cmc-cookies-consent v1.0.1
cookies-consent
This is temporary repository for testing common components
Getting Started
Prerequisites
Running the application requires the following tools to be installed in your environment:
Running the application
Install dependencies by executing the following command:
$ yarn install
Bundle:
$ yarn webpack
Run:
$ yarn start
The applications's home page will be available at https://localhost:3000
Running with Docker
Create docker image:
docker-compose build
Run the application by executing the following command:
docker-compose up
This will start the frontend container exposing the application's port
(set to 3000
in this template app).
In order to test if the application is up, you can visit https://localhost:3000 in your browser. You should get a very basic home page (no styles, etc.).
Developing
Code style
We use ESLint alongside sass-lint
Running the linting with auto fix:
$ yarn lint --fix
Running the tests
This template app uses Jest as the test engine. You can run unit tests by executing the following command:
$ yarn test
Here's how to run functional tests (the template contains just one sample test):
$ yarn test:routes
Running accessibility tests:
$ yarn test:a11y
Make sure all the paths in your application are covered by accessibility tests (see a11y.ts).
Security
CSRF prevention
Cross-Site Request Forgery prevention has already been
set up in this template, at the application level. However, you need to make sure that CSRF token
is present in every HTML form that requires it. For that purpose you can use the csrfProtection
macro,
included in this template app. Your njk file would look like this:
{% raw -%}
{% from "macros/csrf.njk" import csrfProtection %}
...
<form ...>
...
{{ csrfProtection(csrfToken) }}
...
</form>
...
{% endraw -%}
Helmet
This application uses Helmet, which adds various security-related HTTP headers to the responses. Apart from default Helmet functions, following headers are set:
There is a configuration section related with those headers, where you can specify:
referrerPolicy
- value of theReferrer-Policy
header
Here's an example setup:
"security": {
"referrerPolicy": "origin",
}
Make sure you have those values set correctly for your application.
Healthcheck
The application exposes a health endpoint (https://localhost:3000/health), created with the use of Nodejs Healthcheck library. This endpoint is defined in health.ts file. Make sure you adjust it correctly in your application. In particular, remember to replace the sample check with checks specific to your frontend app, e.g. the ones verifying the state of each service it depends on.
License
This project is licensed under the MIT License - see the LICENSE file for details