From 60bd77171aabae5f55acdad5507dffe7e36539ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20M=C3=BCller?= <no@way.click>
Date: Mon, 21 Mar 2016 12:18:34 +0100
Subject: [PATCH] misuse prevention mechanism added

---
 resources/misuse.js     | 0
 resources/misuses.txt   | 0
 resources/template.html | 1 +
 server.js               | 2 +-
 src/view.js             | 9 ++++++---
 5 files changed, 8 insertions(+), 4 deletions(-)
 create mode 100644 resources/misuse.js
 create mode 100644 resources/misuses.txt

diff --git a/resources/misuse.js b/resources/misuse.js
new file mode 100644
index 0000000..e69de29
diff --git a/resources/misuses.txt b/resources/misuses.txt
new file mode 100644
index 0000000..e69de29
diff --git a/resources/template.html b/resources/template.html
index fad3326..7ddd409 100644
--- a/resources/template.html
+++ b/resources/template.html
@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 <html>
 <head>
+    %MISUSE%
 	<title>NoteHub &mdash; %TITLE%</title>
 	<meta charset="UTF-8" />
 	<meta content="width=device-width, initial-scale=1.0" name="viewport" />
diff --git a/server.js b/server.js
index 2030997..51b29ae 100644
--- a/server.js
+++ b/server.js
@@ -147,7 +147,7 @@ app.get(/\/([a-z0-9]+)/, function(req, res) {
 
 var sendResponse = (res, code, message) => {
     log("sending response", code, message);
-    res.status(code).send(view.renderPage(message, "<h1>" + message + "</h1>", ""));
+    res.status(code).send(view.renderPage(null, message, "<h1>" + message + "</h1>", ""));
 }
 
 var notFound = res => sendResponse(res, 404, "Not found");
diff --git a/src/view.js b/src/view.js
index df81a65..625f468 100644
--- a/src/view.js
+++ b/src/view.js
@@ -4,19 +4,22 @@ var fs = require("fs");
 var pageTemplate = fs.readFileSync("resources/template.html", "utf-8");
 var footerTemplate = fs.readFileSync("resources/footer.html", "utf-8");
 var editTemplate = fs.readFileSync("resources/edit.html", "utf-8");
+var misuseScript = fs.readFileSync("resources/misuse.js", "utf-8");
+var misuses = new Set(fs.readFileSync("resources/misuses.txt", "utf-8").split(/\s+/));
 
 var deriveTitle = text => text
   .split(/[\n\r]/)[0].slice(0,25)
   .replace(/[^a-zA-Z0-9\s]/g, "");
 
-var renderPage = (title, content, footer) => pageTemplate
+var renderPage = (id, title, content, footer) => pageTemplate
+  .replace("%MISUSE%", misuses.has(id) ? misuseScript : "")
   .replace("%TITLE%", title)
   .replace("%CONTENT%", content)
   .replace("%FOOTER%", footer);
   
 module.exports.renderPage = renderPage;
 
-module.exports.renderStats = note => renderPage(deriveTitle(note.text), 
+module.exports.renderStats = note => renderPage(note.id, deriveTitle(note.text), 
   `<h2>Statistics</h2>
   <table>
     <tr><td>Published</td><td>${note.published}</td></tr>
@@ -25,7 +28,7 @@ module.exports.renderStats = note => renderPage(deriveTitle(note.text),
   </table>`,
   "");
 
-module.exports.renderNote = note => renderPage(deriveTitle(note.text), 
+module.exports.renderNote = note => renderPage(note.id, deriveTitle(note.text), 
   marked(note.text),
   footerTemplate.replace(/%LINK%/g, note.id));