docker-prerender
Advanced tools
docker-prerender - npm Package Compare versions
+14
-10
| { | ||
| "name": "docker-prerender", | ||
| "version": "1.0.0", | ||
| "description": "Dockerfile to build the prerender container image", | ||
| "main": "server.js", | ||
| "dependencies": { | ||
| "prerender": "^4.1.0" | ||
| }, | ||
| "devDependencies": {}, | ||
| "version": "2.0.0", | ||
| "description": "", | ||
| "main": "index.js", | ||
| "scripts": { | ||
| "test": "echo \"Error: no test specified\" && exit 1", | ||
| "start": "node server.js" | ||
| "test": "echo \"Error: no test specified\" && exit 1" | ||
| }, | ||
| "license": "MIT" | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/npm/deprecate-holder.git" | ||
| }, | ||
| "author": "", | ||
| "license": "ISC", | ||
| "bugs": { | ||
| "url": "https://github.com/npm/deprecate-holder/issues" | ||
| }, | ||
| "homepage": "https://github.com/npm/deprecate-holder#readme" | ||
| } |
+3
-3
@@ -1,5 +0,5 @@ | ||
| [](https://gemnasium.com/github.com/Magnetme/prerender-docker) | ||
| # Deprecated Package | ||
| A simple Docker container which run a relatively recent Prerender instance. | ||
| We use it @ [Magnet.me](https://magnet.me) to serve beautiful content to scrapers which do not understand Javascript (Facebook or Whatsapp for example). | ||
| This package is no longer supported and has been deprecated. To avoid malicious use, npm is hanging on to the package name. | ||
| Please contact support@npmjs.com if you have questions about this package. |
-24
| FROM node:latest | ||
| MAINTAINER Magnet.me | ||
| EXPOSE 3000 | ||
| RUN apt-get update \ | ||
| && apt-get install -y \ | ||
| build-essential g++ flex bison gperf ruby perl \ | ||
| libsqlite3-dev libfontconfig1-dev libicu-dev libfreetype6 libssl-dev \ | ||
| libpng-dev libjpeg-dev python libx11-dev libxext-dev | ||
| RUN mkdir -p /usr/src/app | ||
| RUN groupadd -r prerender && useradd -r -g prerender -d /usr/src/app prerender | ||
| RUN chown prerender:prerender /usr/src/app | ||
| USER prerender | ||
| WORKDIR /usr/src/app | ||
| COPY package.json /usr/src/app/ | ||
| RUN npm install | ||
| COPY . /usr/src/app | ||
| CMD [ "npm", "start" ] | ||
| // Set all blacklisted headers as lowercase | ||
| var BLACKLISTED = [ | ||
| 'user-agent', // Prerender sets her own user agent, which we dont want to override | ||
| 'host', // This is set to the host of prerender, so its wrong to forward | ||
| 'accept', // Let prerender accept everything and handle it | ||
| 'accept-encoding', // We dont want to forward deflate or gzip since prerender will break on those | ||
| 'connection', // No sudden keepalive stuff | ||
| 'accept-charset', // Prerender handles this | ||
| 'content-length' // Since we are rewriting lots of the request, we let prerender recalculate this | ||
| ]; | ||
| module.exports = { | ||
| // Since prerender does not forward headers, this causes problems for some crawlers looking for | ||
| // e.g. localized content. This plugin ensures the headers sent to prerender are also set in | ||
| // the PhantomJS instance. Some headers may be blacklisted and will not be forwarded. | ||
| onPhantomPageCreate: function (phantom, req, res, next) { | ||
| // The following function is executed in the Phridge context, which means we do not have a | ||
| // regular closure over it. Instead this function is stringified and sent to Phridge, where | ||
| // it is executed. | ||
| function executeInsidePhantom(headers, blacklisted, resolve) { | ||
| var customHeaders = this.customHeaders || {}; | ||
| for (var header in headers) { | ||
| if (headers.hasOwnProperty(header) && blacklisted.indexOf(header) === -1) { | ||
| customHeaders[header] = headers[header]; | ||
| // console.debug('Forwarding header ' + header); | ||
| } | ||
| } | ||
| this.customHeaders = customHeaders; | ||
| resolve(); | ||
| } | ||
| // By setting the headers as an argument here, they will be bound in the function in Phridge. | ||
| // Transformation is done using JSON.stringify and the resulting JSON object is unpacked in | ||
| // Phridge. We use a promise based approach so we can detect when phridge has set the headers, | ||
| // and we continue the middleware chain. | ||
| req.prerender.page.run(req.headers, BLACKLISTED, executeInsidePhantom | ||
| ).then(function () { | ||
| next(); | ||
| }).catch(function () { | ||
| res.sendStatus(statusCode); | ||
| res.end('Could not forward sent headers'); | ||
| }); | ||
| } | ||
| }; |
-32
| var prerender = require('prerender'); | ||
| var forwardHeaders = require('./forwardHeaders'); | ||
| var server = prerender({ | ||
| workers: process.env.PRERENDER_NUM_WORKERS || 4, | ||
| iterations: process.env.PRERENDER_NUM_ITERATIONS || 25, | ||
| softIterations: process.env.PRERENDER_NUM_SOFT_ITERATIONS || 10 | ||
| }); | ||
| server.use(forwardHeaders); | ||
| server.use(prerender.sendPrerenderHeader()); | ||
| server.use(prerender.removeScriptTags()); | ||
| server.use(prerender.httpHeaders()); | ||
| server.start(); | ||
| function shutdown() { | ||
| console.log('Shutdown initiated'); | ||
| server.exit(); | ||
| // At this point prerender has started killing its phantom workers already. | ||
| // We give it 5 seconds to quickly do so, and then halt the process. This | ||
| // will ensure relatively rapid redeploys (prerender no longer accepts new | ||
| // requests at this point | ||
| setTimeout(function () { | ||
| console.log('Prerender has shut down'); | ||
| process.exit(); | ||
| }, 5000); | ||
| } | ||
| process.on('SIGINT', shutdown); | ||
| process.on('SIGTERM', shutdown); |
New alerts
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
Improved metrics
- Dependency count
0
-100%- Number of low maintenance alerts
2
-33.33%- Number of low quality alerts
1
-50%- Number of low supply chain risk alerts
0
-100%Worsened metrics
- Total package byte prevSize
679
-84.88%- Number of package files
2
-60%- Lines of code
0
-100%- Number of medium supply chain risk alerts
2
Infinity%Dependency changes
- Removed
prerender@^4.1.0- Removed
ajv@6.14.0(transitive)- Removed
asn1@0.2.6(transitive)- Removed
assert-plus@1.0.0(transitive)- Removed
async@1.5.2(transitive)- Removed
async-function@1.0.0(transitive)- Removed
async-generator-function@1.0.0(transitive)- Removed
asynckit@0.4.0(transitive)- Removed
available-typed-arrays@1.0.7(transitive)- Removed
aws-sdk@2.1693.0(transitive)- Removed
aws-sign2@0.7.0(transitive)- Removed
aws4@1.13.2(transitive)- Removed
balanced-match@1.0.2(transitive)- Removed
base64-js@1.5.1(transitive)- Removed
bcrypt-pbkdf@1.0.2(transitive)- Removed
brace-expansion@1.1.12(transitive)- Removed
buffer@4.9.2(transitive)- Removed
buffer-crc32@0.2.13(transitive)- Removed
buffer-from@1.1.2(transitive)- Removed
cache-manager@2.11.1(transitive)- Removed
call-bind@1.0.8(transitive)- Removed
call-bind-apply-helpers@1.0.2(transitive)- Removed
call-bound@1.0.4(transitive)- Removed
caseless@0.12.0(transitive)- Removed
combined-stream@1.0.8(transitive)- Removed
concat-map@0.0.1(transitive)- Removed
concat-stream@1.6.2(transitive)- Removed
core-util-is@1.0.21.0.3(transitive)- Removed
dashdash@1.14.1(transitive)- Removed
debug@2.6.9(transitive)- Removed
define-data-property@1.1.4(transitive)- Removed
delayed-stream@1.0.0(transitive)- Removed
dunder-proto@1.0.1(transitive)- Removed
ecc-jsbn@0.1.2(transitive)- Removed
es-define-property@1.0.1(transitive)- Removed
es-errors@1.3.0(transitive)- Removed
es-object-atoms@1.1.1(transitive)- Removed
es6-promise@4.2.8(transitive)- Removed
events@1.1.1(transitive)- Removed
extend@3.0.2(transitive)- Removed
extract-zip@1.7.0(transitive)- Removed
extsprintf@1.3.0(transitive)- Removed
fast-deep-equal@3.1.3(transitive)- Removed
fast-json-stable-stringify@2.1.0(transitive)- Removed
fd-slicer@1.1.0(transitive)- Removed
for-each@0.3.5(transitive)- Removed
forever-agent@0.6.1(transitive)- Removed
fork-stream@0.0.4(transitive)- Removed
form-data@2.3.3(transitive)- Removed
fs-extra@1.0.0(transitive)- Removed
fs.realpath@1.0.0(transitive)- Removed
function-bind@1.1.2(transitive)- Removed
generator-function@2.0.1(transitive)- Removed
get-intrinsic@1.3.1(transitive)- Removed
get-proto@1.0.1(transitive)- Removed
getpass@0.1.7(transitive)- Removed
glob@7.2.3(transitive)- Removed
gopd@1.2.0(transitive)- Removed
graceful-fs@4.2.11(transitive)- Removed
har-schema@2.0.0(transitive)- Removed
har-validator@5.1.5(transitive)- Removed
has-property-descriptors@1.0.2(transitive)- Removed
has-symbols@1.1.0(transitive)- Removed
has-tostringtag@1.0.2(transitive)- Removed
hasha@2.2.0(transitive)- Removed
hasown@2.0.2(transitive)- Removed
he@1.2.0(transitive)- Removed
http-signature@1.2.0(transitive)- Removed
ieee754@1.1.13(transitive)- Removed
inflight@1.0.6(transitive)- Removed
inherits@2.0.4(transitive)- Removed
is-arguments@1.2.0(transitive)- Removed
is-callable@1.2.7(transitive)- Removed
is-generator-function@1.1.2(transitive)- Removed
is-regex@1.2.1(transitive)- Removed
is-stream@1.1.0(transitive)- Removed
is-typed-array@1.1.15(transitive)- Removed
is-typedarray@1.0.0(transitive)- Removed
isarray@1.0.0(transitive)- Removed
isexe@2.0.0(transitive)- Removed
isstream@0.1.2(transitive)- Removed
jmespath@0.16.0(transitive)- Removed
jsbn@0.1.1(transitive)- Removed
json-schema@0.4.0(transitive)- Removed
json-schema-traverse@0.4.1(transitive)- Removed
json-stringify-safe@5.0.1(transitive)- Removed
jsonfile@2.4.0(transitive)- Removed
jsprim@1.4.2(transitive)- Removed
kew@0.7.0(transitive)- Removed
klaw@1.3.1(transitive)- Removed
linerstream@0.1.4(transitive)- Removed
lodash@4.17.23(transitive)- Removed
lodash.clonedeep@4.5.0(transitive)- Removed
lru-cache@4.0.0(transitive)- Removed
math-intrinsics@1.1.0(transitive)- Removed
mime-db@1.52.0(transitive)- Removed
mime-types@2.1.35(transitive)- Removed
minimatch@3.1.5(transitive)- Removed
minimist@1.2.8(transitive)- Removed
mkdirp@0.5.6(transitive)- Removed
ms@2.0.0(transitive)- Removed
oauth-sign@0.9.0(transitive)- Removed
once@1.4.0(transitive)- Removed
path-is-absolute@1.0.1(transitive)- Removed
pend@1.2.0(transitive)- Removed
performance-now@2.1.0(transitive)- Removed
phantomjs-prebuilt@2.1.16(transitive)- Removed
phridge@2.0.0(transitive)- Removed
pinkie@2.0.4(transitive)- Removed
pinkie-promise@2.0.1(transitive)- Removed
possible-typed-array-names@1.1.0(transitive)- Removed
prerender@4.4.1(transitive)- Removed
process-nextick-args@2.0.1(transitive)- Removed
progress@1.1.8(transitive)- Removed
pseudomap@1.0.2(transitive)- Removed
psl@1.15.0(transitive)- Removed
punycode@1.3.22.3.1(transitive)- Removed
qs@6.5.5(transitive)- Removed
querystring@0.2.0(transitive)- Removed
readable-stream@2.3.8(transitive)- Removed
request@2.88.2(transitive)- Removed
request-progress@2.0.1(transitive)- Removed
rimraf@2.6.3(transitive)- Removed
safe-buffer@5.1.2(transitive)- Removed
safe-regex-test@1.1.0(transitive)- Removed
safer-buffer@2.1.2(transitive)- Removed
sax@1.2.1(transitive)- Removed
set-function-length@1.2.2(transitive)- Removed
signal-exit@3.0.7(transitive)- Removed
sshpk@1.18.0(transitive)- Removed
string_decoder@1.1.1(transitive)- Removed
temp@0.8.4(transitive)- Removed
throttleit@1.0.1(transitive)- Removed
tough-cookie@2.5.0(transitive)- Removed
tunnel-agent@0.6.0(transitive)- Removed
tweetnacl@0.14.5(transitive)- Removed
typedarray@0.0.6(transitive)- Removed
uri-js@4.4.1(transitive)- Removed
url@0.10.3(transitive)- Removed
util@0.12.5(transitive)- Removed
util-deprecate@1.0.2(transitive)- Removed
uuid@3.4.08.0.0(transitive)- Removed
verror@1.10.0(transitive)- Removed
which@1.3.1(transitive)- Removed
which-typed-array@1.1.20(transitive)- Removed
wrappy@1.0.2(transitive)- Removed
xml2js@0.6.2(transitive)- Removed
xmlbuilder@11.0.1(transitive)- Removed
yallist@2.1.2(transitive)- Removed
yauzl@2.10.0(transitive)