KevinMidboe/zoff
1
0
Fork 0
mirror of https://github.com/KevinMidboe/zoff.git synced 2025-10-29 18:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed issues with imageblobblur and typo in io.js

Browse Source
This commit is contained in:
Kasper Rynning-Tønnesen
2018-05-12 15:11:35 +02:00
parent 1bd1676f82
commit 0a73c922c3
2 changed files with 117 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

216
server/handlers/io.js
View File

@@ -3,7 +3,7 @@ var cookie = require("cookie");
module.exports = function() { module.exports = function() {
io.on('connection', function(socket){ io.on('connection', function(socket){
try { try {
var parsedCookies = cookie.parse(socket.handshake.headers.cookie); var parsedCookies = cookie.parse(socket.handshake.headers.cookie);
socket.cookie_id = parsedCookies["_uI"]; socket.cookie_id = parsedCookies["_uI"];
//return socket.guid; //return socket.guid;
} catch(e) { } catch(e) {
@@ -37,8 +37,8 @@ module.exports = function() {
var channel = msg.channel; var channel = msg.channel;
if(channel.indexOf("?") > -1){ if(channel.indexOf("?") > -1){
channel = channel.substring(0, channel.indexOf("?")); channel = channel.substring(0, channel.indexOf("?"));
} }
channel = channel.replace(/ /g,''); channel = channel.replace(/ /g,'');
if(offline) { if(offline) {
db.collection("connected_users").update({"_id": "offline_users"}, {$addToSet: {users: guid}}, {upsert: true}, function(err, docs){}); db.collection("connected_users").update({"_id": "offline_users"}, {$addToSet: {users: guid}}, {upsert: true}, function(err, docs){});
@@ -59,8 +59,8 @@ module.exports = function() {
socket.on('chromecast', function(msg) { socket.on('chromecast', function(msg) {
try { try {
if(typeof(msg) == "object" && msg.hasOwnProperty("guid") && if(typeof(msg) == "object" && msg.hasOwnProperty("guid") &&
msg.hasOwnProperty("socket_id") && msg.hasOwnProperty("channel") && typeof(msg.guid) == "string" && msg.hasOwnProperty("socket_id") && msg.hasOwnProperty("channel") && typeof(msg.guid) == "string" &&
typeof(msg.channel) == "string" && typeof(msg.socket_id) == "string") { typeof(msg.channel) == "string" && typeof(msg.socket_id) == "string") {
db.collection("connected_users").find({"_id": msg.channel}, function(err, connected_users_channel) { db.collection("connected_users").find({"_id": msg.channel}, function(err, connected_users_channel) {
if(connected_users_channel.length > 0 && connected_users_channel[0].users.indexOf(msg.guid) > -1) { if(connected_users_channel.length > 0 && connected_users_channel[0].users.indexOf(msg.guid) > -1) {
socket.cookie_id = msg.guid; socket.cookie_id = msg.guid;
@@ -71,8 +71,8 @@ module.exports = function() {
coll = emojiStrip(coll).toLowerCase(); coll = emojiStrip(coll).toLowerCase();
coll = filter.clean(coll); coll = filter.clean(coll);
if(coll.indexOf("?") > -1){ if(coll.indexOf("?") > -1){
coll = coll.substring(0, coll.indexOf("?")); coll = coll.substring(0, coll.indexOf("?"));
} }
in_list = true; in_list = true;
chromecast_object = true; chromecast_object = true;
socket.join(coll); socket.join(coll);
@@ -89,22 +89,22 @@ module.exports = function() {
}); });
socket.on("error_video", function(msg) { socket.on("error_video", function(msg) {
try { try {
var _list = msg.channel.replace(/ /g,''); var _list = msg.channel.replace(/ /g,'');
if(_list.length == 0) return; if(_list.length == 0) return;
if(_list.indexOf("?") > -1){ if(_list.indexOf("?") > -1){
_list = _list.substring(0, _list.indexOf("?")); _list = _list.substring(0, _list.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
coll = emojiStrip(_list).toLowerCase(); coll = emojiStrip(_list).toLowerCase();
coll = coll.replace(/_/g, ""); coll = coll.replace(/_/g, "");
coll = filter.clean(coll); coll = filter.clean(coll);
} catch(e) { } catch(e) {
return; return;
} }
Search.check_error_video(msg, coll); Search.check_error_video(msg, coll);
}); });
socket.on("get_spread", function(){ socket.on("get_spread", function(){
db.collection("connected_users").find({"_id": "total_users"}, function(err, tot) { db.collection("connected_users").find({"_id": "total_users"}, function(err, tot) {
@@ -122,33 +122,33 @@ module.exports = function() {
socket.on('suggest_thumbnail', function(msg){ socket.on('suggest_thumbnail', function(msg){
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
Suggestions.thumbnail(msg, coll.replace(/ /g,''), guid, offline, socket); Suggestions.thumbnail(msg, coll.replace(/ /g,''), guid, offline, socket);
}); });
socket.on('suggest_description', function(msg){ socket.on('suggest_description', function(msg){
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
Suggestions.description(msg, coll.replace(/ /g,''), guid, offline, socket); Suggestions.description(msg, coll.replace(/ /g,''), guid, offline, socket);
}); });
socket.on("namechange", function(msg) { socket.on("namechange", function(msg) {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
Chat.namechange(msg, guid, socket); Chat.namechange(msg, guid, socket);
}); });
socket.on("removename", function(msg) { socket.on("removename", function(msg) {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
if(typeof(msg) != "object" || !msg.hasOwnProperty("channel")) { if(typeof(msg) != "object" || !msg.hasOwnProperty("channel")) {
var result = { var result = {
channel: { channel: {
@@ -156,7 +156,7 @@ module.exports = function() {
got: msg.hasOwnProperty("channel") ? typeof(msg.channel) : undefined, got: msg.hasOwnProperty("channel") ? typeof(msg.channel) : undefined,
} }
}; };
socket.emit('update_required', result); socket.emit('update_required', result);
return; return;
} }
Chat.removename(guid, msg.channel, socket); Chat.removename(guid, msg.channel, socket);
@@ -164,9 +164,9 @@ module.exports = function() {
socket.on("offline", function(msg){ socket.on("offline", function(msg){
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
if(!msg.hasOwnProperty('status') || !msg.hasOwnProperty('channel') || if(!msg.hasOwnProperty('status') || !msg.hasOwnProperty('channel') ||
typeof(msg.status) != "boolean" || typeof(msg.channel) != "string") { typeof(msg.status) != "boolean" || typeof(msg.channel) != "string") {
var result = { var result = {
@@ -179,7 +179,7 @@ module.exports = function() {
got: msg.hasOwnProperty("channel") ? typeof(msg.channel) : undefined got: msg.hasOwnProperty("channel") ? typeof(msg.channel) : undefined
} }
}; };
socket.emit('update_required', result); socket.emit('update_required', result);
return; return;
} }
var status = msg.status; var status = msg.status;
@@ -227,9 +227,9 @@ module.exports = function() {
socket.on('get_history', function(msg) { socket.on('get_history', function(msg) {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
if(!msg.hasOwnProperty("channel") || !msg.hasOwnProperty("all") || if(!msg.hasOwnProperty("channel") || !msg.hasOwnProperty("all") ||
typeof(msg.channel) != "string" || typeof(msg.all) != "boolean") { typeof(msg.channel) != "string" || typeof(msg.all) != "boolean") {
var result = { var result = {
@@ -246,7 +246,7 @@ module.exports = function() {
got: msg.hasOwnProperty("pass") ? typeof(msg.pass) : undefined, got: msg.hasOwnProperty("pass") ? typeof(msg.pass) : undefined,
} }
}; };
socket.emit('update_required', result); socket.emit('update_required', result);
return; return;
} }
Chat.get_history(msg.channel.replace(/ /g,''), msg.all, socket); Chat.get_history(msg.channel.replace(/ /g,''), msg.all, socket);
@@ -254,35 +254,35 @@ module.exports = function() {
socket.on('chat', function (msg) { socket.on('chat', function (msg) {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
Chat.chat(msg, guid, offline, socket); Chat.chat(msg, guid, offline, socket);
}); });
socket.on("all,chat", function(data) socket.on("all,chat", function(data)
{ {
if(data.hasOwnProperty("channel") && data.channel.indexOf("?") > -1){ if(data.hasOwnProperty("channel") && data.channel.indexOf("?") > -1){
var _list = data.channel.substring(0, data.channel.indexOf("?")); var _list = data.channel.substring(0, data.channel.indexOf("?"));
data.channel = _list; data.channel = _list;
} }
Chat.all_chat(data, guid, offline, socket); Chat.all_chat(data, guid, offline, socket);
}); });
socket.on('frontpage_lists', function(msg) socket.on('frontpage_lists', function(msg)
{ {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
Frontpage.frontpage_lists(msg, socket); Frontpage.frontpage_lists(msg, socket);
}); });
socket.on('import_zoff', function(msg) { socket.on('import_zoff', function(msg) {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
ListChange.addFromOtherList(msg, guid, offline, socket); ListChange.addFromOtherList(msg, guid, offline, socket);
}) })
@@ -294,9 +294,9 @@ module.exports = function() {
socket.on('id', function(arr) socket.on('id', function(arr)
{ {
if(arr.hasOwnProperty("channel") && arr.channel.indexOf("?") > -1){ if(arr.hasOwnProperty("channel") && arr.channel.indexOf("?") > -1){
var _list = arr.channel.substring(0, arr.channel.indexOf("?")); var _list = arr.channel.substring(0, arr.channel.indexOf("?"));
arr.channel = _list; arr.channel = _list;
} }
if(typeof(arr) == 'object') if(typeof(arr) == 'object')
io.to(arr.id).emit(arr.id.toLowerCase(), {type: arr.type, value: arr.value}); io.to(arr.id).emit(arr.id.toLowerCase(), {type: arr.type, value: arr.value});
}); });
@@ -304,16 +304,16 @@ module.exports = function() {
socket.on('list', function(msg) socket.on('list', function(msg)
{ {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
try { try {
var _list = msg.channel.replace(/ /g,''); var _list = msg.channel.replace(/ /g,'');
if(_list.length == 0) return; if(_list.length == 0) return;
if(_list.indexOf("?") > -1){ if(_list.indexOf("?") > -1){
_list = _list.substring(0, _list.indexOf("?")); _list = _list.substring(0, _list.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
coll = emojiStrip(_list).toLowerCase(); coll = emojiStrip(_list).toLowerCase();
coll = coll.replace(/_/g, ""); coll = coll.replace(/_/g, "");
// //
@@ -332,9 +332,9 @@ module.exports = function() {
socket.on('end', function(obj) socket.on('end', function(obj)
{ {
if(obj.hasOwnProperty("channel") && obj.channel.indexOf("?") > -1){ if(obj.hasOwnProperty("channel") && obj.channel.indexOf("?") > -1){
var _list = obj.channel.substring(0, obj.channel.indexOf("?")); var _list = obj.channel.substring(0, obj.channel.indexOf("?"));
obj.channel = _list; obj.channel = _list;
} }
if(coll === undefined) { if(coll === undefined) {
try { try {
coll = obj.channel.toLowerCase().replace(/ /g,''); coll = obj.channel.toLowerCase().replace(/ /g,'');
@@ -352,18 +352,18 @@ module.exports = function() {
socket.on('addPlaylist', function(arr) { socket.on('addPlaylist', function(arr) {
if(arr.hasOwnProperty("channel") && arr.channel.indexOf("?") > -1){ if(arr.hasOwnProperty("channel") && arr.channel.indexOf("?") > -1){
var _list = arr.channel.substring(0, arr.channel.indexOf("?")); var _list = arr.channel.substring(0, arr.channel.indexOf("?"));
arr.channel = _list; arr.channel = _list;
} }
ListChange.addPlaylist(arr, guid, offline, socket); ListChange.addPlaylist(arr, guid, offline, socket);
}) })
socket.on('add', function(arr) socket.on('add', function(arr)
{ {
if(arr.hasOwnProperty("channel") && arr.channel.indexOf("?") > -1){ if(arr.hasOwnProperty("channel") && arr.channel.indexOf("?") > -1){
var _list = arr.channel.substring(0, arr.channel.indexOf("?")); var _list = arr.channel.substring(0, arr.channel.indexOf("?"));
arr.channel = _list; arr.channel = _list;
} }
if(coll !== undefined) { if(coll !== undefined) {
try { try {
coll = arr.list.replace(/ /g,''); coll = arr.list.replace(/ /g,'');
@@ -382,9 +382,9 @@ module.exports = function() {
socket.on('delete_all', function(msg) { socket.on('delete_all', function(msg) {
try { try {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
coll = msg.channel.toLowerCase().replace(/ /g,''); coll = msg.channel.toLowerCase().replace(/ /g,'');
if(coll.length == 0) return; if(coll.length == 0) return;
coll = emojiStrip(coll).toLowerCase(); coll = emojiStrip(coll).toLowerCase();
@@ -401,9 +401,9 @@ module.exports = function() {
socket.on('vote', function(msg) socket.on('vote', function(msg)
{ {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
if(coll !== undefined) { if(coll !== undefined) {
try { try {
coll = msg.channel.toLowerCase().replace(/ /g,''); coll = msg.channel.toLowerCase().replace(/ /g,'');
@@ -422,9 +422,9 @@ module.exports = function() {
socket.on('password', function(inp) socket.on('password', function(inp)
{ {
if(inp.hasOwnProperty("channel") && inp.channel.indexOf("?") > -1){ if(inp.hasOwnProperty("channel") && inp.channel.indexOf("?") > -1){
var _list = inp.channel.substring(0, inp.channel.indexOf("?")); var _list = inp.channel.substring(0, inp.channel.indexOf("?"));
inp.channel = _list; inp.channel = _list;
} }
if(coll != undefined) coll.replace(/ /g,''); if(coll != undefined) coll.replace(/ /g,'');
ListSettings.password(inp, coll, guid, offline, socket); ListSettings.password(inp, coll, guid, offline, socket);
}); });
@@ -432,27 +432,31 @@ module.exports = function() {
socket.on('skip', function(list) socket.on('skip', function(list)
{ {
if(list.hasOwnProperty("channel") && list.channel.indexOf("?") > -1){ if(list.hasOwnProperty("channel") && list.channel.indexOf("?") > -1){
var _list = list.channel.substring(0, list.channel.indexOf("?")); var _list = list.channel.substring(0, list.channel.indexOf("?"));
list.channel = _list; list.channel = _list;
} coll = list.channel;
List.skip(list, guid, coll.replace(/ /g,''), offline, socket); }
if(coll != undefined) coll.replace(/ /g,'');
List.skip(list, guid, coll, offline, socket);
}); });
socket.on('conf', function(conf) socket.on('conf', function(conf)
{ {
if(conf.hasOwnProperty("channel") && conf.channel.indexOf("?") > -1){ if(conf.hasOwnProperty("channel") && conf.channel.indexOf("?") > -1){
var _list = conf.channel.substring(0, conf.channel.indexOf("?")); var _list = conf.channel.substring(0, conf.channel.indexOf("?"));
conf.channel = _list; conf.channel = _list;
} coll = conf.channel;
ListSettings.conf_function(conf, coll.replace(/ /g,''), guid, offline, socket); }
if(coll != undefined) coll.replace(/ /g,'');
ListSettings.conf_function(conf, coll, guid, offline, socket);
}); });
socket.on('shuffle', function(msg) socket.on('shuffle', function(msg)
{ {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
if(coll !== undefined) { if(coll !== undefined) {
try { try {
coll = msg.channel.toLowerCase().replace(/ /g,''); coll = msg.channel.toLowerCase().replace(/ /g,'');
@@ -474,8 +478,8 @@ module.exports = function() {
obj = {}; obj = {};
obj.channel = coll; obj.channel = coll;
} else if(obj.hasOwnProperty("channel") && obj.channel.indexOf("?") > -1){ } else if(obj.hasOwnProperty("channel") && obj.channel.indexOf("?") > -1){
var _list = obj.channel.substring(0, obj.channel.indexOf("?")); var _list = obj.channel.substring(0, obj.channel.indexOf("?"));
obj.channel = _list; obj.channel = _list;
} }
if(coll === undefined && obj !== undefined && obj.channel !== undefined){ if(coll === undefined && obj !== undefined && obj.channel !== undefined){
try { try {
@@ -505,9 +509,9 @@ module.exports = function() {
socket.on("left_channel", function(msg) { socket.on("left_channel", function(msg) {
if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){ if(msg.hasOwnProperty("channel") && msg.channel.indexOf("?") > -1){
var _list = msg.channel.substring(0, msg.channel.indexOf("?")); var _list = msg.channel.substring(0, msg.channel.indexOf("?"));
msg.channel = _list; msg.channel = _list;
} }
if(msg.hasOwnProperty("channel") && msg.channel != "" && typeof(msg.channel) == "string") { if(msg.hasOwnProperty("channel") && msg.channel != "" && typeof(msg.channel) == "string") {
coll = msg.channel.replace(/ /g,''); coll = msg.channel.replace(/ /g,'');
coll = emojiStrip(coll).toLowerCase(); coll = emojiStrip(coll).toLowerCase();
@@ -534,9 +538,9 @@ module.exports = function() {
socket.on('pos', function(obj) socket.on('pos', function(obj)
{ {
if(obj.hasOwnProperty("channel") && obj.channel.indexOf("?") > -1){ if(obj.hasOwnProperty("channel") && obj.channel.indexOf("?") > -1){
var _list = obj.channel.substring(0, obj.channel.indexOf("?")); var _list = obj.channel.substring(0, obj.channel.indexOf("?"));
obj.channel = _list; obj.channel = _list;
} }
if(!obj.hasOwnProperty("channel") || typeof(obj.channel) != "string") if(!obj.hasOwnProperty("channel") || typeof(obj.channel) != "string")
if(coll !== undefined) { if(coll !== undefined) {
try { try {
@@ -589,12 +593,12 @@ module.exports = function() {
/* /*
function send_ping() { function send_ping() {
db.collection("connected_users").update({users: {$exists: true}}, {$set: {users: []}}, {multi: true}, function(err, docs){ db.collection("connected_users").update({users: {$exists: true}}, {$set: {users: []}}, {multi: true}, function(err, docs){
db.collection("connected_users").update({"_id": "total_users"}, {$add: {total_users: 0}}, {multi: true}, function(err, docs){ db.collection("connected_users").update({"_id": "total_users"}, {$add: {total_users: 0}}, {multi: true}, function(err, docs){
db.collection("frontpage_lists").update({viewers: {$ne: 0}}, {$set: {"viewers": 0}}, {multi: true}, function(err, docs) { db.collection("frontpage_lists").update({viewers: {$ne: 0}}, {$set: {"viewers": 0}}, {multi: true}, function(err, docs) {
io.emit("self_ping"); io.emit("self_ping");
setTimeout(send_ping, 25000); setTimeout(send_ping, 25000);
}); });
}); });
}); });
}*/ }*/

10
server/routing/client/api.js
View File

@@ -1125,9 +1125,13 @@ router.route('/api/color').post(function(req, res) {
router.route('/api/imageblob').post(function(req, res) { router.route('/api/imageblob').post(function(req, res) {
var Jimp = require("jimp"); var Jimp = require("jimp");
var origin = req.get("origin").replace("https://", "").replace("http://", ""); try {
var allowed = ["client.localhost", "localhost", "zoff.me", "client.zoff.me", "zoff.no", "client.zoff.no"]; var origin = req.get("origin").replace("https://", "").replace("http://", "");
if(allowed.indexOf(origin) < 0) { var allowed = ["client.localhost", "localhost", "zoff.me", "client.zoff.me", "zoff.no", "client.zoff.no"];
if(allowed.indexOf(origin) < 0) {
throw "Wrong origin";
}
} catch(e) {
res.sendStatus(403); res.sendStatus(403);
return; return;
} }