ? 'all' : [allowedHost],
-			headers: {
-				'Access-Control-Allow-Origin': '*',
-				'Access-Control-Allow-Methods': '*',
-				'Access-Control-Allow-Headers': '*'
-			},
-			// Enable gzip compression of generated files.
-			compress: true,
-			static: {
-				// By default WebpackDevServer serves physical files from current directory
-				// in addition to all the virtual build products that it serves from memory.
-				// This is confusing because those files won’t automatically be available in
-				// production build folder unless we copy them. However, copying the whole
-				// project directory is dangerous because we may expose sensitive files.
-				// Instead, we establish a convention that only files in `public` directory
-				// get served. Our build script will copy `public` into the `build` folder.
-				// In `index.html`, you can get URL of `public` folder with %PUBLIC_URL%:
-				// <link rel="icon" href="%PUBLIC_URL%/favicon.ico">
-				// In JavaScript code, you can access it with `process.env.PUBLIC_URL`.
-				// Note that we only recommend to use `public` folder as an escape hatch
-				// for files like `favicon.ico`, `manifest.json`, and libraries that are
-				// for some reason broken when imported through webpack. If you just want to
-				// use an image, put it in `src` and `import` it from JavaScript instead.
-				directory: paths.appPublic,
-				publicPath: [paths.publicUrlOrPath],
-				// By default files from `contentBase` will not trigger a page reload.
-				watch: {
-					// Reportedly, this avoids CPU overload on some systems.
-					// https://github.com/facebook/create-react-app/issues/293
-					// src/node_modules is not ignored to support absolute imports
-					// https://github.com/facebook/create-react-app/issues/1065
-					ignored: ignoredFiles(paths.appSrc)
-				}
-			},
-			client: {
-				webSocketURL: {
-					// Enable custom sockjs pathname for websocket connection to hot reloading server.
-					// Enable custom sockjs hostname, pathname and port for websocket connection
-					// to hot reloading server.
-					hostname: sockHost,
-					pathname: sockPath,
-					port: sockPort
-				},
-				overlay: {
-					errors: true,
-					warnings: false
-				}
-			},
-			devMiddleware: {
-				// It is important to tell WebpackDevServer to use the same "publicPath" path as
-				// we specified in the webpack config. When homepage is '.', default to serving
-				// from the root.
-				// remove last slash so user can land on `/test` instead of `/test/`
-				publicPath: paths.publicUrlOrPath.slice(0, -1)
-			},
-
-			https: getHttpsConfig(),
-			host,
-			historyApiFallback: {
-				// Paths with dots should still use the history fallback.
-				// See https://github.com/facebook/create-react-app/issues/387.
-				disableDotRule: true,
-				index: paths.publicUrlOrPath,
-				rewrites: [
-					{ from: /^\/$/, to: '/beratung-hilfe.html' },
-					{ from: /^\/.+/, to: '/beratung-hilfe.html' }
-				]
-			},
-			// `proxy` is run between `before` and `after` `webpack-dev-server` hooks
-			proxy,
+			...getDevServerConfig(allowedHost, disableFirewall),
 			setupMiddlewares: (middlewares, devServer) => {
 				if (!devServer) {
 					throw new Error('webpack-dev-server is not defined');
 				}
 
-				if (fs.existsSync(paths.proxySetup)) {
-					// This registers user provided middleware for proxy reasons
-					const middlewareConfigs = require(paths.proxySetup)(
-						paths.storagePath
-					);
-
-					middlewareConfigs
-						.reverse()
-						.forEach(
-							({
-								method,
-								middleware: callback,
-								name,
-								path: route
-							}) => {
-								let middleware = callback;
-								if (method) {
-									middleware = (req, res, next) => {
-										if (req.method !== method)
-											return next();
-										callback(req, res, next);
-									};
-								}
-								middlewares.unshift({
-									name,
-									path: route || undefined,
-									middleware: middleware
-								});
-							}
-						);
-				}
+				registerUserMiddlewares(middlewares);
 
 				middlewares.unshift({
 					name: 'eval-source-map-middleware',
diff --git a/proxy/server.js b/proxy/server.js
index a36100242..e544ca46d 100644
--- a/proxy/server.js
+++ b/proxy/server.js
@@ -38,7 +38,7 @@ const createServer = async () => {
 
 	const serveStatic = await import('serve-static');
 	app.get(
-		/.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$/,
+		/\.(?:css|js|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp[34eg]|a(?:ac|vi)|o(?:gg|gv)|flv|wmv)$/,
 		serveStatic.default(buildPath, { maxAge: '1d' })
 	);
 	app.get(
diff --git a/src/i18n.ts b/src/i18n.ts
index e102044a2..37c35b5e4 100644
--- a/src/i18n.ts
+++ b/src/i18n.ts
@@ -146,17 +146,19 @@ export const init = async (
 						: {}),
 					backend: {
 						backends: [
-							!(translationCacheDisabledLocally === null
-								? translation?.cache?.disabled
-								: translationCacheDisabledLocally) &&
-								LocalStorageBackend,
+							!(
+								translationCacheDisabledLocally ??
+								translation?.cache?.disabled
+							) && LocalStorageBackend,
+
 							translation?.weblate.path && FetchBackend,
 							resourcesToBackend(baseResources)
 						].filter(Boolean),
 						backendOptions: [
-							!(translationCacheDisabledLocally === null
-								? translation?.cache?.disabled
-								: translationCacheDisabledLocally) && {
+							!(
+								translationCacheDisabledLocally ??
+								translation?.cache?.disabled
+							) && {
 								expirationTime:
 									translation?.cache?.time * 60 * 1000
 							},