nodebb/src/controllers/index.js

'use strict';

var async = require('async');
var nconf = require('nconf');
var validator = require('validator');

var meta = require('../meta');
var user = require('../user');
var plugins = require('../plugins');
var privileges = require('../privileges');
var helpers = require('./helpers');

var Controllers = module.exports;

Controllers.ping = require('./ping');
Controllers.home = require('./home');
Controllers.topics = require('./topics');
Controllers.posts = require('./posts');
Controllers.categories = require('./categories');
Controllers.category = require('./category');
Controllers.unread = require('./unread');
Controllers.recent = require('./recent');
Controllers.popular = require('./popular');
Controllers.top = require('./top');
Controllers.tags = require('./tags');
Controllers.search = require('./search');
Controllers.user = require('./user');
Controllers.users = require('./users');
Controllers.groups = require('./groups');
Controllers.accounts = require('./accounts');
Controllers.authentication = require('./authentication');
Controllers.api = require('./api');
Controllers.admin = require('./admin');
Controllers.globalMods = require('./globalmods');
Controllers.mods = require('./mods');
Controllers.sitemap = require('./sitemap');
Controllers.osd = require('./osd');
Controllers['404'] = require('./404');
Controllers.errors = require('./errors');
Controllers.composer = require('./composer');

Controllers.reset = function (req, res, next) {
	const renderReset = function (code, valid) {
		res.render('reset_code', {
			valid: valid,
			displayExpiryNotice: req.session.passwordExpired,
			code: code,
			minimumPasswordLength: parseInt(meta.config.minimumPasswordLength, 10),
			minimumPasswordStrength: parseInt(meta.config.minimumPasswordStrength, 10),
			breadcrumbs: helpers.buildBreadcrumbs([
				{
					text: '[[reset_password:reset_password]]',
					url: '/reset',
				},
				{
					text: '[[reset_password:update_password]]',
				},
			]),
			title: '[[pages:reset]]',
		});
		delete req.session.passwordExpired;
	};

	if (req.params.code) {
		// Save to session and redirect
		req.session.reset_code = req.params.code;
		res.redirect(nconf.get('relative_path') + '/reset');
	} else if (req.session.reset_code) {
		// Validate and save to local variable before removing from session
		user.reset.validate(req.session.reset_code, function (err, valid) {
			if (err) {
				return next(err);
			}

			renderReset(req.session.reset_code, valid);
			delete req.session.reset_code;
		});
	} else {
		res.render('reset', {
			code: null,
			breadcrumbs: helpers.buildBreadcrumbs([{
				text: '[[reset_password:reset_password]]',
			}]),
			title: '[[pages:reset]]',
		});
	}
};

Controllers.login = function (req, res, next) {
	var data = {};
	var loginStrategies = require('../routes/authentication').getLoginStrategies();
	var registrationType = meta.config.registrationType || 'normal';

	var allowLoginWith = (meta.config.allowLoginWith || 'username-email');
	var returnTo = (req.headers['x-return-to'] || '').replace(nconf.get('base_url'), '');

	var errorText;
	if (req.query.error === 'csrf-invalid') {
		errorText = '[[error:csrf-invalid]]';
	} else if (req.query.error) {
		errorText = validator.escape(String(req.query.error));
	}

	if (returnTo) {
		req.session.returnTo = returnTo;
	}

	data.alternate_logins = loginStrategies.length > 0;
	data.authentication = loginStrategies;
	data.allowRegistration = registrationType === 'normal' || registrationType === 'admin-approval' || registrationType === 'admin-approval-ip';
	data.allowLoginWith = '[[login:' + allowLoginWith + ']]';
	data.breadcrumbs = helpers.buildBreadcrumbs([{
		text: '[[global:login]]',
	}]);
	data.error = req.flash('error')[0] || errorText;
	data.title = '[[pages:login]]';

	privileges.global.canGroup('local:login', 'registered-users', function (err, hasLoginPrivilege) {
		if (err) {
			return next(err);
		}

		data.allowLocalLogin = hasLoginPrivilege || parseInt(req.query.local, 10) === 1;
		if (!data.allowLocalLogin && !data.allowRegistration && data.alternate_logins && data.authentication.length === 1) {
			if (res.locals.isAPI) {
				return helpers.redirect(res, {
					external: nconf.get('relative_path') + data.authentication[0].url,
				});
			}
			return res.redirect(nconf.get('relative_path') + data.authentication[0].url);
		}
		if (req.loggedIn) {
			user.getUserFields(req.uid, ['username', 'email'], function (err, user) {
				if (err) {
					return next(err);
				}
				data.username = allowLoginWith === 'email' ? user.email : user.username;
				data.alternate_logins = false;
				res.render('login', data);
			});
		} else {
			res.render('login', data);
		}
	});
};

Controllers.register = function (req, res, next) {
	var registrationType = meta.config.registrationType || 'normal';

	if (registrationType === 'disabled') {
		return next();
	}

	var errorText;
	if (req.query.error === 'csrf-invalid') {
		errorText = '[[error:csrf-invalid]]';
	}

	async.waterfall([
		function (next) {
			if (registrationType === 'invite-only' || registrationType === 'admin-invite-only') {
				user.verifyInvitation(req.query, next);
			} else {
				next();
			}
		},
		function (next) {
			plugins.fireHook('filter:parse.post', {
				postData: {
					content: meta.config.termsOfUse || '',
				},
			}, next);
		},
		function (termsOfUse) {
			var loginStrategies = require('../routes/authentication').getLoginStrategies();
			var data = {
				'register_window:spansize': loginStrategies.length ? 'col-md-6' : 'col-md-12',
				alternate_logins: !!loginStrategies.length,
			};

			data.authentication = loginStrategies;

			data.minimumUsernameLength = parseInt(meta.config.minimumUsernameLength, 10);
			data.maximumUsernameLength = parseInt(meta.config.maximumUsernameLength, 10);
			data.minimumPasswordLength = parseInt(meta.config.minimumPasswordLength, 10);
			data.minimumPasswordStrength = parseInt(meta.config.minimumPasswordStrength || 1, 10);
			data.termsOfUse = termsOfUse.postData.content;
			data.breadcrumbs = helpers.buildBreadcrumbs([{
				text: '[[register:register]]',
			}]);
			data.regFormEntry = [];
			data.error = req.flash('error')[0] || errorText;
			data.title = '[[pages:register]]';

			res.render('register', data);
		},
	], next);
};

Controllers.registerInterstitial = function (req, res, next) {
	if (!req.session.hasOwnProperty('registration')) {
		return res.redirect(nconf.get('relative_path') + '/register');
	}

	async.waterfall([
		function (next) {
			plugins.fireHook('filter:register.interstitial', {
				userData: req.session.registration,
				interstitials: [],
			}, next);
		},
		function (data, next) {
			if (!data.interstitials.length) {
				// No interstitials, redirect to home
				delete req.session.registration;
				return res.redirect(nconf.get('relative_path') + '/');
			}
			var renders = data.interstitials.map(function (interstitial) {
				return async.apply(req.app.render.bind(req.app), interstitial.template, interstitial.data || {});
			});


			async.parallel(renders, next);
		},
		function (sections) {
			var errors = req.flash('errors');
			res.render('registerComplete', {
				title: '[[pages:registration-complete]]',
				errors: errors,
				sections: sections,
			});
		},
	], next);
};

Controllers.confirmEmail = function (req, res) {
	user.email.confirm(req.params.code, function (err) {
		res.render('confirm', {
			error: err ? err.message : '',
			title: '[[pages:confirm]]',
		});
	});
};

Controllers.robots = function (req, res) {
	res.set('Content-Type', 'text/plain');

	if (meta.config['robots:txt']) {
		res.send(meta.config['robots:txt']);
	} else {
		res.send('User-agent: *\n' +
			'Disallow: ' + nconf.get('relative_path') + '/admin/\n' +
			'Disallow: ' + nconf.get('relative_path') + '/reset/\n' +
			'Sitemap: ' + nconf.get('url') + '/sitemap.xml');
	}
};

Controllers.manifest = function (req, res) {
	var manifest = {
		name: meta.config.title || 'NodeBB',
		start_url: nconf.get('relative_path') + '/',
		display: 'standalone',
		orientation: 'portrait',
		icons: [],
	};

	if (meta.config['brand:touchIcon']) {
		manifest.icons.push({
			src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-36.png',
			sizes: '36x36',
			type: 'image/png',
			density: 0.75,
		}, {
			src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-48.png',
			sizes: '48x48',
			type: 'image/png',
			density: 1.0,
		}, {
			src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-72.png',
			sizes: '72x72',
			type: 'image/png',
			density: 1.5,
		}, {
			src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-96.png',
			sizes: '96x96',
			type: 'image/png',
			density: 2.0,
		}, {
			src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-144.png',
			sizes: '144x144',
			type: 'image/png',
			density: 3.0,
		}, {
			src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-192.png',
			sizes: '192x192',
			type: 'image/png',
			density: 4.0,
		});
	}

	res.status(200).json(manifest);
};

Controllers.outgoing = function (req, res, next) {
	var url = req.query.url || '';
	var allowedProtocols = ['http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal'];
	var parsed = require('url').parse(url);

	if (!url || !parsed.protocol || !allowedProtocols.includes(parsed.protocol.slice(0, -1))) {
		return next();
	}

	res.render('outgoing', {
		outgoing: validator.escape(String(url)),
		title: meta.config.title,
		breadcrumbs: helpers.buildBreadcrumbs([{
			text: '[[notifications:outgoing_link]]',
		}]),
	});
};

Controllers.termsOfUse = function (req, res, next) {
	if (!meta.config.termsOfUse) {
		return next();
	}
	res.render('tos', {
		termsOfUse: meta.config.termsOfUse,
	});
};
ESlint quotes 8 years ago			`'use strict';`
jshinting controllers/index.js; adding back meta tags to home page 11 years ago
refactor categories 9 years ago			`var async = require('async');`
			`var nconf = require('nconf');`
			`var validator = require('validator');`

			`var meta = require('../meta');`
			`var user = require('../user');`
			`var plugins = require('../plugins');`
Allow local login,closes #6800 (#6803) * WIP * reset groups cache after every suite 6 years ago			`var privileges = require('../privileges');`
refactor categories 9 years ago			`var helpers = require('./helpers');`
controller indexx 11 years ago
move out error and 404 controllers 8 years ago			`var Controllers = module.exports;`

Moved ping to its own controller re: #6281 7 years ago			`Controllers.ping = require('./ping');`
Better fix for #5993 (#6034) * Better fix for #5993 Also a nice newline so the line doesn't get overwritten when running `./nodebb upgrade` * Optimizations for custom homepage Move it into a separate module 7 years ago			`Controllers.home = require('./home');`
move out error and 404 controllers 8 years ago			`Controllers.topics = require('./topics');`
			`Controllers.posts = require('./posts');`
			`Controllers.categories = require('./categories');`
			`Controllers.category = require('./category');`
			`Controllers.unread = require('./unread');`
			`Controllers.recent = require('./recent');`
			`Controllers.popular = require('./popular');`
#6158 7 years ago			`Controllers.top = require('./top');`
move out error and 404 controllers 8 years ago			`Controllers.tags = require('./tags');`
			`Controllers.search = require('./search');`
more refactors 8 years ago			`Controllers.user = require('./user');`
move out error and 404 controllers 8 years ago			`Controllers.users = require('./users');`
			`Controllers.groups = require('./groups');`
			`Controllers.accounts = require('./accounts');`
			`Controllers.authentication = require('./authentication');`
			`Controllers.api = require('./api');`
			`Controllers.admin = require('./admin');`
			`Controllers.globalMods = require('./globalmods');`
			`Controllers.mods = require('./mods');`
			`Controllers.sitemap = require('./sitemap');`
Change var names 8 years ago			`Controllers.osd = require('./osd');`
move out error and 404 controllers 8 years ago			`Controllers['404'] = require('./404');`
			`Controllers.errors = require('./errors');`
move composer routes to its own file 7 years ago			`Controllers.composer = require('./composer');`
controller indexx 11 years ago
Fix space-before-function-paren linter rule 8 years ago			`Controllers.reset = function (req, res, next) {`
closes #6627 7 years ago			`const renderReset = function (code, valid) {`
			`res.render('reset_code', {`
			`valid: valid,`
			`displayExpiryNotice: req.session.passwordExpired,`
			`code: code,`
			`minimumPasswordLength: parseInt(meta.config.minimumPasswordLength, 10),`
			`minimumPasswordStrength: parseInt(meta.config.minimumPasswordStrength, 10),`
			`breadcrumbs: helpers.buildBreadcrumbs([`
			`{`
			`text: '[[reset_password:reset_password]]',`
			`url: '/reset',`
			`},`
			`{`
			`text: '[[reset_password:update_password]]',`
			`},`
			`]),`
			`title: '[[pages:reset]]',`
			`});`
			`delete req.session.passwordExpired;`
			`};`

closes #2597 10 years ago			`if (req.params.code) {`
closes #6627 7 years ago			`// Save to session and redirect`
			`req.session.reset_code = req.params.code;`
			`res.redirect(nconf.get('relative_path') + '/reset');`
			`} else if (req.session.reset_code) {`
			`// Validate and save to local variable before removing from session`
			`user.reset.validate(req.session.reset_code, function (err, valid) {`
			`if (err) {`
			`return next(err);`
			`}`

			`renderReset(req.session.reset_code, valid);`
			`delete req.session.reset_code;`
			`});`
closes #2597 10 years ago			`} else {`
			`res.render('reset', {`
controller tests 8 years ago			`code: null,`
Closes #5521 8 years ago			`breadcrumbs: helpers.buildBreadcrumbs([{`
			`text: '[[reset_password:reset_password]]',`
			`}]),`
ESlint comma-dangle 8 years ago			`title: '[[pages:reset]]',`
closes #2597 10 years ago			`});`
			`}`
search and reset routes, the very last of the views to be refactored :shipit: 11 years ago			`};`
controller indexx 11 years ago
Fix space-before-function-paren linter rule 8 years ago			`Controllers.login = function (req, res, next) {`
closes #1972 9 years ago			`var data = {};`
			`var loginStrategies = require('../routes/authentication').getLoginStrategies();`
			`var registrationType = meta.config.registrationType \|\| 'normal';`

			`var allowLoginWith = (meta.config.allowLoginWith \|\| 'username-email');`
Replace only base URL in login redirect URL, fixes #5205 8 years ago			`var returnTo = (req.headers['x-return-to'] \|\| '').replace(nconf.get('base_url'), '');`
closes #1306 10 years ago
fixes #4593 9 years ago			`var errorText;`
			`if (req.query.error === 'csrf-invalid') {`
			`errorText = '[[error:csrf-invalid]]';`
better error handling for session revocation if no login session is present, #4214 9 years ago			`} else if (req.query.error) {`
convert to string 9 years ago			`errorText = validator.escape(String(req.query.error));`
fixes #4593 9 years ago			`}`

closes #5156 8 years ago			`if (returnTo) {`
			`req.session.returnTo = returnTo;`
			`}`

auth refactor 10 years ago			`data.alternate_logins = loginStrategies.length > 0;`
			`data.authentication = loginStrategies;`
add "Admin Approval for IPs", which works like Normal for new users and Admin Approval for sockpuppet accounts (#4882) 9 years ago			`data.allowRegistration = registrationType === 'normal' \|\| registrationType === 'admin-approval' \|\| registrationType === 'admin-approval-ip';`
closes #1972 9 years ago			`data.allowLoginWith = '[[login:' + allowLoginWith + ']]';`
Closes #5521 8 years ago			`data.breadcrumbs = helpers.buildBreadcrumbs([{`
			`text: '[[global:login]]',`
			`}]);`
fixes #4593 9 years ago			`data.error = req.flash('error')[0] \|\| errorText;`
remove meta/title.js and meta.title.build #3481 10 years ago			`data.title = '[[pages:login]]';`
initial login and register routes 11 years ago
Allow local login,closes #6800 (#6803) * WIP * reset groups cache after every suite 6 years ago			`privileges.global.canGroup('local:login', 'registered-users', function (err, hasLoginPrivilege) {`
			`if (err) {`
			`return next(err);`
fixes #4840 9 years ago			`}`
Allow local login,closes #6800 (#6803) * WIP * reset groups cache after every suite 6 years ago
			`data.allowLocalLogin = hasLoginPrivilege \|\| parseInt(req.query.local, 10) === 1;`
			`if (!data.allowLocalLogin && !data.allowRegistration && data.alternate_logins && data.authentication.length === 1) {`
			`if (res.locals.isAPI) {`
			`return helpers.redirect(res, {`
			`external: nconf.get('relative_path') + data.authentication[0].url,`
			`});`
closes #1972 9 years ago			`}`
Allow local login,closes #6800 (#6803) * WIP * reset groups cache after every suite 6 years ago			`return res.redirect(nconf.get('relative_path') + data.authentication[0].url);`
			`}`
			`if (req.loggedIn) {`
			`user.getUserFields(req.uid, ['username', 'email'], function (err, user) {`
			`if (err) {`
			`return next(err);`
			`}`
			`data.username = allowLoginWith === 'email' ? user.email : user.username;`
			`data.alternate_logins = false;`
			`res.render('login', data);`
			`});`
			`} else {`
closes #1972 9 years ago			`res.render('login', data);`
Allow local login,closes #6800 (#6803) * WIP * reset groups cache after every suite 6 years ago			`}`
			`});`
initial login and register routes 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`Controllers.register = function (req, res, next) {`
closes #1306 10 years ago			`var registrationType = meta.config.registrationType \|\| 'normal';`

			`if (registrationType === 'disabled') {`
closes #3508 10 years ago			`return next();`
closes #2145 11 years ago			`}`
closes #1165 11 years ago
fixes #4593 9 years ago			`var errorText;`
			`if (req.query.error === 'csrf-invalid') {`
			`errorText = '[[error:csrf-invalid]]';`
			`}`

closes #3271 10 years ago			`async.waterfall([`
Fix space-before-function-paren linter rule 8 years ago			`function (next) {`
Added admin-only invites 9 years ago			`if (registrationType === 'invite-only' \|\| registrationType === 'admin-invite-only') {`
closes #3271 10 years ago			`user.verifyInvitation(req.query, next);`
			`} else {`
			`next();`
			`}`
			`},`
Fix space-before-function-paren linter rule 8 years ago			`function (next) {`
Closes #5521 8 years ago			`plugins.fireHook('filter:parse.post', {`
			`postData: {`
			`content: meta.config.termsOfUse \|\| '',`
			`},`
			`}, next);`
ESlint comma-dangle 8 years ago			`},`
move composer routes to its own file 7 years ago			`function (termsOfUse) {`
			`var loginStrategies = require('../routes/authentication').getLoginStrategies();`
			`var data = {`
			`'register_window:spansize': loginStrategies.length ? 'col-md-6' : 'col-md-12',`
			`alternate_logins: !!loginStrategies.length,`
			`};`

			`data.authentication = loginStrategies;`

			`data.minimumUsernameLength = parseInt(meta.config.minimumUsernameLength, 10);`
			`data.maximumUsernameLength = parseInt(meta.config.maximumUsernameLength, 10);`
			`data.minimumPasswordLength = parseInt(meta.config.minimumPasswordLength, 10);`
revising minimum password strength to be 1 instead of 0 7 years ago			`data.minimumPasswordStrength = parseInt(meta.config.minimumPasswordStrength \|\| 1, 10);`
move composer routes to its own file 7 years ago			`data.termsOfUse = termsOfUse.postData.content;`
			`data.breadcrumbs = helpers.buildBreadcrumbs([{`
			`text: '[[register:register]]',`
			`}]);`
			`data.regFormEntry = [];`
			`data.error = req.flash('error')[0] \|\| errorText;`
			`data.title = '[[pages:register]]';`

			`res.render('register', data);`
			`},`
			`], next);`
initial login and register routes 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`Controllers.registerInterstitial = function (req, res, next) {`
WIP registration interstitial 9 years ago			`if (!req.session.hasOwnProperty('registration')) {`
			`return res.redirect(nconf.get('relative_path') + '/register');`
			`}`

intersititial test 8 years ago			`async.waterfall([`
			`function (next) {`
			`plugins.fireHook('filter:register.interstitial', {`
			`userData: req.session.registration,`
			`interstitials: [],`
			`}, next);`
			`},`
			`function (data, next) {`
			`if (!data.interstitials.length) {`
			`// No interstitials, redirect to home`
			`delete req.session.registration;`
closes #6483 7 years ago			`return res.redirect(nconf.get('relative_path') + '/');`
Handle callback errors 9 years ago			`}`
intersititial test 8 years ago			`var renders = data.interstitials.map(function (interstitial) {`
			`return async.apply(req.app.render.bind(req.app), interstitial.template, interstitial.data \|\| {});`
			`});`
Handle callback errors 9 years ago
intersititial test 8 years ago
			`async.parallel(renders, next);`
			`},`
			`function (sections) {`
closes #6435 7 years ago			`var errors = req.flash('errors');`
WIP registration interstitial 9 years ago			`res.render('registerComplete', {`
closes #5067 9 years ago			`title: '[[pages:registration-complete]]',`
updated termsOfUse to use registration interstitial instead of being integrated into register template 9 years ago			`errors: errors,`
ESlint comma-dangle 8 years ago			`sections: sections,`
WIP registration interstitial 9 years ago			`});`
intersititial test 8 years ago			`},`
			`], next);`
WIP registration interstitial 9 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`Controllers.confirmEmail = function (req, res) {`
tweaks and refactoring for #2774 10 years ago			`user.email.confirm(req.params.code, function (err) {`
			`res.render('confirm', {`
closes #4262 9 years ago			`error: err ? err.message : '',`
			`title: '[[pages:confirm]]',`
tweaks and refactoring for #2774 10 years ago			`});`
confirmEmail route 11 years ago			`});`
			`};`
controllers.home 11 years ago
robots + sitemap; some clean up 11 years ago			`Controllers.robots = function (req, res) {`
			`res.set('Content-Type', 'text/plain');`

closes #5813 8 years ago			`if (meta.config['robots:txt']) {`
			`res.send(meta.config['robots:txt']);`
robots + sitemap; some clean up 11 years ago			`} else {`
ESlint quotes 8 years ago			`res.send('User-agent: *\n' +`
			`'Disallow: ' + nconf.get('relative_path') + '/admin/\n' +`
add reset routes to robots.txt disallow 7 years ago			`'Disallow: ' + nconf.get('relative_path') + '/reset/\n' +`
ESlint quotes 8 years ago			`'Sitemap: ' + nconf.get('url') + '/sitemap.xml');`
robots + sitemap; some clean up 11 years ago			`}`
			`};`

Fix space-before-function-paren linter rule 8 years ago			`Controllers.manifest = function (req, res) {`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`var manifest = {`
controller tests 8 years ago			`name: meta.config.title \|\| 'NodeBB',`
			`start_url: nconf.get('relative_path') + '/',`
			`display: 'standalone',`
			`orientation: 'portrait',`
ESlint comma-dangle 8 years ago			`icons: [],`
controller tests 8 years ago			`};`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago
			`if (meta.config['brand:touchIcon']) {`
			`manifest.icons.push({`
Fix #5416, uploads path config setting - Finish moving uploads route to `/assets/uploads` - Remove `upload_url` config setting, it was broken 8 years ago			`src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-36.png',`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`sizes: '36x36',`
			`type: 'image/png',`
ESlint comma-dangle 8 years ago			`density: 0.75,`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`}, {`
Fix #5416, uploads path config setting - Finish moving uploads route to `/assets/uploads` - Remove `upload_url` config setting, it was broken 8 years ago			`src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-48.png',`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`sizes: '48x48',`
			`type: 'image/png',`
ESlint comma-dangle 8 years ago			`density: 1.0,`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`}, {`
Fix #5416, uploads path config setting - Finish moving uploads route to `/assets/uploads` - Remove `upload_url` config setting, it was broken 8 years ago			`src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-72.png',`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`sizes: '72x72',`
			`type: 'image/png',`
ESlint comma-dangle 8 years ago			`density: 1.5,`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`}, {`
Fix #5416, uploads path config setting - Finish moving uploads route to `/assets/uploads` - Remove `upload_url` config setting, it was broken 8 years ago			`src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-96.png',`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`sizes: '96x96',`
			`type: 'image/png',`
ESlint comma-dangle 8 years ago			`density: 2.0,`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`}, {`
Fix #5416, uploads path config setting - Finish moving uploads route to `/assets/uploads` - Remove `upload_url` config setting, it was broken 8 years ago			`src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-144.png',`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`sizes: '144x144',`
			`type: 'image/png',`
ESlint comma-dangle 8 years ago			`density: 3.0,`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`}, {`
Fix #5416, uploads path config setting - Finish moving uploads route to `/assets/uploads` - Remove `upload_url` config setting, it was broken 8 years ago			`src: nconf.get('relative_path') + '/assets/uploads/system/touchicon-192.png',`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`sizes: '192x192',`
			`type: 'image/png',`
ESlint comma-dangle 8 years ago			`density: 4.0,`
refactor categories 9 years ago			`});`
Add new ACP option to upload Touch Icon, #3668 Also added a number of fixes for mobile enhancements, such as serving a manifest.json file for Android devices, and serving proper link tags for all uploaded touch icons. This commit also creates a new template helper for link tags. 10 years ago			`}`

			`res.status(200).json(manifest);`
			`};`

move out error and 404 controllers 8 years ago			`Controllers.outgoing = function (req, res, next) {`
closes #5011 9 years ago			`var url = req.query.url \|\| '';`
utilising whitelist instead of blacklisting javascript protocol 7 years ago			`var allowedProtocols = ['http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal'];`
			`var parsed = require('url').parse(url);`
move out error and 404 controllers 8 years ago
closes #6132 7 years ago			`if (!url \|\| !parsed.protocol \|\| !allowedProtocols.includes(parsed.protocol.slice(0, -1))) {`
move out error and 404 controllers 8 years ago			`return next();`
			`}`

			`res.render('outgoing', {`
closes #5011 9 years ago			`outgoing: validator.escape(String(url)),`
fix validator warning 9 years ago			`title: meta.config.title,`
Closes #5521 8 years ago			`breadcrumbs: helpers.buildBreadcrumbs([{`
			`text: '[[notifications:outgoing_link]]',`
			`}]),`
move out error and 404 controllers 8 years ago			`});`
all user account pages; all static pages; outgoing page 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`Controllers.termsOfUse = function (req, res, next) {`
closes #2400 10 years ago			`if (!meta.config.termsOfUse) {`
closes #3508 10 years ago			`return next();`
closes #2400 10 years ago			`}`
Closes #5521 8 years ago			`res.render('tos', {`
			`termsOfUse: meta.config.termsOfUse,`
			`});`
closes #2400 10 years ago			`};`