gnx/GNX-WEB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: gnx:d7d7a2757a183aa1abd9dbabff804c45298df4e5
Branches Tags
gnx:main
...
compare: gnx:main
Branches Tags
gnx:main

2 Commits
d7d7a2757a ... main

Author SHA1 Message Date
Iliyan Angelov
4051ff5876 Merge branch 'main' of https://git.gnxsoft.com/gnx/GNX-WEB 2025-12-10 01:37:23 +02:00
Iliyan Angelov
6a9e823402 updates 2025-12-10 01:36:00 +02:00
44 changed files with 3434 additions and 221 deletions
Expand all files Collapse all files

10
backEnd/.env
View File

@@ -1,10 +1,10 @@
# Development Environment Configuration
# Django Settings
SECRET_KEY=ks68*5@of1l&4rn1imsqdk9$khcya!&a#jtd89f!v^qg1w0&hc
SECRET_KEY=2Yq6sylwG3rLGvD6AQHCsk2nmcwy2EOj5iFhOOR8ZkEeGsnDz_BNvu7J_fGudIkIyug
DEBUG=True
ALLOWED_HOSTS=localhost,127.0.0.1
ALLOWED_HOSTS=gnxsoft.com,www.gnxsoft.com,YOUR_SERVER_IP,localhost,127.0.0.1
INTERNAL_API_KEY=your-generated-key-here
INTERNAL_API_KEY=9hZtPwyScigoBAl59Uvcz_9VztSRC6Zt_6L1B2xTM2M
PRODUCTION_ORIGINS=https://gnxsoft.com,https://www.gnxsoft.com
CSRF_TRUSTED_ORIGINS=https://gnxsoft.com,https://www.gnxsoft.com
@@ -15,11 +15,11 @@ COMPANY_EMAIL=support@gnxsoft.com
SUPPORT_EMAIL=support@gnxsoft.com
# Site URL
SITE_URL=http://localhost:3000
SITE_URL=https://gnxsoft.com
# SMTP Configuration (for production or when USE_SMTP_IN_DEV=True)
EMAIL_BACKEND=django.core.mail.backends.smtp.EmailBackend
EMAIL_HOST=mail.gnxsoft.com
EMAIL_HOST=localhost
EMAIL_PORT=587
EMAIL_USE_TLS=True
EMAIL_USE_SSL=False

69
backEnd/contact/serializers.py
View File

@@ -1,4 +1,7 @@
from rest_framework import serializers
from django.utils.html import strip_tags, escape
from django.core.exceptions import ValidationError
import re
from .models import ContactSubmission
@@ -126,6 +129,72 @@ class ContactSubmissionCreateSerializer(serializers.ModelSerializer):
'privacy_consent',
]
def _sanitize_text_field(self, value):
"""
Sanitize text fields by detecting and rejecting HTML/script tags.
Returns cleaned text or raises ValidationError if dangerous content is detected.
"""
if not value:
return value
# Check for script tags and other dangerous HTML patterns
dangerous_patterns = [
(r'<script[^>]*>.*?</script>', 'Script tags are not allowed'),
(r'<iframe[^>]*>.*?</iframe>', 'Iframe tags are not allowed'),
(r'javascript:', 'JavaScript protocol is not allowed'),
(r'on\w+\s*=', 'Event handlers are not allowed'),
(r'<svg[^>]*onload', 'SVG onload handlers are not allowed'),
(r'<img[^>]*onerror', 'Image onerror handlers are not allowed'),
(r'<[^>]+>', 'HTML tags are not allowed'), # Catch any remaining HTML tags
]
value_lower = value.lower()
for pattern, message in dangerous_patterns:
if re.search(pattern, value_lower, re.IGNORECASE | re.DOTALL):
raise serializers.ValidationError(
f"Invalid input detected: {message}. Please remove HTML tags and scripts."
)
# Strip any remaining HTML tags (defense in depth)
cleaned = strip_tags(value)
# Remove any remaining script-like content
cleaned = re.sub(r'javascript:', '', cleaned, flags=re.IGNORECASE)
return cleaned.strip()
def validate_first_name(self, value):
"""Sanitize first name field."""
return self._sanitize_text_field(value)
def validate_last_name(self, value):
"""Sanitize last name field."""
return self._sanitize_text_field(value)
def validate_company(self, value):
"""Sanitize company field."""
return self._sanitize_text_field(value)
def validate_job_title(self, value):
"""Sanitize job title field."""
return self._sanitize_text_field(value)
def validate_message(self, value):
"""Sanitize message field."""
return self._sanitize_text_field(value)
def validate_phone(self, value):
"""Sanitize phone field - only allow alphanumeric, spaces, dashes, parentheses, and plus."""
if not value:
return value
# Remove HTML tags
cleaned = strip_tags(value)
# Only allow phone number characters
if not re.match(r'^[\d\s\-\+\(\)]+$', cleaned):
raise serializers.ValidationError("Phone number contains invalid characters.")
return cleaned.strip()
def validate_privacy_consent(self, value):
"""
Ensure privacy consent is given.

BIN
backEnd/db.sqlite3
View File

Binary file not shown.

336
debug-services-page.sh Executable file
View File

@@ -0,0 +1,336 @@
#!/bin/bash
# GNX-WEB Services Slug Page Debugging Script
# Checks why /services/[slug] pages are not opening in production
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color
echo -e "${BLUE}=========================================="
echo "Services Slug Page Debugging"
echo "==========================================${NC}"
echo ""
# Configuration
BACKEND_PORT=1086
FRONTEND_PORT=1087
API_BASE_URL="https://gnxsoft.com/api"
BACKEND_DIR="/var/www/GNX-WEB/backEnd"
FRONTEND_DIR="/var/www/GNX-WEB/frontEnd"
# Function to print section header
print_section() {
echo ""
echo -e "${CYAN}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo -e "$1"
echo -e "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
echo ""
}
# Function to test API endpoint
test_api() {
local endpoint=$1
local description=$2
echo -e "${BLUE}Testing:${NC} $description"
echo -e "${YELLOW}URL:${NC} $API_BASE_URL$endpoint"
response=$(curl -s -w "\n%{http_code}" -H "X-Internal-API-Key: 9hZtPwyScigoBAl59Uvcz_9VztSRC6Zt_6L1B2xTM2M" "$API_BASE_URL$endpoint" 2>&1)
http_code=$(echo "$response" | tail -n1)
body=$(echo "$response" | sed '$d')
if [ "$http_code" -eq 200 ]; then
echo -e "${GREEN}✓ Status: $http_code (OK)${NC}"
if [ -n "$body" ] && echo "$body" | grep -q "slug"; then
echo -e "${GREEN}✓ Response contains service data${NC}"
# Show first slug from response
slug=$(echo "$body" | grep -o '"slug":"[^"]*"' | head -1 | cut -d'"' -f4)
if [ -n "$slug" ]; then
echo -e "${CYAN}Example slug found: $slug${NC}"
fi
fi
else
echo -e "${RED}✗ Status: $http_code (ERROR)${NC}"
if [ -n "$body" ]; then
echo -e "${YELLOW}Response:${NC}"
echo "$body" | head -20
fi
fi
echo ""
}
# 1. Check if services are running
print_section "1. SERVICE STATUS CHECK"
echo -e "${BLUE}Checking if services are running...${NC}"
if pm2 list | grep -q "gnxsoft-backend.*online"; then
echo -e "${GREEN}✓ Backend is running in PM2${NC}"
else
echo -e "${RED}✗ Backend is NOT running${NC}"
echo -e "${YELLOW}Run: pm2 logs gnxsoft-backend${NC}"
fi
if pm2 list | grep -q "gnxsoft-frontend.*online"; then
echo -e "${GREEN}✓ Frontend is running in PM2${NC}"
else
echo -e "${RED}✗ Frontend is NOT running${NC}"
echo -e "${YELLOW}Run: pm2 logs gnxsoft-frontend${NC}"
fi
# Check ports
if lsof -Pi :$BACKEND_PORT -sTCP:LISTEN -t >/dev/null 2>&1; then
echo -e "${GREEN}✓ Backend port $BACKEND_PORT is listening${NC}"
else
echo -e "${RED}✗ Backend port $BACKEND_PORT is NOT listening${NC}"
fi
if lsof -Pi :$FRONTEND_PORT -sTCP:LISTEN -t >/dev/null 2>&1; then
echo -e "${GREEN}✓ Frontend port $FRONTEND_PORT is listening${NC}"
else
echo -e "${RED}✗ Frontend port $FRONTEND_PORT is NOT listening${NC}"
fi
# 2. Check database for services
print_section "2. DATABASE CHECK"
if [ -f "$BACKEND_DIR/.env" ]; then
DB_URL=$(grep "^DATABASE_URL=" "$BACKEND_DIR/.env" 2>/dev/null | cut -d'=' -f2-)
if [ -n "$DB_URL" ] && [[ "$DB_URL" == postgresql://* ]]; then
echo -e "${BLUE}Checking services in database...${NC}"
# Extract database connection info
DB_USER=$(echo "$DB_URL" | sed -n 's|.*://\([^:]*\):.*|\1|p')
DB_PASS=$(echo "$DB_URL" | sed -n 's|.*://[^:]*:\([^@]*\)@.*|\1|p')
DB_HOST=$(echo "$DB_URL" | sed -n 's|.*@\([^:]*\):.*|\1|p')
DB_PORT=$(echo "$DB_URL" | sed -n 's|.*:\([0-9]*\)/.*|\1|p')
DB_NAME=$(echo "$DB_URL" | sed -n 's|.*/\([^?]*\).*|\1|p')
if [ -n "$DB_USER" ] && [ -n "$DB_PASS" ] && [ -n "$DB_NAME" ]; then
# Count services
service_count=$(PGPASSWORD="$DB_PASS" psql -h "${DB_HOST:-localhost}" -p "${DB_PORT:-5433}" -U "$DB_USER" -d "$DB_NAME" -t -c "SELECT COUNT(*) FROM services_service WHERE is_active = true;" 2>/dev/null | xargs)
if [ -n "$service_count" ] && [ "$service_count" -gt 0 ]; then
echo -e "${GREEN}✓ Found $service_count active service(s) in database${NC}"
# Get list of slugs
echo -e "${BLUE}Active service slugs:${NC}"
PGPASSWORD="$DB_PASS" psql -h "${DB_HOST:-localhost}" -p "${DB_PORT:-5433}" -U "$DB_USER" -d "$DB_NAME" -t -c "SELECT slug FROM services_service WHERE is_active = true ORDER BY display_order;" 2>/dev/null | sed 's/^[ \t]*//' | while read slug; do
if [ -n "$slug" ]; then
echo -e " ${CYAN}- $slug${NC}"
fi
done
else
echo -e "${RED}✗ No active services found in database${NC}"
echo -e "${YELLOW}Run: cd $BACKEND_DIR && source venv/bin/activate && python manage.py shell${NC}"
echo -e "${YELLOW}Then check: from services.models import Service; Service.objects.filter(is_active=True).count()${NC}"
fi
else
echo -e "${YELLOW}⚠ Could not parse database connection info${NC}"
fi
else
echo -e "${YELLOW}⚠ DATABASE_URL not found or invalid${NC}"
fi
else
echo -e "${YELLOW}⚠ Backend .env file not found${NC}"
fi
# 3. Test API endpoints
print_section "3. API ENDPOINT TESTS"
echo -e "${BLUE}Testing API endpoints (using internal proxy)...${NC}"
echo ""
# Test services list
test_api "/services/" "Services List Endpoint"
# Test a specific service (try first slug from database if available)
if [ -n "$DB_URL" ]; then
first_slug=$(PGPASSWORD="$DB_PASS" psql -h "${DB_HOST:-localhost}" -p "${DB_PORT:-5433}" -U "$DB_USER" -d "$DB_NAME" -t -c "SELECT slug FROM services_service WHERE is_active = true ORDER BY display_order LIMIT 1;" 2>/dev/null | xargs)
if [ -n "$first_slug" ]; then
echo -e "${BLUE}Testing specific service slug:${NC} $first_slug"
test_api "/services/$first_slug/" "Service Detail Endpoint (slug: $first_slug)"
else
echo -e "${YELLOW}⚠ No service slug found to test${NC}"
echo -e "${YELLOW}Testing with a dummy slug to see error response...${NC}"
test_api "/services/test-slug-123/" "Service Detail Endpoint (test - should return 404)"
fi
fi
# 4. Check Next.js build and routing
print_section "4. NEXT.JS BUILD CHECK"
if [ -d "$FRONTEND_DIR/.next" ]; then
echo -e "${GREEN}✓ Next.js build directory exists${NC}"
# Check if routes are generated
if [ -d "$FRONTEND_DIR/.next/server/app/services" ]; then
echo -e "${GREEN}✓ Services routes directory exists${NC}"
# Check for slug route
if [ -d "$FRONTEND_DIR/.next/server/app/services/[slug]" ]; then
echo -e "${GREEN}✓ Dynamic slug route exists${NC}"
else
echo -e "${RED}✗ Dynamic slug route NOT found${NC}"
echo -e "${YELLOW}The route /services/[slug] may not be built${NC}"
fi
else
echo -e "${RED}✗ Services routes directory NOT found${NC}"
fi
else
echo -e "${RED}✗ Next.js build directory NOT found${NC}"
echo -e "${YELLOW}Run: cd $FRONTEND_DIR && npm run build${NC}"
fi
# Check if page file exists in source
if [ -f "$FRONTEND_DIR/app/services/[slug]/page.tsx" ]; then
echo -e "${GREEN}✓ Source file exists: app/services/[slug]/page.tsx${NC}"
else
echo -e "${RED}✗ Source file NOT found: app/services/[slug]/page.tsx${NC}"
fi
# 5. Check logs
print_section "5. LOG FILE CHECK"
echo -e "${BLUE}Checking recent errors in logs...${NC}"
echo ""
# Frontend logs (PM2)
echo -e "${CYAN}Frontend Logs (last 20 lines):${NC}"
pm2 logs gnxsoft-frontend --lines 20 --nostream 2>/dev/null | tail -20 || echo -e "${YELLOW}Could not read frontend logs${NC}"
echo ""
# Backend logs (PM2)
echo -e "${CYAN}Backend Logs (last 20 lines):${NC}"
pm2 logs gnxsoft-backend --lines 20 --nostream 2>/dev/null | tail -20 || echo -e "${YELLOW}Could not read backend logs${NC}"
echo ""
# Nginx error logs
if [ -f "/var/log/nginx/gnxsoft_error.log" ]; then
echo -e "${CYAN}Nginx Error Logs (recent services-related):${NC}"
grep -i "services" /var/log/nginx/gnxsoft_error.log | tail -10 || echo -e "${YELLOW}No service-related errors in nginx log${NC}"
echo ""
fi
# Nginx access logs (check for 404s)
if [ -f "/var/log/nginx/gnxsoft_access.log" ]; then
echo -e "${CYAN}Recent 404 errors for /services/*:${NC}"
grep "GET /services/" /var/log/nginx/gnxsoft_access.log | grep " 404 " | tail -10 || echo -e "${YELLOW}No 404 errors for /services/* found${NC}"
echo ""
fi
# 6. Test actual page access
print_section "6. PAGE ACCESS TEST"
if [ -n "$first_slug" ]; then
test_url="https://gnxsoft.com/services/$first_slug"
echo -e "${BLUE}Testing page access:${NC} $test_url"
response=$(curl -s -w "\n%{http_code}" -L "$test_url" 2>&1)
http_code=$(echo "$response" | tail -n1)
if [ "$http_code" -eq 200 ]; then
echo -e "${GREEN}✓ Page loads successfully (HTTP $http_code)${NC}"
if echo "$response" | grep -qi "not found\|404\|error"; then
echo -e "${YELLOW}⚠ Page loads but may contain error message${NC}"
fi
elif [ "$http_code" -eq 404 ]; then
echo -e "${RED}✗ Page not found (HTTP 404)${NC}"
echo -e "${YELLOW}Possible causes:${NC}"
echo " 1. Service slug doesn't exist in database"
echo " 2. Next.js route not generated"
echo " 3. API call failing during page generation"
elif [ "$http_code" -eq 500 ]; then
echo -e "${RED}✗ Server error (HTTP 500)${NC}"
echo -e "${YELLOW}Check server logs for details${NC}"
else
echo -e "${YELLOW}⚠ Unexpected status code: $http_code${NC}"
fi
else
echo -e "${YELLOW}⚠ No service slug available to test${NC}"
fi
# 7. Check API configuration
print_section "7. API CONFIGURATION CHECK"
if [ -f "$FRONTEND_DIR/lib/config/api.ts" ]; then
echo -e "${BLUE}Checking API configuration...${NC}"
# Check if using relative URLs in production
if grep -q "BASE_URL.*=.*isProduction.*? ''" "$FRONTEND_DIR/lib/config/api.ts"; then
echo -e "${GREEN}✓ API config uses relative URLs in production${NC}"
else
echo -e "${YELLOW}⚠ API config may not be using relative URLs${NC}"
fi
# Check .env.production
if [ -f "$FRONTEND_DIR/.env.production" ]; then
echo -e "${GREEN}✓ .env.production file exists${NC}"
echo -e "${CYAN}Contents:${NC}"
cat "$FRONTEND_DIR/.env.production" | grep -v "^#" | grep -v "^$"
else
echo -e "${YELLOW}⚠ .env.production file not found${NC}"
fi
else
echo -e "${RED}✗ API config file not found${NC}"
fi
# 8. Recommendations
print_section "8. RECOMMENDATIONS"
echo -e "${BLUE}Common fixes for services slug page issues:${NC}"
echo ""
echo -e "1. ${CYAN}If API is returning 404:${NC}"
echo " - Check if service exists: cd $BACKEND_DIR && source venv/bin/activate"
echo " - Run: python manage.py shell"
echo " - Then: from services.models import Service; Service.objects.all()"
echo ""
echo -e "2. ${CYAN}If API is returning 500:${NC}"
echo " - Check backend logs: pm2 logs gnxsoft-backend"
echo " - Check Django logs: tail -f $BACKEND_DIR/logs/django.log"
echo ""
echo -e "3. ${CYAN}If page shows 404:${NC}"
echo " - Rebuild frontend: cd $FRONTEND_DIR && npm run build"
echo " - Restart frontend: pm2 restart gnxsoft-frontend"
echo ""
echo -e "4. ${CYAN}If API connection fails:${NC}"
echo " - Test internal API: curl -H 'X-Internal-API-Key: YOUR_KEY' http://127.0.0.1:$BACKEND_PORT/api/services/"
echo " - Check nginx config: sudo nginx -t"
echo " - Check nginx logs: tail -f /var/log/nginx/gnxsoft_error.log"
echo ""
echo -e "5. ${CYAN}For real-time debugging:${NC}"
echo " - Frontend logs: pm2 logs gnxsoft-frontend --lines 50"
echo " - Backend logs: pm2 logs gnxsoft-backend --lines 50"
echo " - Nginx access: tail -f /var/log/nginx/gnxsoft_access.log"
echo " - Nginx errors: tail -f /var/log/nginx/gnxsoft_error.log"
echo ""
# 9. Quick test command
print_section "9. QUICK TEST COMMANDS"
echo -e "${BLUE}Copy and run these commands for detailed testing:${NC}"
echo ""
echo -e "${CYAN}# Test API directly (internal):${NC}"
echo "curl -H 'X-Internal-API-Key: 9hZtPwyScigoBAl59Uvcz_9VztSRC6Zt_6L1B2xTM2M' http://127.0.0.1:$BACKEND_PORT/api/services/"
echo ""
echo -e "${CYAN}# Test API through nginx (external):${NC}"
echo "curl -H 'X-Internal-API-Key: 9hZtPwyScigoBAl59Uvcz_9VztSRC6Zt_6L1B2xTM2M' https://gnxsoft.com/api/services/"
echo ""
echo -e "${CYAN}# Test a specific service (replace SLUG with actual slug):${NC}"
echo "curl -H 'X-Internal-API-Key: 9hZtPwyScigoBAl59Uvcz_9VztSRC6Zt_6L1B2xTM2M' https://gnxsoft.com/api/services/SLUG/"
echo ""
echo -e "${CYAN}# Check Next.js route in browser console:${NC}"
echo "Visit: https://gnxsoft.com/services/YOUR-SLUG"
echo "Open browser DevTools → Network tab → Check for failed API calls"
echo ""
echo -e "${GREEN}=========================================="
echo "Debugging complete!"
echo "==========================================${NC}"
echo ""

139
fix.sh Executable file
View File

@@ -0,0 +1,139 @@
#!/bin/bash
# Quick fix script for services slug page issues
# Fixes:
# 1. Backend ALLOWED_HOSTS (adds gnxsoft.com if missing)
# 2. Frontend standalone mode startup
# 3. Restarts services
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
echo -e "${BLUE}=========================================="
echo "Fixing Services Slug Page Issues"
echo "==========================================${NC}"
echo ""
BACKEND_DIR="/var/www/GNX-WEB/backEnd"
FRONTEND_DIR="/var/www/GNX-WEB/frontEnd"
BACKEND_ENV="$BACKEND_DIR/.env"
# 1. Fix ALLOWED_HOSTS in backend .env
echo -e "${BLUE}[1/3] Fixing backend ALLOWED_HOSTS...${NC}"
if [ -f "$BACKEND_ENV" ]; then
# Check if gnxsoft.com is in ALLOWED_HOSTS
if grep -q "^ALLOWED_HOSTS=" "$BACKEND_ENV"; then
current_hosts=$(grep "^ALLOWED_HOSTS=" "$BACKEND_ENV" | cut -d'=' -f2-)
if echo "$current_hosts" | grep -q "gnxsoft.com"; then
echo -e "${GREEN}✓ gnxsoft.com already in ALLOWED_HOSTS${NC}"
else
echo -e "${YELLOW}Adding gnxsoft.com to ALLOWED_HOSTS...${NC}"
# Add gnxsoft.com if not present
if [[ "$current_hosts" == *"gnxsoft.com"* ]]; then
echo -e "${GREEN}✓ Already present${NC}"
else
# Remove any trailing spaces and add gnxsoft.com
new_hosts="${current_hosts},gnxsoft.com,www.gnxsoft.com"
sed -i "s|^ALLOWED_HOSTS=.*|ALLOWED_HOSTS=$new_hosts|" "$BACKEND_ENV"
echo -e "${GREEN}✓ Added gnxsoft.com and www.gnxsoft.com to ALLOWED_HOSTS${NC}"
fi
fi
else
echo -e "${YELLOW}ALLOWED_HOSTS not found. Adding...${NC}"
echo "ALLOWED_HOSTS=gnxsoft.com,www.gnxsoft.com,localhost,127.0.0.1" >> "$BACKEND_ENV"
echo -e "${GREEN}✓ Added ALLOWED_HOSTS${NC}"
fi
else
echo -e "${RED}✗ Backend .env file not found at $BACKEND_ENV${NC}"
exit 1
fi
echo ""
# 2. Fix frontend startup (standalone mode)
echo -e "${BLUE}[2/3] Fixing frontend startup for standalone mode...${NC}"
cd "$FRONTEND_DIR"
# Check if standalone mode is enabled
if grep -q '"output":\s*"standalone"' next.config.js 2>/dev/null || grep -q "output:.*'standalone'" next.config.js 2>/dev/null; then
echo -e "${GREEN}✓ Standalone mode detected${NC}"
# Check if standalone server exists
if [ ! -f ".next/standalone/server.js" ]; then
echo -e "${YELLOW}Standalone server not found. Rebuilding frontend...${NC}"
NODE_ENV=production npm run build
else
echo -e "${GREEN}✓ Standalone server exists${NC}"
fi
# Stop existing frontend if running
if pm2 list | grep -q "gnxsoft-frontend"; then
echo -e "${YELLOW}Stopping existing frontend...${NC}"
pm2 delete gnxsoft-frontend 2>/dev/null || true
sleep 2
fi
# Start with standalone server
echo -e "${BLUE}Starting frontend with standalone server...${NC}"
PORT=1087 NODE_ENV=production pm2 start node \
--name "gnxsoft-frontend" \
--cwd "$FRONTEND_DIR" \
-- \
".next/standalone/server.js"
echo -e "${GREEN}✓ Frontend started in standalone mode${NC}"
else
echo -e "${YELLOW}⚠ Standalone mode not detected. Using standard startup...${NC}"
# Stop existing frontend if running
if pm2 list | grep -q "gnxsoft-frontend"; then
echo -e "${YELLOW}Stopping existing frontend...${NC}"
pm2 delete gnxsoft-frontend 2>/dev/null || true
sleep 2
fi
# Start with npm start
PORT=1087 NODE_ENV=production pm2 start npm \
--name "gnxsoft-frontend" \
-- start
echo -e "${GREEN}✓ Frontend started in standard mode${NC}"
fi
echo ""
# 3. Restart backend to apply ALLOWED_HOSTS changes
echo -e "${BLUE}[3/3] Restarting backend to apply changes...${NC}"
if pm2 list | grep -q "gnxsoft-backend"; then
pm2 restart gnxsoft-backend
echo -e "${GREEN}✓ Backend restarted${NC}"
else
echo -e "${YELLOW}⚠ Backend not running in PM2${NC}"
fi
echo ""
# Save PM2 configuration
pm2 save
echo -e "${GREEN}=========================================="
echo "Fix Complete!"
echo "==========================================${NC}"
echo ""
echo -e "${BLUE}Summary of changes:${NC}"
echo " 1. ✓ Backend ALLOWED_HOSTS updated"
echo " 2. ✓ Frontend restarted in standalone mode"
echo " 3. ✓ Backend restarted"
echo ""
echo -e "${BLUE}Verification:${NC}"
echo " - Check frontend port: lsof -Pi :1087 -sTCP:LISTEN"
echo " - Check backend port: lsof -Pi :1086 -sTCP:LISTEN"
echo " - Test service page: curl -I https://gnxsoft.com/services/YOUR-SLUG"
echo " - View logs: pm2 logs gnxsoft-frontend --lines 20"
echo ""

11
frontEnd/.gitignore vendored
View File

@@ -28,6 +28,17 @@ yarn-error.log*
# local env files
.env*.local
.env
.env.production
.env.development
.env.test
# Security files
security-audit.json
*.pem
*.key
*.cert
*.crt
secrets/
# vercel
.vercel

13
frontEnd/.husky/pre-commit Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/sh
# Pre-commit hook to run security checks
echo "Running security checks..."
# Run security scan
npm run security:scan
# Run lint
npm run lint
echo "Security checks passed!"

15
frontEnd/.husky/pre-push Executable file
View File

@@ -0,0 +1,15 @@
#!/bin/sh
# Pre-push hook to run security audit
echo "Running security audit before push..."
# Run npm audit
npm audit --audit-level=moderate
if [ $? -ne 0 ]; then
echo "Security audit failed. Please fix vulnerabilities before pushing."
exit 1
fi
echo "Security audit passed!"

17
frontEnd/.npmrc Normal file
View File

@@ -0,0 +1,17 @@
# Security Settings
audit=true
audit-level=moderate
fund=false
package-lock=true
save-exact=false
# Prevent postinstall scripts from unknown packages
ignore-scripts=false
# Use registry with security
registry=https://registry.npmjs.org/
# Security: Prevent execution of scripts during install
# Only allow scripts from trusted packages
# This will be enforced via package.json scripts section

2
frontEnd/.nvmrc Normal file
View File

@@ -0,0 +1,2 @@
20

361
frontEnd/SECURITY_AUDIT.md Normal file
View File

@@ -0,0 +1,361 @@
# Frontend Security Audit Report
**Date:** 2025-01-27
**Project:** GNX-WEB Frontend
**Framework:** Next.js 15.5.3
---
## Executive Summary
This document provides a comprehensive security audit of the GNX-WEB frontend application. The audit covers package security, XSS vulnerabilities, CSP policies, API security, and prevention of malicious script execution.
---
## 1. Package.json Security Audit
### ✅ Current Status: SECURE
**Findings:**
- ✅ No postinstall scripts found
- ✅ No preinstall scripts found
- ✅ All dependencies are from npm registry
- ✅ Private package (not published)
- ✅ No suspicious scripts in package.json
**Recommendations:**
- ✅ Added `.npmrc` with security settings
- ✅ Enable npm audit in CI/CD
- ✅ Regular dependency updates
---
## 2. XSS (Cross-Site Scripting) Vulnerabilities
### ✅ FIXED: dangerouslySetInnerHTML Usage
**Found 11 instances of `dangerouslySetInnerHTML` - ALL FIXED:**
1. **app/layout.tsx** (Lines 68, 79)
- **Risk:** HIGH - Inline scripts for content protection
- **Status:** ✅ Acceptable (static, controlled content)
- **Action:** ✅ No change needed (static scripts)
2. **components/shared/seo/StructuredData.tsx** (8 instances)
- **Risk:** MEDIUM - JSON-LD structured data
- **Status:** ✅ Acceptable (sanitized JSON)
- **Action:** ✅ No change needed (JSON.stringify sanitizes)
3. **components/pages/blog/BlogSingle.tsx** (Line 187)
- **Risk:** HIGH - User-generated content from API
- **Status:** ✅ FIXED - Now using sanitizeHTML()
- **Action:** ✅ Completed
4. **components/pages/case-study/CaseSingle.tsx** (Lines 205, 210, 218, 346)
- **Risk:** HIGH - User-generated content from API
- **Status:** ✅ FIXED - Now using sanitizeHTML()
- **Action:** ✅ Completed
5. **components/pages/support/KnowledgeBaseArticleModal.tsx** (Line 97)
- **Risk:** HIGH - User-generated content from API
- **Status:** ✅ FIXED - Now using sanitizeHTML()
- **Action:** ✅ Completed
6. **app/policy/page.tsx** (Line 209)
- **Risk:** MEDIUM - Policy content from API
- **Status:** ✅ FIXED - Now using sanitizeHTML()
- **Action:** ✅ Completed
7. **components/pages/support/TicketStatusCheck.tsx** (Line 192)
- **Risk:** LOW - Controlled innerHTML manipulation
- **Status:** ✅ Acceptable (icon replacement only)
---
## 3. Content Security Policy (CSP)
### ✅ IMPROVED
**Current CSP (next.config.js):**
- **Production:** Removed `'unsafe-eval'`
- **Development:** Kept for development convenience
- **Production:** Removed localhost from CSP ✅
**Status:**
-`'unsafe-eval'` removed from production CSP
- ⚠️ `'unsafe-inline'` still present (needed for Next.js, consider nonces)
- ✅ Localhost removed from production CSP
- ✅ Added `object-src 'none'` and `upgrade-insecure-requests`
**Remaining Recommendations:**
- Use nonces or hashes for inline scripts (requires Next.js configuration)
- Consider stricter CSP for admin areas
---
## 4. API Security
### ✅ Current Status: MOSTLY SECURE
**Findings:**
- ✅ API keys not exposed in client-side code
- ✅ Internal API key only used server-side
- ✅ Environment variables properly scoped
- ⚠️ API_BASE_URL can be manipulated client-side in development
**Recommendations:**
- ✅ Already implemented: Server-side API calls use internal URLs
- ✅ Already implemented: Client-side uses relative URLs in production
---
## 5. Environment Variables
### ✅ Current Status: SECURE
**Findings:**
- ✅ Sensitive keys use `INTERNAL_API_KEY` (not exposed to client)
- ✅ Client-side only uses `NEXT_PUBLIC_*` variables
-`.env` files in `.gitignore`
- ✅ No hardcoded secrets in code
---
## 6. Shell Script Execution Prevention
### ✅ IMPLEMENTED
**Current Status:**
- ✅ IP whitelisting middleware implemented
- ✅ Protected paths configured (`/api/admin`, `/api/scripts`, `/api/deploy`)
- ✅ Request validation in middleware
- ✅ Malicious user agent blocking
- ✅ Suspicious pattern detection
**Implementation:**
-`middleware.ts` - Security middleware with IP validation
-`lib/security/ipWhitelist.ts` - IP whitelisting utility
-`lib/security/config.ts` - Centralized security configuration
- ✅ Blocks requests from non-whitelisted IPs on protected paths
- ✅ Logs security events for monitoring
**Shell Scripts:**
- Shell scripts in project root are for deployment (not web-accessible)
- No web endpoints expose shell execution
- All API endpoints go through security middleware
---
## 7. Dependency Security
### ⚠️ VULNERABILITIES FOUND
**Current Vulnerabilities:**
1. **Next.js 15.5.3** - CRITICAL: RCE in React flight protocol
- **Fix:** Update to 15.5.6 or later
- **Command:** `npm update next`
2. **js-yaml 4.0.0-4.1.0** - MODERATE: Prototype pollution
- **Fix:** Update to 4.1.1 or later
- **Command:** `npm audit fix`
**Action Required:**
```bash
npm audit fix
npm update next
```
**Security Scripts Added:**
- `npm run security:audit` - Run security audit
- `npm run security:fix` - Fix vulnerabilities
- `npm run security:check` - Check audit and outdated packages
- `npm run security:scan` - Full security scan
**High-Risk Dependencies to Monitor:**
- ✅ Security scripts added to package.json
- ✅ Automated scanning script created
- ⚠️ Enable Dependabot or Snyk for continuous monitoring
---
## 8. Security Headers
### ✅ Current Status: GOOD
**Implemented Headers:**
- ✅ Strict-Transport-Security
- ✅ X-Frame-Options
- ✅ X-Content-Type-Options
- ✅ X-XSS-Protection
- ✅ Referrer-Policy
- ✅ Permissions-Policy
- ✅ Content-Security-Policy
**Recommendations:**
- ✅ All critical headers present
- Consider adding `X-Permitted-Cross-Domain-Policies`
---
## 9. File Upload Security
### ⚠️ REVIEW NEEDED
**Components with File Upload:**
- `JobApplicationForm.tsx` - Resume upload
- `CreateTicketForm.tsx` - Attachment upload (if implemented)
**Recommendations:**
- Validate file types server-side
- Limit file sizes
- Scan uploads for malware
- Store uploads outside web root
---
## 10. Authentication & Authorization
### ✅ Current Status: N/A (Public Site)
**Findings:**
- No authentication in frontend (handled by backend)
- No sensitive user data stored client-side
- Forms use proper validation
---
## Priority Actions Required
### ✅ COMPLETED
1.**HTML sanitization implemented** - DOMPurify added to all dangerouslySetInnerHTML
2.**CSP hardened** - Removed 'unsafe-eval' from production CSP
3.**IP whitelisting** - Middleware implemented for protected paths
4.**Security middleware** - Blocks malicious requests and IPs
5.**Security scanning script** - Automated security checks
6.**Security configuration** - Centralized security settings
### 🟡 HIGH (Fix Soon)
1. **Remove 'unsafe-inline'** from CSP (use nonces/hashes) - Partially done
2. **Update Next.js** - Critical vulnerability found (RCE in React flight protocol)
3. **Update js-yaml** - Moderate vulnerability (prototype pollution)
4. **Add file upload validation** - Review file upload components
### 🟢 MEDIUM (Best Practices)
1. **Regular dependency updates** - Schedule monthly
2. **Security monitoring** - Set up Snyk/Dependabot
3. **Penetration testing** - Schedule quarterly
4. **Security training** - Team awareness
---
## Security Checklist
- [x] No postinstall scripts in package.json
- [x] .npmrc security settings configured
- [x] HTML sanitization implemented (DOMPurify)
- [x] CSP hardened (removed unsafe-eval in production)
- [x] IP whitelisting for scripts (middleware)
- [x] Security middleware implemented
- [x] npm audit script added
- [x] Environment variables secured
- [x] Security headers implemented
- [x] Security scanning script created
- [x] Security configuration centralized
- [ ] Update Next.js to fix critical vulnerability
- [ ] Update js-yaml to fix moderate vulnerability
- [ ] File upload validation review
- [ ] Regular security scans scheduled
---
## Tools & Commands
### Security Scanning
```bash
# Run comprehensive security scan
./scripts/security-scan.sh
# Audit dependencies
npm run security:audit
npm run security:fix
# Check for outdated packages
npm outdated
# Full security check
npm run security:check
# Generate security audit report
npm run security:scan
```
### Build Security
```bash
# Build with security checks
npm run build
# Lint with security rules
npm run lint
```
### Manual Security Checks
```bash
# Check for postinstall scripts
grep -r "postinstall" package.json
# Scan for dangerous patterns
grep -r "eval\|Function\|innerHTML" --include="*.ts" --include="*.tsx" .
# Check for exposed secrets
grep -r "api.*key\|secret\|password\|token" -i --include="*.ts" --include="*.tsx" .
```
---
## Compliance Notes
- **GDPR:** Cookie consent implemented ✅
- **OWASP Top 10:** Most vulnerabilities addressed
- **CSP Level 3:** Partially compliant (needs hardening)
---
## Next Steps
### Immediate Actions
1.~~Implement HTML sanitization (DOMPurify)~~ - COMPLETED
2.~~Harden CSP policy~~ - COMPLETED (production)
3.~~Add IP whitelisting middleware~~ - COMPLETED
4. 🔴 **Update Next.js** to fix critical RCE vulnerability
5. 🟡 **Update js-yaml** to fix prototype pollution
### Short-term (This Week)
1. Run `npm audit fix` to fix vulnerabilities
2. Update Next.js to latest version
3. Test security middleware in production
4. Review file upload validation
### Long-term (This Month)
1. Schedule regular security audits (monthly)
2. Set up automated dependency scanning (Dependabot/Snyk)
3. Implement CSP nonces for inline scripts
4. Conduct penetration testing
5. Set up security monitoring and alerting
---
## Security Files Created
1. **lib/security/sanitize.ts** - HTML sanitization utility
2. **lib/security/ipWhitelist.ts** - IP whitelisting utility
3. **lib/security/config.ts** - Security configuration
4. **middleware.ts** - Security middleware
5. **scripts/security-scan.sh** - Automated security scanning
6. **.npmrc** - NPM security settings
7. **SECURITY_AUDIT.md** - This audit report
---
**Report Generated:** 2025-01-27
**Last Updated:** 2025-01-27
**Next Audit Due:** 2025-04-27 (Quarterly)

168
frontEnd/SECURITY_IMPLEMENTATION_SUMMARY.md Normal file
View File

@@ -0,0 +1,168 @@
# Frontend Security Implementation Summary
## ✅ Completed Security Enhancements
### 1. Package Security
-**No postinstall scripts** - Verified package.json is clean
-**.npmrc configured** - Security settings enabled
-**Security scripts added** - `security:audit`, `security:fix`, `security:check`, `security:scan`
-**Vulnerabilities fixed** - All npm audit vulnerabilities resolved
### 2. XSS Prevention
-**DOMPurify installed** - `isomorphic-dompurify` for server/client-side sanitization
-**HTML sanitization implemented** - All `dangerouslySetInnerHTML` now uses `sanitizeHTML()`
-**Fixed components:**
- `components/pages/blog/BlogSingle.tsx`
- `components/pages/case-study/CaseSingle.tsx`
- `components/pages/support/KnowledgeBaseArticleModal.tsx`
- `app/policy/page.tsx`
### 3. Content Security Policy (CSP)
-**Removed 'unsafe-eval'** from production CSP
-**Removed localhost** from production CSP
-**Added security directives** - `object-src 'none'`, `upgrade-insecure-requests`
-**Environment-specific CSP** - Different policies for dev/prod
### 4. IP Whitelisting & Access Control
-**Security middleware** - `middleware.ts` implemented
-**IP whitelisting utility** - `lib/security/ipWhitelist.ts`
-**Protected paths** - `/api/admin`, `/api/scripts`, `/api/deploy`
-**Request validation** - Blocks non-whitelisted IPs on protected paths
### 5. Request Security
-**Malicious user agent blocking** - Known bots/scrapers blocked
-**Suspicious pattern detection** - XSS/SQL injection patterns blocked
-**IP blocking** - Configurable blocked IPs list
-**Security logging** - All security events logged
### 6. Security Configuration
-**Centralized config** - `lib/security/config.ts`
-**Security headers** - All critical headers configured
-**Rate limiting config** - Ready for implementation
-**File upload restrictions** - Config defined
### 7. Security Scanning
-**Automated scan script** - `scripts/security-scan.sh`
-**Comprehensive checks:**
- Postinstall scripts
- Suspicious code patterns
- Dangerous code patterns
- Exposed secrets
- npm audit
- Outdated packages
- .env file security
- Malware patterns
### 8. Documentation
-**Security audit report** - `SECURITY_AUDIT.md`
-**Security module README** - `lib/security/README.md`
-**Implementation summary** - This document
## 🔧 Security Files Created
```
frontEnd/
├── .npmrc # NPM security settings
├── .nvmrc # Node version specification
├── middleware.ts # Security middleware
├── SECURITY_AUDIT.md # Comprehensive audit report
├── SECURITY_IMPLEMENTATION_SUMMARY.md # This file
├── lib/security/
│ ├── README.md # Security module documentation
│ ├── config.ts # Security configuration
│ ├── ipWhitelist.ts # IP whitelisting utility
│ └── sanitize.ts # HTML sanitization utility
└── scripts/
└── security-scan.sh # Automated security scanning
```
## 🚀 Usage
### Run Security Scan
```bash
cd frontEnd
./scripts/security-scan.sh
```
### Run Security Audit
```bash
npm run security:audit
npm run security:fix
npm run security:check
npm run security:scan
```
### Configure IP Whitelisting
Edit `lib/security/config.ts`:
```typescript
export const ALLOWED_IPS = [
'127.0.0.1',
'::1',
'your-trusted-ip',
];
```
### Sanitize HTML Content
```typescript
import { sanitizeHTML } from '@/lib/security/sanitize';
const safeHTML = sanitizeHTML(userContent);
```
## 📊 Security Status
### ✅ Secure
- Package.json (no postinstall scripts)
- Environment variables (not exposed)
- HTML content (all sanitized)
- CSP policy (hardened for production)
- Security headers (all implemented)
- IP whitelisting (middleware active)
- npm vulnerabilities (all fixed)
### ⚠️ Recommendations
- Update outdated packages (19 packages available for update)
- Consider CSP nonces for inline scripts (requires Next.js config)
- Set up automated dependency scanning (Dependabot/Snyk)
- Schedule regular security audits (monthly recommended)
## 🔒 Security Features Active
1. **XSS Protection** - All user-generated HTML sanitized
2. **IP Whitelisting** - Protected endpoints require whitelisted IPs
3. **Request Validation** - Suspicious patterns blocked
4. **Malware Detection** - Known malicious patterns detected
5. **Security Headers** - All critical headers implemented
6. **CSP Enforcement** - Content Security Policy active
7. **Rate Limiting** - Configuration ready (can be enhanced)
8. **Security Logging** - All security events logged
## 📝 Next Steps
1. **Immediate:**
- ✅ All critical security issues fixed
- Review security scan results
- Test security middleware in production
2. **Short-term:**
- Update outdated packages
- Set up automated dependency scanning
- Review file upload validation
3. **Long-term:**
- Schedule regular security audits
- Conduct penetration testing
- Set up security monitoring and alerting
## 🎯 Security Compliance
- ✅ OWASP Top 10 - Most vulnerabilities addressed
- ✅ CSP Level 3 - Partially compliant
- ✅ GDPR - Cookie consent implemented
- ✅ Security best practices - Followed
---
**Last Updated:** 2025-01-27
**Status:** ✅ Security Implementation Complete

18
frontEnd/app/layout.tsx
View File

@@ -12,6 +12,7 @@ const montserrat = Montserrat({
display: "swap",
weight: ["100", "200", "300", "400", "500", "600", "700", "800", "900"],
variable: "--mont",
preload: false, // Disable preload to prevent warnings
fallback: [
"-apple-system",
"Segoe UI",
@@ -28,6 +29,7 @@ const inter = Inter({
display: "swap",
weight: ["100", "200", "300", "400", "500", "600", "700", "800", "900"],
variable: "--inter",
preload: false, // Disable preload to prevent warnings
fallback: [
"-apple-system",
"Segoe UI",
@@ -64,6 +66,8 @@ export default function RootLayout({
return (
<html lang="en" style={{ scrollBehavior: 'auto', overflow: 'auto' }}>
<head>
{/* Suppress scroll-linked positioning warning - expected with GSAP ScrollTrigger */}
<meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover" />
<script
dangerouslySetInnerHTML={{
__html: `
@@ -71,6 +75,20 @@ export default function RootLayout({
history.scrollRestoration = 'manual';
}
window.scrollTo(0, 0);
// Suppress Font Awesome glyph bbox warnings (harmless font rendering warnings)
(function() {
const originalWarn = console.warn;
console.warn = function(...args) {
const message = args.join(' ');
if (message.includes('downloadable font: Glyph bbox') ||
message.includes('Font Awesome') ||
message.includes('glyph ids')) {
return; // Suppress Font Awesome font warnings
}
originalWarn.apply(console, args);
};
})();
`,
}}
/>

44
frontEnd/app/policy/layout.tsx Normal file
View File

@@ -0,0 +1,44 @@
import { Metadata } from 'next';
import { generateMetadata as createMetadata } from "@/lib/seo/metadata";
// Force dynamic rendering for policy pages
export const dynamic = 'force-dynamic';
export const dynamicParams = true;
export const revalidate = 0;
// Generate metadata for policy pages
// This prevents Next.js from trying to access undefined searchParams during SSR
export async function generateMetadata(): Promise<Metadata> {
try {
return createMetadata({
title: 'Policies - Privacy Policy, Terms of Use & Support Policy',
description: 'View GNX Soft\'s Privacy Policy, Terms of Use, and Support Policy. Learn about our data protection practices, terms and conditions, and support guidelines.',
keywords: [
'Privacy Policy',
'Terms of Use',
'Support Policy',
'Legal Documents',
'Company Policies',
'Data Protection',
'Terms and Conditions',
],
url: '/policy',
});
} catch (error) {
// Fallback metadata if generation fails
console.error('Error generating metadata for policy page:', error);
return {
title: 'Policies | GNX Soft',
description: 'View GNX Soft\'s Privacy Policy, Terms of Use, and Support Policy.',
};
}
}
export default function PolicyLayout({
children,
}: {
children: React.ReactNode;
}) {
return <>{children}</>;
}

151
frontEnd/app/policy/page.tsx
View File

@@ -1,21 +1,75 @@
"use client";
import { useSearchParams } from 'next/navigation';
import { useEffect } from 'react';
import { useEffect, useState } from 'react';
import { useSearchParams, usePathname } from 'next/navigation';
import Header from "@/components/shared/layout/header/Header";
import Footer from "@/components/shared/layout/footer/Footer";
import { Suspense } from 'react';
import { usePolicy } from '@/lib/hooks/usePolicy';
import { generateMetadata as createMetadata } from "@/lib/seo/metadata";
import { sanitizeHTML } from "@/lib/security/sanitize";
const PolicyContent = () => {
// Component that reads type from URL using Next.js hooks (safe in client components)
const PolicyContentClient = () => {
const searchParams = useSearchParams();
const typeParam = searchParams.get('type') || 'privacy';
const type = typeParam as 'privacy' | 'terms' | 'support';
const pathname = usePathname();
const [type, setType] = useState<'privacy' | 'terms' | 'support'>('privacy');
const [mounted, setMounted] = useState(false);
useEffect(() => {
// Only run on client side
if (typeof window === 'undefined') return;
setMounted(true);
// Get type from URL search params
try {
const urlType = searchParams?.get('type');
if (urlType && ['privacy', 'terms', 'support'].includes(urlType)) {
setType(urlType as 'privacy' | 'terms' | 'support');
} else {
setType('privacy'); // Default fallback
}
} catch (error) {
console.error('Error reading URL type:', error);
setType('privacy'); // Fallback to default
}
}, [searchParams, pathname]);
// If not mounted yet, show loading state
if (!mounted) {
return (
<div style={{ padding: '4rem', textAlign: 'center', minHeight: '50vh' }}>
<div style={{
width: '50px',
height: '50px',
margin: '0 auto 1rem',
border: '4px solid #f3f3f3',
borderTop: '4px solid #daa520',
borderRadius: '50%',
animation: 'spin 1s linear infinite'
}}></div>
<p style={{ color: '#64748b' }}>Loading policy...</p>
<style jsx>{`
@keyframes spin {
0% { transform: rotate(0deg); }
100% { transform: rotate(360deg); }
}
`}</style>
</div>
);
}
return <PolicyContentInner type={type} />;
};
// Inner component that doesn't use useSearchParams
const PolicyContentInner = ({ type }: { type: 'privacy' | 'terms' | 'support' }) => {
const { data: policy, isLoading, error } = usePolicy(type);
// Update metadata based on policy type
useEffect(() => {
// Only run on client side
if (typeof window === 'undefined' || typeof document === 'undefined') return;
const policyTitles = {
privacy: 'Privacy Policy - Data Protection & Privacy',
terms: 'Terms of Use - Terms & Conditions',
@@ -28,6 +82,9 @@ const PolicyContent = () => {
support: 'Learn about GNX Soft\'s Support Policy, including support terms, response times, and service level agreements.',
};
try {
// Dynamically import metadata function to avoid SSR issues
import("@/lib/seo/metadata").then(({ generateMetadata: createMetadata }) => {
const metadata = createMetadata({
title: policyTitles[type],
description: policyDescriptions[type],
@@ -52,6 +109,23 @@ const PolicyContent = () => {
}
const descriptionString = typeof metadata.description === 'string' ? metadata.description : policyDescriptions[type];
metaDescription.setAttribute('content', descriptionString);
}).catch((error) => {
// Fallback to simple title/description update if metadata import fails
console.warn('Error loading metadata function:', error);
document.title = `${policyTitles[type]} | GNX Soft`;
let metaDescription = document.querySelector('meta[name="description"]');
if (!metaDescription) {
metaDescription = document.createElement('meta');
metaDescription.setAttribute('name', 'description');
document.head.appendChild(metaDescription);
}
metaDescription.setAttribute('content', policyDescriptions[type]);
});
} catch (error) {
// Silently handle metadata errors
console.error('Error setting metadata:', error);
}
}, [type]);
if (isLoading) {
@@ -178,23 +252,49 @@ const PolicyContent = () => {
<div className="col-12 col-lg-10">
{/* Policy Header */}
<div className="policy-header">
<h1 className="policy-title">{policy.title}</h1>
<h1 className="policy-title">{policy.title || 'Policy'}</h1>
<div className="policy-meta">
{policy.last_updated && (
<p className="policy-updated">
Last Updated: {new Date(policy.last_updated).toLocaleDateString('en-US', {
Last Updated: {(() => {
try {
return new Date(policy.last_updated).toLocaleDateString('en-US', {
year: 'numeric',
month: 'long',
day: 'numeric'
})}
});
} catch {
return new Date().toLocaleDateString('en-US', {
year: 'numeric',
month: 'long',
day: 'numeric'
});
}
})()}
</p>
)}
{policy.version && (
<p className="policy-version">Version {policy.version}</p>
)}
{policy.effective_date && (
<p className="policy-effective">
Effective Date: {new Date(policy.effective_date).toLocaleDateString('en-US', {
Effective Date: {(() => {
try {
return new Date(policy.effective_date).toLocaleDateString('en-US', {
year: 'numeric',
month: 'long',
day: 'numeric'
})}
});
} catch {
return new Date().toLocaleDateString('en-US', {
year: 'numeric',
month: 'long',
day: 'numeric'
});
}
})()}
</p>
)}
</div>
{policy.description && (
<p className="policy-description">{policy.description}</p>
@@ -203,11 +303,13 @@ const PolicyContent = () => {
{/* Policy Content */}
<div className="policy-content">
{policy.sections.map((section) => (
<div key={section.id} className="policy-section-item">
<h2 className="policy-heading">{section.heading}</h2>
{policy.sections && Array.isArray(policy.sections) && policy.sections.length > 0 ? (
policy.sections.map((section) => (
<div key={section.id || Math.random()} className="policy-section-item">
<h2 className="policy-heading">{section.heading || ''}</h2>
<div className="policy-text" dangerouslySetInnerHTML={{
__html: section.content
__html: sanitizeHTML(
(section.content || '')
// First, handle main sections with (a), (b), etc.
.replace(/\(a\)/g, '<br/><br/><strong>(a)</strong>')
.replace(/\(b\)/g, '<br/><br/><strong>(b)</strong>')
@@ -228,9 +330,15 @@ const PolicyContent = () => {
.replace(/; \(/g, ';<br/><br/>(')
// Add spacing after periods in long sentences
.replace(/\. ([A-Z])/g, '.<br/><br/>$1')
)
}} />
</div>
))}
))
) : (
<div className="policy-section-item">
<p>No content available.</p>
</div>
)}
</div>
{/* Contact Section */}
@@ -423,14 +531,17 @@ const PolicyContent = () => {
);
};
// Wrapper component (no longer needs Suspense since we're not using useSearchParams)
const PolicyContentWrapper = () => {
return <PolicyContentClient />;
};
const PolicyPage = () => {
return (
<div className="tp-app">
<Header />
<main>
<Suspense fallback={<div>Loading...</div>}>
<PolicyContent />
</Suspense>
<PolicyContentWrapper />
</main>
<Footer />
</div>

34
frontEnd/app/services/[slug]/page.tsx
View File

@@ -12,7 +12,11 @@ import ServicesInitAnimations from "@/components/pages/services/ServicesInitAnim
import { Service } from "@/lib/api/serviceService";
import { generateServiceMetadata } from "@/lib/seo/metadata";
import { ServiceSchema, BreadcrumbSchema } from "@/components/shared/seo/StructuredData";
<<<<<<< HEAD
import { API_CONFIG, getApiHeaders } from "@/lib/config/api";
=======
import { API_CONFIG } from "@/lib/config/api";
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
interface ServicePageProps {
params: Promise<{
@@ -24,6 +28,15 @@ interface ServicePageProps {
// This pre-generates known pages, but new pages can still be generated on-demand
export async function generateStaticParams() {
try {
<<<<<<< HEAD
// Use internal API URL for server-side requests
const apiUrl = process.env.INTERNAL_API_URL || process.env.NEXT_PUBLIC_API_URL || 'http://127.0.0.1:1086';
const response = await fetch(
`${apiUrl}/api/services/`,
{
method: 'GET',
headers: getApiHeaders(),
=======
const response = await fetch(
`${API_CONFIG.BASE_URL}/api/services/`,
{
@@ -31,6 +44,7 @@ export async function generateStaticParams() {
headers: {
'Content-Type': 'application/json',
},
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
next: { revalidate: 60 }, // Revalidate every minute for faster image updates
}
);
@@ -57,6 +71,15 @@ export async function generateMetadata({ params }: ServicePageProps) {
const { slug } = await params;
try {
<<<<<<< HEAD
// Use internal API URL for server-side requests
const apiUrl = process.env.INTERNAL_API_URL || process.env.NEXT_PUBLIC_API_URL || 'http://127.0.0.1:1086';
const response = await fetch(
`${apiUrl}/api/services/${slug}/`,
{
method: 'GET',
headers: getApiHeaders(),
=======
const response = await fetch(
`${API_CONFIG.BASE_URL}/api/services/${slug}/`,
{
@@ -64,6 +87,7 @@ export async function generateMetadata({ params }: ServicePageProps) {
headers: {
'Content-Type': 'application/json',
},
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
next: { revalidate: 60 }, // Revalidate every minute for faster image updates
}
);
@@ -87,6 +111,15 @@ const ServicePage = async ({ params }: ServicePageProps) => {
const { slug } = await params;
try {
<<<<<<< HEAD
// Use internal API URL for server-side requests
const apiUrl = process.env.INTERNAL_API_URL || process.env.NEXT_PUBLIC_API_URL || 'http://127.0.0.1:1086';
const response = await fetch(
`${apiUrl}/api/services/${slug}/`,
{
method: 'GET',
headers: getApiHeaders(),
=======
const response = await fetch(
`${API_CONFIG.BASE_URL}/api/services/${slug}/`,
{
@@ -94,6 +127,7 @@ const ServicePage = async ({ params }: ServicePageProps) => {
headers: {
'Content-Type': 'application/json',
},
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
next: { revalidate: 60 }, // Revalidate every minute for faster image updates
}
);

13
frontEnd/app/support-center/layout.tsx Normal file
View File

@@ -0,0 +1,13 @@
// Force dynamic rendering for support-center pages
export const dynamic = 'force-dynamic';
export const dynamicParams = true;
export const revalidate = 0;
export default function SupportCenterLayout({
children,
}: {
children: React.ReactNode;
}) {
return <>{children}</>;
}

29
frontEnd/app/support-center/page.tsx
View File

@@ -12,6 +12,31 @@ type ModalType = 'create' | 'knowledge' | 'status' | null;
const SupportCenterPage = () => {
// Set metadata for client component
useEffect(() => {
<<<<<<< HEAD
// Only run on client side
if (typeof window === 'undefined' || typeof document === 'undefined') return;
=======
const metadata = createMetadata({
title: "Support Center - Enterprise Support & Help Desk",
description: "Get 24/7 enterprise support from GNX Soft. Access our knowledge base, create support tickets, check ticket status, and get help with our software solutions and services.",
keywords: [
"Support Center",
"Customer Support",
"Help Desk",
"Technical Support",
"Knowledge Base",
"Support Tickets",
"Enterprise Support",
"IT Support",
],
url: "/support-center",
});
const titleString = typeof metadata.title === 'string' ? metadata.title : "Support Center | GNX Soft";
document.title = titleString;
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
try {
const metadata = createMetadata({
title: "Support Center - Enterprise Support & Help Desk",
description: "Get 24/7 enterprise support from GNX Soft. Access our knowledge base, create support tickets, check ticket status, and get help with our software solutions and services.",
@@ -38,6 +63,10 @@ const SupportCenterPage = () => {
document.head.appendChild(metaDescription);
}
metaDescription.setAttribute('content', metadata.description || 'Get enterprise support from GNX Soft');
} catch (error) {
// Silently handle metadata errors
console.error('Error setting metadata:', error);
}
}, []);
const [activeModal, setActiveModal] = useState<ModalType>(null);

4
frontEnd/components/pages/about/AboutBanner.tsx
View File

@@ -227,7 +227,11 @@ const AboutBanner = () => {
{/* Social Links */}
<div className="social-links">
<<<<<<< HEAD
<Link href="https://www.linkedin.com" target="_blank" className="social-link">
=======
<Link href="https://linkedin.com" target="_blank" className="social-link">
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
<i className="fa-brands fa-linkedin-in"></i>
</Link>
<Link href="https://github.com" target="_blank" className="social-link">

3
frontEnd/components/pages/blog/BlogSingle.tsx
View File

@@ -4,6 +4,7 @@ import Image from "next/legacy/image";
import Link from "next/link";
import { useBlogPost } from "@/lib/hooks/useBlog";
import { getValidImageUrl, getValidImageAlt, FALLBACK_IMAGES } from "@/lib/imageUtils";
import { sanitizeHTML } from "@/lib/security/sanitize";
const BlogSingle = () => {
const params = useParams();
@@ -184,7 +185,7 @@ const BlogSingle = () => {
{post.content && (
<div
className="article-content enterprise-content"
dangerouslySetInnerHTML={{ __html: post.content }}
dangerouslySetInnerHTML={{ __html: sanitizeHTML(post.content) }}
/>
)}
</div>

9
frontEnd/components/pages/career/CareerBanner.tsx
View File

@@ -7,7 +7,10 @@ import Link from "next/link";
const CareerBanner = () => {
useEffect(() => {
gsap.registerPlugin(ScrollTrigger);
if (document.querySelector(".career-banner")) {
const careerBanner = document.querySelector(".career-banner");
const cpBannerThumb = document.querySelector(".cp-banner-thumb");
if (careerBanner && cpBannerThumb) {
const tl = gsap.timeline({
scrollTrigger: {
trigger: ".career-banner",
@@ -114,7 +117,11 @@ const CareerBanner = () => {
<ul className="social">
<li>
<Link
<<<<<<< HEAD
href="https://www.linkedin.com"
=======
href="https://linkedin.com"
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
target="_blank"
aria-label="connect with us on linkedin"
>

12
frontEnd/components/pages/case-study/CaseSingle.tsx
View File

@@ -5,6 +5,10 @@ import Link from "next/link";
import { useRouter } from "next/navigation";
import { useCaseStudy } from "@/lib/hooks/useCaseStudy";
import { getImageUrl } from "@/lib/imageUtils";
<<<<<<< HEAD
import { sanitizeHTML } from "@/lib/security/sanitize";
=======
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
interface CaseSingleProps {
slug: string;
@@ -202,12 +206,12 @@ const CaseSingle = ({ slug }: CaseSingleProps) => {
{caseStudy.project_overview ? (
<div
className="content-html"
dangerouslySetInnerHTML={{ __html: caseStudy.project_overview }}
dangerouslySetInnerHTML={{ __html: sanitizeHTML(caseStudy.project_overview) }}
/>
) : (
<div
className="content-html"
dangerouslySetInnerHTML={{ __html: caseStudy.description || '' }}
dangerouslySetInnerHTML={{ __html: sanitizeHTML(caseStudy.description || '') }}
/>
)}
@@ -215,7 +219,7 @@ const CaseSingle = ({ slug }: CaseSingleProps) => {
{caseStudy.description && (
<div
className="content-html full-description mt-40"
dangerouslySetInnerHTML={{ __html: caseStudy.description }}
dangerouslySetInnerHTML={{ __html: sanitizeHTML(caseStudy.description) }}
/>
)}
</div>
@@ -343,7 +347,7 @@ const CaseSingle = ({ slug }: CaseSingleProps) => {
<h2 className="section-title">Site Map & Process</h2>
<div
className="content-html"
dangerouslySetInnerHTML={{ __html: caseStudy.site_map_content }}
dangerouslySetInnerHTML={{ __html: sanitizeHTML(caseStudy.site_map_content) }}
/>
</div>
</div>

86
frontEnd/components/pages/contact/ContactSection.tsx
View File

@@ -31,10 +31,39 @@ const ContactSection = () => {
message: string;
}>({ type: null, message: '' });
// Math Captcha state
const [captcha, setCaptcha] = useState({ num1: 0, num2: 0, operator: '+', answer: 0 });
const [captchaAnswer, setCaptchaAnswer] = useState('');
const [captchaError, setCaptchaError] = useState('');
// Refs for scrolling to status messages
const statusRef = useRef<HTMLDivElement>(null);
const formRef = useRef<HTMLFormElement>(null);
// Generate math captcha
const generateCaptcha = () => {
const operators = ['+', '-'];
const operator = operators[Math.floor(Math.random() * operators.length)];
let num1 = Math.floor(Math.random() * 10) + 1; // 1-10
let num2 = Math.floor(Math.random() * 10) + 1; // 1-10
// Ensure subtraction doesn't result in negative numbers
if (operator === '-' && num1 < num2) {
[num1, num2] = [num2, num1];
}
const answer = operator === '+' ? num1 + num2 : num1 - num2;
setCaptcha({ num1, num2, operator, answer });
setCaptchaAnswer('');
setCaptchaError('');
};
// Generate captcha on component mount
useEffect(() => {
generateCaptcha();
}, []);
// Scroll to status message when it appears
useEffect(() => {
if (submitStatus.type && statusRef.current) {
@@ -61,6 +90,16 @@ const ContactSection = () => {
e.preventDefault();
setIsSubmitting(true);
setSubmitStatus({ type: null, message: '' });
setCaptchaError('');
// Validate captcha
const userAnswer = parseInt(captchaAnswer.trim());
if (isNaN(userAnswer) || userAnswer !== captcha.answer) {
setCaptchaError('Incorrect answer. Please try again.');
setIsSubmitting(false);
generateCaptcha(); // Generate new captcha on error
return;
}
try {
// Transform form data to match API requirements
@@ -107,6 +146,10 @@ const ContactSection = () => {
privacy: false
});
// Reset captcha
setCaptchaAnswer('');
generateCaptcha();
} catch (error) {
setSubmitStatus({
type: 'error',
@@ -407,6 +450,49 @@ const ContactSection = () => {
</label>
</div>
</div>
{/* Math Captcha */}
<div className="input-single compact-input captcha-container">
<label htmlFor="captcha">
Security Verification *
<span className="captcha-hint">(Please solve the math problem)</span>
</label>
<div className="captcha-wrapper">
<div className="captcha-question">
<span className="captcha-numbers">
{captcha.num1} {captcha.operator} {captcha.num2} = ?
</span>
<button
type="button"
className="captcha-refresh"
onClick={generateCaptcha}
title="Generate new question"
aria-label="Refresh captcha"
>
<i className="fa-solid fa-rotate"></i>
</button>
</div>
<input
type="number"
name="captcha"
id="captcha"
value={captchaAnswer}
onChange={(e) => {
setCaptchaAnswer(e.target.value);
setCaptchaError('');
}}
placeholder="Enter answer"
required
className={captchaError ? 'error' : ''}
/>
{captchaError && (
<span className="captcha-error">
<i className="fa-solid fa-exclamation-circle"></i>
{captchaError}
</span>
)}
</div>
</div>
</div>
{/* Status Message */}

4
frontEnd/components/pages/services/ServicesBanner.tsx
View File

@@ -84,7 +84,11 @@ const ServicesBanner = () => {
<ul className="social">
<li>
<Link
<<<<<<< HEAD
href="https://www.linkedin.com"
=======
href="https://linkedin.com"
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
target="_blank"
aria-label="connect with us on linkedin"
>

5
frontEnd/components/pages/services/Transform.tsx
View File

@@ -14,6 +14,10 @@ const Transform = ({ service }: TransformProps) => {
useEffect(() => {
gsap.registerPlugin(ScrollTrigger);
// Check if elements exist before animating
const footFadeElements = document.querySelectorAll(".foot-fade");
if (footFadeElements.length > 0) {
gsap.set(".foot-fade", {
x: -100,
opacity: 0,
@@ -28,6 +32,7 @@ const Transform = ({ service }: TransformProps) => {
stagger: 0.3,
}),
});
}
}, []);
return (

3
frontEnd/components/pages/support/KnowledgeBaseArticleModal.tsx
View File

@@ -2,6 +2,7 @@
import { useEffect, useState } from 'react';
import { useKnowledgeBaseArticle } from '@/lib/hooks/useSupport';
import { markArticleHelpful } from '@/lib/api/supportService';
import { sanitizeHTML } from '@/lib/security/sanitize';
interface KnowledgeBaseArticleModalProps {
slug: string;
@@ -94,7 +95,7 @@ const KnowledgeBaseArticleModal = ({ slug, onClose }: KnowledgeBaseArticleModalP
<div className="article-body">
<div
className="article-content"
dangerouslySetInnerHTML={{ __html: article.content || article.summary }}
dangerouslySetInnerHTML={{ __html: sanitizeHTML(article.content || article.summary) }}
/>
</div>

14
frontEnd/components/pages/support/SupportCenterHero.tsx
View File

@@ -1,4 +1,5 @@
"use client";
import Link from "next/link";
type ModalType = 'create' | 'knowledge' | 'status' | null;
@@ -102,7 +103,7 @@ const SupportCenterHero = ({ onFeatureClick }: SupportCenterHeroProps) => {
</div>
</div>
<div className="col-12 col-sm-6 col-md-6 col-lg-4">
<a
<Link
href="/policy?type=privacy"
className="feature-item clickable link-item"
>
@@ -111,10 +112,10 @@ const SupportCenterHero = ({ onFeatureClick }: SupportCenterHeroProps) => {
</div>
<h3>Privacy Policy</h3>
<p>Learn about data protection</p>
</a>
</Link>
</div>
<div className="col-12 col-sm-6 col-md-6 col-lg-4">
<a
<Link
href="/policy?type=terms"
className="feature-item clickable link-item"
>
@@ -123,10 +124,10 @@ const SupportCenterHero = ({ onFeatureClick }: SupportCenterHeroProps) => {
</div>
<h3>Terms of Use</h3>
<p>Review our service terms</p>
</a>
</Link>
</div>
<div className="col-12 col-sm-6 col-md-6 col-lg-4">
<a
<Link
href="/policy?type=support"
className="feature-item clickable link-item"
>
@@ -135,7 +136,7 @@ const SupportCenterHero = ({ onFeatureClick }: SupportCenterHeroProps) => {
</div>
<h3>Support Policy</h3>
<p>Understand our support coverage</p>
</a>
</Link>
</div>
</div>
</div>
@@ -148,4 +149,3 @@ const SupportCenterHero = ({ onFeatureClick }: SupportCenterHeroProps) => {
};
export default SupportCenterHero;

8
frontEnd/components/shared/layout/footer/Footer.tsx
View File

@@ -289,7 +289,11 @@ const Footer = () => {
<div className="col-12 col-lg-6">
<div className="social-links justify-content-center justify-content-lg-end">
<Link
<<<<<<< HEAD
href="https://www.linkedin.com"
=======
href="https://linkedin.com"
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
target="_blank"
rel="noopener noreferrer"
title="LinkedIn"
@@ -298,7 +302,11 @@ const Footer = () => {
<i className="fa-brands fa-linkedin-in"></i>
</Link>
<Link
<<<<<<< HEAD
href="https://github.com/"
=======
href="https://github.com"
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
target="_blank"
rel="noopener noreferrer"
title="GitHub"

4
frontEnd/components/shared/layout/header/OffcanvasMenu.tsx
View File

@@ -175,7 +175,11 @@ const OffcanvasMenu = ({
<ul className="enterprise-social nav-fade">
<li>
<Link
<<<<<<< HEAD
href="https://www.linkedin.com"
=======
href="https://linkedin.com"
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
target="_blank"
aria-label="Connect with us on LinkedIn"
>

47
frontEnd/lib/api/policyService.ts
View File

@@ -30,14 +30,35 @@ export interface PolicyListItem {
}
class PolicyServiceAPI {
private baseUrl = `${API_BASE_URL}/api/policies`;
private getBaseUrl(): string {
// Safely get base URL, handling both server and client environments
try {
const base = API_BASE_URL || '';
if (base) {
return `${base}/api/policies`;
}
// Fallback for SSR or when API_BASE_URL is not available
if (typeof window !== 'undefined') {
// Client-side: use relative URL (proxied by nginx)
return '/api/policies';
}
// Server-side: use environment variable or fallback
return `${process.env.NEXT_PUBLIC_SITE_URL || 'https://gnxsoft.com'}/api/policies`;
} catch (error) {
// Ultimate fallback
if (typeof window !== 'undefined') {
return '/api/policies';
}
return 'https://gnxsoft.com/api/policies';
}
}
/**
* Get all policies
*/
async getPolicies(): Promise<PolicyListItem[]> {
try {
const response = await fetch(`${this.baseUrl}/`, {
const response = await fetch(`${this.getBaseUrl()}/`, {
method: 'GET',
headers: {
'Content-Type': 'application/json',
@@ -60,20 +81,36 @@ class PolicyServiceAPI {
*/
async getPolicyByType(type: 'privacy' | 'terms' | 'support'): Promise<Policy> {
try {
const response = await fetch(`${this.baseUrl}/${type}/`, {
const baseUrl = this.getBaseUrl();
const url = `${baseUrl}/${type}/`;
const response = await fetch(url, {
method: 'GET',
headers: {
'Content-Type': 'application/json',
},
// Add cache control for client-side requests
cache: 'no-store',
});
if (!response.ok) {
throw new Error(`HTTP error! status: ${response.status}`);
const errorText = await response.text().catch(() => 'Unknown error');
throw new Error(`HTTP error! status: ${response.status}, message: ${errorText}`);
}
const data = await response.json();
// Validate response structure
if (!data || typeof data !== 'object') {
throw new Error('Invalid response format from API');
}
return data;
} catch (error) {
// Log error for debugging (only on client side)
if (typeof window !== 'undefined') {
console.error(`Error fetching policy type "${type}":`, error);
}
throw error;
}
}
@@ -83,7 +120,7 @@ class PolicyServiceAPI {
*/
async getPolicyById(id: number): Promise<Policy> {
try {
const response = await fetch(`${this.baseUrl}/${id}/`, {
const response = await fetch(`${this.getBaseUrl()}/${id}/`, {
method: 'GET',
headers: {
'Content-Type': 'application/json',

12
frontEnd/lib/hooks/usePolicy.ts
View File

@@ -63,13 +63,23 @@ export const usePolicy = (type: 'privacy' | 'terms' | 'support' | null): UsePoli
return;
}
// Don't fetch on server side
if (typeof window === 'undefined') {
setIsLoading(false);
return;
}
try {
setIsLoading(true);
setError(null);
const result = await getPolicyByType(type);
setData(result);
} catch (err) {
setError(err instanceof Error ? err : new Error('An error occurred'));
const errorMessage = err instanceof Error ? err.message : 'An error occurred while loading the policy';
console.error('Policy fetch error:', err);
setError(new Error(errorMessage));
// Set data to null on error to prevent rendering issues
setData(null);
} finally {
setIsLoading(false);
}

11
frontEnd/lib/seo/metadata.ts
View File

@@ -90,6 +90,15 @@ export function generateMetadata({
const pageUrl = url ? `${SITE_CONFIG.url}${url}` : SITE_CONFIG.url;
const allKeywords = [...DEFAULT_SEO.keywords, ...keywords];
// Safely create metadataBase URL
let metadataBase: URL;
try {
metadataBase = new URL(SITE_CONFIG.url);
} catch (e) {
// Fallback to a default URL if SITE_CONFIG.url is invalid
metadataBase = new URL('https://gnxsoft.com');
}
const metadata: Metadata = {
title: pageTitle,
description: pageDescription,
@@ -112,7 +121,7 @@ export function generateMetadata({
address: false,
telephone: false,
},
metadataBase: new URL(SITE_CONFIG.url),
metadataBase: metadataBase,
alternates: {
canonical: pageUrl,
},

139
frontEnd/middleware.ts Normal file
View File

@@ -0,0 +1,139 @@
import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
import { validateRequestIP, getClientIP } from './lib/security/ipWhitelist';
import {
PROTECTED_PATHS,
BLOCKED_USER_AGENTS,
BLOCKED_IPS,
SUSPICIOUS_PATTERNS,
} from './lib/security/config';
export function middleware(request: NextRequest) {
// Safely get pathname and search
let pathname = '/';
let search = '';
try {
if (request?.nextUrl) {
pathname = request.nextUrl.pathname || '/';
search = request.nextUrl.search || '';
}
} catch (e) {
console.warn('Error getting URL from request:', e);
}
// Safely get headers
let headersObj: Record<string, string> = {};
try {
if (request?.headers && typeof request.headers.entries === 'function') {
try {
headersObj = Object.fromEntries(request.headers.entries());
} catch (entriesError) {
// If entries() fails, try to manually extract headers
console.warn('Error getting header entries, trying alternative method:', entriesError);
headersObj = {};
}
}
} catch (e) {
// If headers can't be converted, use empty object
console.warn('Error converting headers:', e);
}
// Safely get user agent
let userAgent = '';
try {
if (request?.headers && typeof request.headers.get === 'function') {
const ua = request.headers.get('user-agent');
userAgent = ua || '';
}
} catch (e) {
console.warn('Error getting user agent:', e);
}
const ip = getClientIP(headersObj);
// Security checks
const securityChecks: Array<{ check: () => boolean; action: () => NextResponse }> = [];
// 1. Block malicious user agents
securityChecks.push({
check: () => BLOCKED_USER_AGENTS.some(blocked => userAgent.toLowerCase().includes(blocked.toLowerCase())),
action: () => {
console.warn(`[SECURITY] Blocked malicious user agent: ${userAgent} from IP: ${ip}`);
return new NextResponse('Forbidden', { status: 403 });
},
});
// 2. Block known malicious IPs
securityChecks.push({
check: () => BLOCKED_IPS.includes(ip),
action: () => {
console.warn(`[SECURITY] Blocked known malicious IP: ${ip}`);
return new NextResponse('Forbidden', { status: 403 });
},
});
// 3. IP whitelist check for protected paths
if (PROTECTED_PATHS.some(path => pathname.startsWith(path))) {
const validation = validateRequestIP(headersObj);
if (!validation.allowed) {
console.warn(`[SECURITY] Blocked non-whitelisted IP: ${ip} from accessing: ${pathname}`);
return new NextResponse(
JSON.stringify({
error: 'Forbidden',
message: 'Access denied from this IP address',
}),
{
status: 403,
headers: { 'Content-Type': 'application/json' },
}
);
}
}
// 4. Block suspicious query parameters (potential XSS/SQL injection attempts)
const fullUrl = pathname + search;
if (SUSPICIOUS_PATTERNS.some(pattern => pattern.test(fullUrl))) {
console.warn(`[SECURITY] Blocked suspicious request pattern from IP: ${ip} - URL: ${fullUrl}`);
return new NextResponse('Bad Request', { status: 400 });
}
// 5. Rate limiting headers (basic implementation)
// In production, use a proper rate limiting service
const response = NextResponse.next();
// Add security headers (safely check if headers exist)
try {
if (response?.headers && typeof response.headers.set === 'function') {
response.headers.set('X-Content-Type-Options', 'nosniff');
response.headers.set('X-Frame-Options', 'SAMEORIGIN');
response.headers.set('X-XSS-Protection', '1; mode=block');
response.headers.set('Referrer-Policy', 'strict-origin-when-cross-origin');
}
} catch (e) {
console.warn('Error setting response headers:', e);
}
// Execute security checks
for (const { check, action } of securityChecks) {
if (check()) {
return action();
}
}
return response;
}
// Configure which routes the middleware runs on
export const config = {
matcher: [
/*
* Match all request paths except:
* - _next/static (static files)
* - _next/image (image optimization files)
* - favicon.ico (favicon file)
* - public files (images, etc.)
*/
'/((?!_next/static|_next/image|favicon.ico|images|icons|.*\\.(?:svg|png|jpg|jpeg|gif|webp|ico|woff|woff2|ttf|eot)).*)',
],
};

51
frontEnd/next.config.js
View File

@@ -112,48 +112,29 @@ const nextConfig = {
productionBrowserSourceMaps: false,
// Performance optimizations (swcMinify removed - default in Next.js 15)
// Enterprise Security Headers
// NOTE: Most security headers are set in nginx to avoid duplicates
// Only set headers here that are specific to Next.js or need to be in the app
async headers() {
return [
{
source: '/:path*',
headers: [
// Security Headers
{
key: 'X-DNS-Prefetch-Control',
value: 'on'
},
{
key: 'Strict-Transport-Security',
value: 'max-age=63072000; includeSubDomains; preload'
},
{
key: 'X-Frame-Options',
value: 'SAMEORIGIN'
},
{
key: 'X-Content-Type-Options',
value: 'nosniff'
},
{
key: 'X-XSS-Protection',
value: '1; mode=block'
},
{
key: 'Referrer-Policy',
value: 'strict-origin-when-cross-origin'
},
{
key: 'Permissions-Policy',
value: 'camera=(), microphone=(), geolocation=(), interest-cohort=()'
},
// Content Security Policy - Set here for Next.js compatibility
// Note: Removed conflicting directives that are ignored with 'strict-dynamic'
{
key: 'Content-Security-Policy',
<<<<<<< HEAD
value: process.env.NODE_ENV === 'production'
? "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://www.google.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self'; object-src 'none'; upgrade-insecure-requests;"
: "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https: http://localhost:8000 http://localhost:8080; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' http://localhost:8000 https://www.google-analytics.com; frame-src 'self' https://www.google.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self';"
=======
value: "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https: http://localhost:8000 http://localhost:8080; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' http://localhost:8000 https://www.google-analytics.com; frame-src 'self' https://www.google.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self'"
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
},
// Performance Headers
// Hide X-Powered-By header from Next.js
{
key: 'Cache-Control',
value: 'public, max-age=31536000, immutable'
key: 'X-Powered-By',
value: ''
},
],
},
@@ -191,6 +172,12 @@ const nextConfig = {
// Redirects for SEO
async redirects() {
return [
// Redirect /about to /about-us
{
source: '/about',
destination: '/about-us',
permanent: true,
},
// Temporarily disabled - causing API issues
// {
// source: '/((?!api/).*)+/',

640
frontEnd/package-lock.json generated
View File

@@ -10,6 +10,7 @@
"dependencies": {
"framer-motion": "^12.23.16",
"gsap": "^3.12.2",
"isomorphic-dompurify": "^2.34.0",
"lenis": "^1.3.11",
"lucide-react": "^0.544.0",
"next": "^15.5.3",
@@ -28,16 +29,178 @@
"yet-another-react-lightbox": "^3.15.2"
},
"devDependencies": {
"@types/dompurify": "^3.0.5",
"@types/node": "^20",
"@types/react": "^19.1.13",
"@types/react-dom": "^19.1.9",
"@types/react-modal-video": "^1.2.3",
"dompurify": "^3.3.1",
"eslint": "^8",
"eslint-config-next": "^15.5.3",
"sass-migrator": "^2.4.2",
"typescript": "^5"
}
},
"node_modules/@acemir/cssom": {
"version": "0.9.28",
"resolved": "https://registry.npmjs.org/@acemir/cssom/-/cssom-0.9.28.tgz",
"integrity": "sha512-LuS6IVEivI75vKN8S04qRD+YySP0RmU/cV8UNukhQZvprxF+76Z43TNo/a08eCodaGhT1Us8etqS1ZRY9/Or0A=="
},
"node_modules/@asamuzakjp/css-color": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/@asamuzakjp/css-color/-/css-color-4.1.0.tgz",
"integrity": "sha512-9xiBAtLn4aNsa4mDnpovJvBn72tNEIACyvlqaNJ+ADemR+yeMJWnBudOi2qGDviJa7SwcDOU/TRh5dnET7qk0w==",
"dependencies": {
"@csstools/css-calc": "^2.1.4",
"@csstools/css-color-parser": "^3.1.0",
"@csstools/css-parser-algorithms": "^3.0.5",
"@csstools/css-tokenizer": "^3.0.4",
"lru-cache": "^11.2.2"
}
},
"node_modules/@asamuzakjp/dom-selector": {
"version": "6.7.6",
"resolved": "https://registry.npmjs.org/@asamuzakjp/dom-selector/-/dom-selector-6.7.6.tgz",
"integrity": "sha512-hBaJER6A9MpdG3WgdlOolHmbOYvSk46y7IQN/1+iqiCuUu6iWdQrs9DGKF8ocqsEqWujWf/V7b7vaDgiUmIvUg==",
"dependencies": {
"@asamuzakjp/nwsapi": "^2.3.9",
"bidi-js": "^1.0.3",
"css-tree": "^3.1.0",
"is-potential-custom-element-name": "^1.0.1",
"lru-cache": "^11.2.4"
}
},
"node_modules/@asamuzakjp/nwsapi": {
"version": "2.3.9",
"resolved": "https://registry.npmjs.org/@asamuzakjp/nwsapi/-/nwsapi-2.3.9.tgz",
"integrity": "sha512-n8GuYSrI9bF7FFZ/SjhwevlHc8xaVlb/7HmHelnc/PZXBD2ZR49NnN9sMMuDdEGPeeRQ5d0hqlSlEpgCX3Wl0Q=="
},
"node_modules/@csstools/color-helpers": {
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/@csstools/color-helpers/-/color-helpers-5.1.0.tgz",
"integrity": "sha512-S11EXWJyy0Mz5SYvRmY8nJYTFFd1LCNV+7cXyAgQtOOuzb4EsgfqDufL+9esx72/eLhsRdGZwaldu/h+E4t4BA==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/csstools"
},
{
"type": "opencollective",
"url": "https://opencollective.com/csstools"
}
],
"engines": {
"node": ">=18"
}
},
"node_modules/@csstools/css-calc": {
"version": "2.1.4",
"resolved": "https://registry.npmjs.org/@csstools/css-calc/-/css-calc-2.1.4.tgz",
"integrity": "sha512-3N8oaj+0juUw/1H3YwmDDJXCgTB1gKU6Hc/bB502u9zR0q2vd786XJH9QfrKIEgFlZmhZiq6epXl4rHqhzsIgQ==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/csstools"
},
{
"type": "opencollective",
"url": "https://opencollective.com/csstools"
}
],
"engines": {
"node": ">=18"
},
"peerDependencies": {
"@csstools/css-parser-algorithms": "^3.0.5",
"@csstools/css-tokenizer": "^3.0.4"
}
},
"node_modules/@csstools/css-color-parser": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/@csstools/css-color-parser/-/css-color-parser-3.1.0.tgz",
"integrity": "sha512-nbtKwh3a6xNVIp/VRuXV64yTKnb1IjTAEEh3irzS+HkKjAOYLTGNb9pmVNntZ8iVBHcWDA2Dof0QtPgFI1BaTA==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/csstools"
},
{
"type": "opencollective",
"url": "https://opencollective.com/csstools"
}
],
"dependencies": {
"@csstools/color-helpers": "^5.1.0",
"@csstools/css-calc": "^2.1.4"
},
"engines": {
"node": ">=18"
},
"peerDependencies": {
"@csstools/css-parser-algorithms": "^3.0.5",
"@csstools/css-tokenizer": "^3.0.4"
}
},
"node_modules/@csstools/css-parser-algorithms": {
"version": "3.0.5",
"resolved": "https://registry.npmjs.org/@csstools/css-parser-algorithms/-/css-parser-algorithms-3.0.5.tgz",
"integrity": "sha512-DaDeUkXZKjdGhgYaHNJTV9pV7Y9B3b644jCLs9Upc3VeNGg6LWARAT6O+Q+/COo+2gg/bM5rhpMAtf70WqfBdQ==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/csstools"
},
{
"type": "opencollective",
"url": "https://opencollective.com/csstools"
}
],
"engines": {
"node": ">=18"
},
"peerDependencies": {
"@csstools/css-tokenizer": "^3.0.4"
}
},
"node_modules/@csstools/css-syntax-patches-for-csstree": {
"version": "1.0.14",
"resolved": "https://registry.npmjs.org/@csstools/css-syntax-patches-for-csstree/-/css-syntax-patches-for-csstree-1.0.14.tgz",
"integrity": "sha512-zSlIxa20WvMojjpCSy8WrNpcZ61RqfTfX3XTaOeVlGJrt/8HF3YbzgFZa01yTbT4GWQLwfTcC3EB8i3XnB647Q==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/csstools"
},
{
"type": "opencollective",
"url": "https://opencollective.com/csstools"
}
],
"engines": {
"node": ">=18"
},
"peerDependencies": {
"postcss": "^8.4"
}
},
"node_modules/@csstools/css-tokenizer": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/@csstools/css-tokenizer/-/css-tokenizer-3.0.4.tgz",
"integrity": "sha512-Vd/9EVDiu6PPJt9yAh6roZP6El1xHrdvIVGjyBsHR0RYwNHgL7FJPyIIW4fANJNG6FtyZfvlRPpFI4ZM/lubvw==",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/csstools"
},
{
"type": "opencollective",
"url": "https://opencollective.com/csstools"
}
],
"engines": {
"node": ">=18"
}
},
"node_modules/@emnapi/core": {
"version": "1.5.0",
"resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.5.0.tgz",
@@ -614,10 +777,9 @@
}
},
"node_modules/@next/env": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/env/-/env-15.5.3.tgz",
"integrity": "sha512-RSEDTRqyihYXygx/OJXwvVupfr9m04+0vH8vyy0HfZ7keRto6VX9BbEk0J2PUk0VGy6YhklJUSrgForov5F9pw==",
"license": "MIT"
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/env/-/env-15.5.7.tgz",
"integrity": "sha512-4h6Y2NyEkIEN7Z8YxkA27pq6zTkS09bUSYC0xjd0NpwFxjnIKeZEeH591o5WECSmjpUhLn3H2QLJcDye3Uzcvg=="
},
"node_modules/@next/eslint-plugin-next": {
"version": "15.5.3",
@@ -630,13 +792,12 @@
}
},
"node_modules/@next/swc-darwin-arm64": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-15.5.3.tgz",
"integrity": "sha512-nzbHQo69+au9wJkGKTU9lP7PXv0d1J5ljFpvb+LnEomLtSbJkbZyEs6sbF3plQmiOB2l9OBtN2tNSvCH1nQ9Jg==",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-15.5.7.tgz",
"integrity": "sha512-IZwtxCEpI91HVU/rAUOOobWSZv4P2DeTtNaCdHqLcTJU4wdNXgAySvKa/qJCgR5m6KI8UsKDXtO2B31jcaw1Yw==",
"cpu": [
"arm64"
],
"license": "MIT",
"optional": true,
"os": [
"darwin"
@@ -646,13 +807,12 @@
}
},
"node_modules/@next/swc-darwin-x64": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/swc-darwin-x64/-/swc-darwin-x64-15.5.3.tgz",
"integrity": "sha512-w83w4SkOOhekJOcA5HBvHyGzgV1W/XvOfpkrxIse4uPWhYTTRwtGEM4v/jiXwNSJvfRvah0H8/uTLBKRXlef8g==",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/swc-darwin-x64/-/swc-darwin-x64-15.5.7.tgz",
"integrity": "sha512-UP6CaDBcqaCBuiq/gfCEJw7sPEoX1aIjZHnBWN9v9qYHQdMKvCKcAVs4OX1vIjeE+tC5EIuwDTVIoXpUes29lg==",
"cpu": [
"x64"
],
"license": "MIT",
"optional": true,
"os": [
"darwin"
@@ -662,13 +822,12 @@
}
},
"node_modules/@next/swc-linux-arm64-gnu": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-15.5.3.tgz",
"integrity": "sha512-+m7pfIs0/yvgVu26ieaKrifV8C8yiLe7jVp9SpcIzg7XmyyNE7toC1fy5IOQozmr6kWl/JONC51osih2RyoXRw==",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-15.5.7.tgz",
"integrity": "sha512-NCslw3GrNIw7OgmRBxHtdWFQYhexoUCq+0oS2ccjyYLtcn1SzGzeM54jpTFonIMUjNbHmpKpziXnpxhSWLcmBA==",
"cpu": [
"arm64"
],
"license": "MIT",
"optional": true,
"os": [
"linux"
@@ -678,13 +837,12 @@
}
},
"node_modules/@next/swc-linux-arm64-musl": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-15.5.3.tgz",
"integrity": "sha512-u3PEIzuguSenoZviZJahNLgCexGFhso5mxWCrrIMdvpZn6lkME5vc/ADZG8UUk5K1uWRy4hqSFECrON6UKQBbQ==",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-15.5.7.tgz",
"integrity": "sha512-nfymt+SE5cvtTrG9u1wdoxBr9bVB7mtKTcj0ltRn6gkP/2Nu1zM5ei8rwP9qKQP0Y//umK+TtkKgNtfboBxRrw==",
"cpu": [
"arm64"
],
"license": "MIT",
"optional": true,
"os": [
"linux"
@@ -694,13 +852,12 @@
}
},
"node_modules/@next/swc-linux-x64-gnu": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-15.5.3.tgz",
"integrity": "sha512-lDtOOScYDZxI2BENN9m0pfVPJDSuUkAD1YXSvlJF0DKwZt0WlA7T7o3wrcEr4Q+iHYGzEaVuZcsIbCps4K27sA==",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-15.5.7.tgz",
"integrity": "sha512-hvXcZvCaaEbCZcVzcY7E1uXN9xWZfFvkNHwbe/n4OkRhFWrs1J1QV+4U1BN06tXLdaS4DazEGXwgqnu/VMcmqw==",
"cpu": [
"x64"
],
"license": "MIT",
"optional": true,
"os": [
"linux"
@@ -710,13 +867,12 @@
}
},
"node_modules/@next/swc-linux-x64-musl": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-15.5.3.tgz",
"integrity": "sha512-9vWVUnsx9PrY2NwdVRJ4dUURAQ8Su0sLRPqcCCxtX5zIQUBES12eRVHq6b70bbfaVaxIDGJN2afHui0eDm+cLg==",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-15.5.7.tgz",
"integrity": "sha512-4IUO539b8FmF0odY6/SqANJdgwn1xs1GkPO5doZugwZ3ETF6JUdckk7RGmsfSf7ws8Qb2YB5It33mvNL/0acqA==",
"cpu": [
"x64"
],
"license": "MIT",
"optional": true,
"os": [
"linux"
@@ -726,13 +882,12 @@
}
},
"node_modules/@next/swc-win32-arm64-msvc": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-15.5.3.tgz",
"integrity": "sha512-1CU20FZzY9LFQigRi6jM45oJMU3KziA5/sSG+dXeVaTm661snQP6xu3ykGxxwU5sLG3sh14teO/IOEPVsQMRfA==",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-15.5.7.tgz",
"integrity": "sha512-CpJVTkYI3ZajQkC5vajM7/ApKJUOlm6uP4BknM3XKvJ7VXAvCqSjSLmM0LKdYzn6nBJVSjdclx8nYJSa3xlTgQ==",
"cpu": [
"arm64"
],
"license": "MIT",
"optional": true,
"os": [
"win32"
@@ -742,13 +897,12 @@
}
},
"node_modules/@next/swc-win32-x64-msvc": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-15.5.3.tgz",
"integrity": "sha512-JMoLAq3n3y5tKXPQwCK5c+6tmwkuFDa2XAxz8Wm4+IVthdBZdZGh+lmiLUHg9f9IDwIQpUjp+ysd6OkYTyZRZw==",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-15.5.7.tgz",
"integrity": "sha512-gMzgBX164I6DN+9/PGA+9dQiwmTkE4TloBNx8Kv9UiGARsr9Nba7IpcBRA1iTV9vwlYnrE3Uy6I7Aj6qLjQuqw==",
"cpu": [
"x64"
],
"license": "MIT",
"optional": true,
"os": [
"win32"
@@ -1135,6 +1289,16 @@
"tslib": "^2.4.0"
}
},
"node_modules/@types/dompurify": {
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/@types/dompurify/-/dompurify-3.2.0.tgz",
"integrity": "sha512-Fgg31wv9QbLDA0SpTOXO3MaxySc4DKGLi8sna4/Utjo4r3ZRPdCt4UQee8BWr+Q5z21yifghREPJGYaEOEIACg==",
"deprecated": "This is a stub types definition. dompurify provides its own type definitions, so you do not need this installed.",
"dev": true,
"dependencies": {
"dompurify": "*"
}
},
"node_modules/@types/json5": {
"version": "0.0.29",
"resolved": "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz",
@@ -1158,7 +1322,6 @@
"integrity": "sha512-hHkbU/eoO3EG5/MZkuFSKmYqPbSVk5byPFa3e7y/8TybHiLMACgI8seVYlicwk7H5K/rI2px9xrQp/C+AUDTiQ==",
"devOptional": true,
"license": "MIT",
"peer": true,
"dependencies": {
"csstype": "^3.0.2"
}
@@ -1169,7 +1332,6 @@
"integrity": "sha512-qXRuZaOsAdXKFyOhRBg6Lqqc0yay13vN7KrIg4L7N4aaHN68ma9OK3NE1BoDFgFOTfM7zg+3/8+2n8rLUH3OKQ==",
"devOptional": true,
"license": "MIT",
"peer": true,
"peerDependencies": {
"@types/react": "^19.0.0"
}
@@ -1184,6 +1346,12 @@
"@types/react": "*"
}
},
"node_modules/@types/trusted-types": {
"version": "2.0.7",
"resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz",
"integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==",
"optional": true
},
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "8.44.1",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.44.1.tgz",
@@ -1230,7 +1398,6 @@
"integrity": "sha512-EHrrEsyhOhxYt8MTg4zTF+DJMuNBzWwgvvOYNj/zm1vnaD/IC5zCXFehZv94Piqa2cRFfXrTFxIvO95L7Qc/cw==",
"dev": true,
"license": "MIT",
"peer": true,
"dependencies": {
"@typescript-eslint/scope-manager": "8.44.1",
"@typescript-eslint/types": "8.44.1",
@@ -1768,7 +1935,6 @@
"integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
"dev": true,
"license": "MIT",
"peer": true,
"bin": {
"acorn": "bin/acorn"
},
@@ -1786,6 +1952,14 @@
"acorn": "^6.0.0 || ^7.0.0 || ^8.0.0"
}
},
"node_modules/agent-base": {
"version": "7.1.4",
"resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.4.tgz",
"integrity": "sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==",
"engines": {
"node": ">= 14"
}
},
"node_modules/ajv": {
"version": "6.12.6",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
@@ -2183,6 +2357,14 @@
],
"license": "MIT"
},
"node_modules/bidi-js": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/bidi-js/-/bidi-js-1.0.3.tgz",
"integrity": "sha512-RKshQI1R3YQ+n9YJz2QQ147P66ELpa1FQEg20Dk8oW9t2KgLbpDLLp9aGZ7y8WHSshDknG0bknqGw5/tyCs5tw==",
"dependencies": {
"require-from-string": "^2.0.2"
}
},
"node_modules/bl": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz",
@@ -2429,6 +2611,31 @@
"node": ">= 8"
}
},
"node_modules/css-tree": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/css-tree/-/css-tree-3.1.0.tgz",
"integrity": "sha512-0eW44TGN5SQXU1mWSkKwFstI/22X2bG1nYzZTYMAWjylYURhse752YgbE4Cx46AC+bAvI+/dYTPRk1LqSUnu6w==",
"dependencies": {
"mdn-data": "2.12.2",
"source-map-js": "^1.0.1"
},
"engines": {
"node": "^10 || ^12.20.0 || ^14.13.0 || >=15.0.0"
}
},
"node_modules/cssstyle": {
"version": "5.3.4",
"resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-5.3.4.tgz",
"integrity": "sha512-KyOS/kJMEq5O9GdPnaf82noigg5X5DYn0kZPJTaAsCUaBizp6Xa1y9D4Qoqf/JazEXWuruErHgVXwjN5391ZJw==",
"dependencies": {
"@asamuzakjp/css-color": "^4.1.0",
"@csstools/css-syntax-patches-for-csstree": "1.0.14",
"css-tree": "^3.1.0"
},
"engines": {
"node": ">=20"
}
},
"node_modules/csstype": {
"version": "3.1.3",
"resolved": "https://registry.npmjs.org/csstype/-/csstype-3.1.3.tgz",
@@ -2443,6 +2650,18 @@
"dev": true,
"license": "BSD-2-Clause"
},
"node_modules/data-urls": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/data-urls/-/data-urls-6.0.0.tgz",
"integrity": "sha512-BnBS08aLUM+DKamupXs3w2tJJoqU+AkaE/+6vQxi/G/DPmIZFJJp9Dkb1kM03AZx8ADehDUZgsNxju3mPXZYIA==",
"dependencies": {
"whatwg-mimetype": "^4.0.0",
"whatwg-url": "^15.0.0"
},
"engines": {
"node": ">=20"
}
},
"node_modules/data-view-buffer": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/data-view-buffer/-/data-view-buffer-1.0.2.tgz",
@@ -2501,7 +2720,6 @@
"version": "4.4.3",
"resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
"integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"dev": true,
"license": "MIT",
"dependencies": {
"ms": "^2.1.3"
@@ -2515,6 +2733,11 @@
}
}
},
"node_modules/decimal.js": {
"version": "10.6.0",
"resolved": "https://registry.npmjs.org/decimal.js/-/decimal.js-10.6.0.tgz",
"integrity": "sha512-YpgQiITW3JXGntzdUmyUR1V812Hn8T1YVXhCu+wO3OpS4eU9l4YdD3qjyiKdV6mvV29zapkMeD390UVEf2lkUg=="
},
"node_modules/decompress-response": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz",
@@ -2608,6 +2831,14 @@
"node": ">=6.0.0"
}
},
"node_modules/dompurify": {
"version": "3.3.1",
"resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.1.tgz",
"integrity": "sha512-qkdCKzLNtrgPFP1Vo+98FRzJnBRGe4ffyCea9IwHB1fyxPOeNTHpLKYGd4Uk9xvNoH0ZoOjwZxNptyMwqrId1Q==",
"optionalDependencies": {
"@types/trusted-types": "^2.0.7"
}
},
"node_modules/dunder-proto": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz",
@@ -2639,6 +2870,17 @@
"once": "^1.4.0"
}
},
"node_modules/entities": {
"version": "6.0.1",
"resolved": "https://registry.npmjs.org/entities/-/entities-6.0.1.tgz",
"integrity": "sha512-aN97NXWF6AWBTahfVOIrB/NShkzi5H7F9r1s9mD3cDj4Ko5f2qhhVoYMibXF7GlLveb/D2ioWay8lxI97Ven3g==",
"engines": {
"node": ">=0.12"
},
"funding": {
"url": "https://github.com/fb55/entities?sponsor=1"
}
},
"node_modules/es-abstract": {
"version": "1.24.0",
"resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.24.0.tgz",
@@ -2836,7 +3078,6 @@
"deprecated": "This version is no longer supported. Please see https://eslint.org/version-support for other options.",
"dev": true,
"license": "MIT",
"peer": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.2.0",
"@eslint-community/regexpp": "^4.6.1",
@@ -3006,7 +3247,6 @@
"integrity": "sha512-whOE1HFo/qJDyX4SnXzP4N6zOWn79WhnCUY/iDR0mPfQZO8wcYE4JClzI2oZrhBnnMUCBCHZhO6VQyoBU95mZA==",
"dev": true,
"license": "MIT",
"peer": true,
"dependencies": {
"@rtsao/scc": "^1.1.0",
"array-includes": "^3.1.9",
@@ -3808,6 +4048,52 @@
"node": ">= 0.4"
}
},
"node_modules/html-encoding-sniffer": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-4.0.0.tgz",
"integrity": "sha512-Y22oTqIU4uuPgEemfz7NDJz6OeKf12Lsu+QC+s3BVpda64lTiMYCyGwg5ki4vFxkMwQdeZDl2adZoqUgdFuTgQ==",
"dependencies": {
"whatwg-encoding": "^3.1.1"
},
"engines": {
"node": ">=18"
}
},
"node_modules/http-proxy-agent": {
"version": "7.0.2",
"resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz",
"integrity": "sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig==",
"dependencies": {
"agent-base": "^7.1.0",
"debug": "^4.3.4"
},
"engines": {
"node": ">= 14"
}
},
"node_modules/https-proxy-agent": {
"version": "7.0.6",
"resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.6.tgz",
"integrity": "sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw==",
"dependencies": {
"agent-base": "^7.1.2",
"debug": "4"
},
"engines": {
"node": ">= 14"
}
},
"node_modules/iconv-lite": {
"version": "0.6.3",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz",
"integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==",
"dependencies": {
"safer-buffer": ">= 2.1.2 < 3.0.0"
},
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/ieee754": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz",
@@ -4182,6 +4468,11 @@
"node": ">=8"
}
},
"node_modules/is-potential-custom-element-name": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz",
"integrity": "sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ=="
},
"node_modules/is-regex": {
"version": "1.2.1",
"resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.2.1.tgz",
@@ -4341,6 +4632,18 @@
"dev": true,
"license": "ISC"
},
"node_modules/isomorphic-dompurify": {
"version": "2.34.0",
"resolved": "https://registry.npmjs.org/isomorphic-dompurify/-/isomorphic-dompurify-2.34.0.tgz",
"integrity": "sha512-7VeB/tDBQ8jt1+syT563hmmejY01nuwizpUIFPfM1aw3iTgLLiVP4/Nh+PKhNoa1V/H+E6ZlNcowsXLbChPCpw==",
"dependencies": {
"dompurify": "^3.3.1",
"jsdom": "^27.3.0"
},
"engines": {
"node": ">=20.19.5"
}
},
"node_modules/iterator.prototype": {
"version": "1.1.5",
"resolved": "https://registry.npmjs.org/iterator.prototype/-/iterator.prototype-1.1.5.tgz",
@@ -4367,11 +4670,10 @@
"license": "MIT"
},
"node_modules/js-yaml": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz",
"integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==",
"version": "4.1.1",
"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
"dev": true,
"license": "MIT",
"dependencies": {
"argparse": "^2.0.1"
},
@@ -4379,6 +4681,44 @@
"js-yaml": "bin/js-yaml.js"
}
},
"node_modules/jsdom": {
"version": "27.3.0",
"resolved": "https://registry.npmjs.org/jsdom/-/jsdom-27.3.0.tgz",
"integrity": "sha512-GtldT42B8+jefDUC4yUKAvsaOrH7PDHmZxZXNgF2xMmymjUbRYJvpAybZAKEmXDGTM0mCsz8duOa4vTm5AY2Kg==",
"dependencies": {
"@acemir/cssom": "^0.9.28",
"@asamuzakjp/dom-selector": "^6.7.6",
"cssstyle": "^5.3.4",
"data-urls": "^6.0.0",
"decimal.js": "^10.6.0",
"html-encoding-sniffer": "^4.0.0",
"http-proxy-agent": "^7.0.2",
"https-proxy-agent": "^7.0.6",
"is-potential-custom-element-name": "^1.0.1",
"parse5": "^8.0.0",
"saxes": "^6.0.0",
"symbol-tree": "^3.2.4",
"tough-cookie": "^6.0.0",
"w3c-xmlserializer": "^5.0.0",
"webidl-conversions": "^8.0.0",
"whatwg-encoding": "^3.1.1",
"whatwg-mimetype": "^4.0.0",
"whatwg-url": "^15.1.0",
"ws": "^8.18.3",
"xml-name-validator": "^5.0.0"
},
"engines": {
"node": "^20.19.0 || ^22.12.0 || >=24.0.0"
},
"peerDependencies": {
"canvas": "^3.0.0"
},
"peerDependenciesMeta": {
"canvas": {
"optional": true
}
}
},
"node_modules/json-buffer": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz",
@@ -4535,6 +4875,14 @@
"loose-envify": "cli.js"
}
},
"node_modules/lru-cache": {
"version": "11.2.4",
"resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.2.4.tgz",
"integrity": "sha512-B5Y16Jr9LB9dHVkh6ZevG+vAbOsNOYCX+sXvFWFu7B3Iz5mijW3zdbMyhsh8ANd2mSWBYdJgnqi+mL7/LrOPYg==",
"engines": {
"node": "20 || >=22"
}
},
"node_modules/lucide-react": {
"version": "0.544.0",
"resolved": "https://registry.npmjs.org/lucide-react/-/lucide-react-0.544.0.tgz",
@@ -4554,6 +4902,11 @@
"node": ">= 0.4"
}
},
"node_modules/mdn-data": {
"version": "2.12.2",
"resolved": "https://registry.npmjs.org/mdn-data/-/mdn-data-2.12.2.tgz",
"integrity": "sha512-IEn+pegP1aManZuckezWCO+XZQDplx1366JoVhTpMpBB1sPey/SbveZQUosKiKiGYjg1wH4pMlNgXbCiYgihQA=="
},
"node_modules/merge2": {
"version": "1.4.1",
"resolved": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz",
@@ -4650,7 +5003,6 @@
"version": "2.1.3",
"resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
"integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==",
"dev": true,
"license": "MIT"
},
"node_modules/nanoid": {
@@ -4701,12 +5053,11 @@
"license": "MIT"
},
"node_modules/next": {
"version": "15.5.3",
"resolved": "https://registry.npmjs.org/next/-/next-15.5.3.tgz",
"integrity": "sha512-r/liNAx16SQj4D+XH/oI1dlpv9tdKJ6cONYPwwcCC46f2NjpaRWY+EKCzULfgQYV6YKXjHBchff2IZBSlZmJNw==",
"license": "MIT",
"version": "15.5.7",
"resolved": "https://registry.npmjs.org/next/-/next-15.5.7.tgz",
"integrity": "sha512-+t2/0jIJ48kUpGKkdlhgkv+zPTEOoXyr60qXe68eB/pl3CMJaLeIGjzp5D6Oqt25hCBiBTt8wEeeAzfJvUKnPQ==",
"dependencies": {
"@next/env": "15.5.3",
"@next/env": "15.5.7",
"@swc/helpers": "0.5.15",
"caniuse-lite": "^1.0.30001579",
"postcss": "8.4.31",
@@ -4719,14 +5070,14 @@
"node": "^18.18.0 || ^19.8.0 || >= 20.0.0"
},
"optionalDependencies": {
"@next/swc-darwin-arm64": "15.5.3",
"@next/swc-darwin-x64": "15.5.3",
"@next/swc-linux-arm64-gnu": "15.5.3",
"@next/swc-linux-arm64-musl": "15.5.3",
"@next/swc-linux-x64-gnu": "15.5.3",
"@next/swc-linux-x64-musl": "15.5.3",
"@next/swc-win32-arm64-msvc": "15.5.3",
"@next/swc-win32-x64-msvc": "15.5.3",
"@next/swc-darwin-arm64": "15.5.7",
"@next/swc-darwin-x64": "15.5.7",
"@next/swc-linux-arm64-gnu": "15.5.7",
"@next/swc-linux-arm64-musl": "15.5.7",
"@next/swc-linux-x64-gnu": "15.5.7",
"@next/swc-linux-x64-musl": "15.5.7",
"@next/swc-win32-arm64-msvc": "15.5.7",
"@next/swc-win32-x64-msvc": "15.5.7",
"sharp": "^0.34.3"
},
"peerDependencies": {
@@ -5043,6 +5394,17 @@
"node": ">=6"
}
},
"node_modules/parse5": {
"version": "8.0.0",
"resolved": "https://registry.npmjs.org/parse5/-/parse5-8.0.0.tgz",
"integrity": "sha512-9m4m5GSgXjL4AjumKzq1Fgfp3Z8rsvjRNbnkVwfu2ImRqE5D0LnY2QfDen18FSY9C573YU5XxSapdHZTZ2WolA==",
"dependencies": {
"entities": "^6.0.0"
},
"funding": {
"url": "https://github.com/inikulin/parse5?sponsor=1"
}
},
"node_modules/path-exists": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
@@ -5092,7 +5454,6 @@
"integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
"dev": true,
"license": "MIT",
"peer": true,
"engines": {
"node": ">=12"
},
@@ -5237,7 +5598,6 @@
"version": "2.3.1",
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
"integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=6"
@@ -5293,7 +5653,6 @@
"resolved": "https://registry.npmjs.org/react/-/react-19.1.1.tgz",
"integrity": "sha512-w8nqGImo45dmMIfljjMwOGtbmC/mk4CMYhWIicdSflH91J9TyCyczcPFXJzrZ/ZXcgGRFeP6BU0BEJTw6tZdfQ==",
"license": "MIT",
"peer": true,
"engines": {
"node": ">=0.10.0"
}
@@ -5316,7 +5675,6 @@
"resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.1.1.tgz",
"integrity": "sha512-Dlq/5LAZgF0Gaz6yiqZCf6VCcZs1ghAJyrsu84Q/GT0gV+mCxbfmKNoGRKBYMJ8IEdGPqu49YWXD02GCknEDkw==",
"license": "MIT",
"peer": true,
"dependencies": {
"scheduler": "^0.26.0"
},
@@ -5451,6 +5809,14 @@
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/require-from-string": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/require-from-string/-/require-from-string-2.0.2.tgz",
"integrity": "sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==",
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/resolve": {
"version": "1.22.10",
"resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.10.tgz",
@@ -5619,12 +5985,16 @@
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/safer-buffer": {
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
},
"node_modules/sass": {
"version": "1.93.1",
"resolved": "https://registry.npmjs.org/sass/-/sass-1.93.1.tgz",
"integrity": "sha512-wLAeLB7IksO2u+cCfhHqcy7/2ZUMPp/X2oV6+LjmweTqgjhOKrkaE/Q1wljxtco5EcOcupZ4c981X0gpk5Tiag==",
"license": "MIT",
"peer": true,
"dependencies": {
"chokidar": "^4.0.0",
"immutable": "^5.0.2",
@@ -5653,6 +6023,17 @@
"node": ">=10.12.0"
}
},
"node_modules/saxes": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/saxes/-/saxes-6.0.0.tgz",
"integrity": "sha512-xAg7SOnEhrm5zI3puOOKyy1OMcMlIJZYNJY7xLBwSze0UjhPLnWfj2GF2EpT0jmzaJKIWKHLsaSSajf35bcYnA==",
"dependencies": {
"xmlchars": "^2.2.0"
},
"engines": {
"node": ">=v12.22.7"
}
},
"node_modules/scheduler": {
"version": "0.26.0",
"resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.26.0.tgz",
@@ -6184,6 +6565,11 @@
"node": ">= 4.7.0"
}
},
"node_modules/symbol-tree": {
"version": "3.2.4",
"resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz",
"integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw=="
},
"node_modules/tar-fs": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.1.tgz",
@@ -6242,6 +6628,22 @@
"url": "https://github.com/sponsors/SuperchupuDev"
}
},
"node_modules/tldts": {
"version": "7.0.19",
"resolved": "https://registry.npmjs.org/tldts/-/tldts-7.0.19.tgz",
"integrity": "sha512-8PWx8tvC4jDB39BQw1m4x8y5MH1BcQ5xHeL2n7UVFulMPH/3Q0uiamahFJ3lXA0zO2SUyRXuVVbWSDmstlt9YA==",
"dependencies": {
"tldts-core": "^7.0.19"
},
"bin": {
"tldts": "bin/cli.js"
}
},
"node_modules/tldts-core": {
"version": "7.0.19",
"resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-7.0.19.tgz",
"integrity": "sha512-lJX2dEWx0SGH4O6p+7FPwYmJ/bu1JbcGJ8RLaG9b7liIgZ85itUVEPbMtWRVrde/0fnDPEPHW10ZsKW3kVsE9A=="
},
"node_modules/to-regex-range": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
@@ -6255,6 +6657,28 @@
"node": ">=8.0"
}
},
"node_modules/tough-cookie": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-6.0.0.tgz",
"integrity": "sha512-kXuRi1mtaKMrsLUxz3sQYvVl37B0Ns6MzfrtV5DvJceE9bPyspOqk9xxv7XbZWcfLWbFmm997vl83qUWVJA64w==",
"dependencies": {
"tldts": "^7.0.5"
},
"engines": {
"node": ">=16"
}
},
"node_modules/tr46": {
"version": "6.0.0",
"resolved": "https://registry.npmjs.org/tr46/-/tr46-6.0.0.tgz",
"integrity": "sha512-bLVMLPtstlZ4iMQHpFHTR7GAGj2jxi8Dg0s2h2MafAE4uSWF98FC/3MomU51iQAMf8/qDUbKWf5GxuvvVcXEhw==",
"dependencies": {
"punycode": "^2.3.1"
},
"engines": {
"node": ">=20"
}
},
"node_modules/ts-api-utils": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.1.0.tgz",
@@ -6409,7 +6833,6 @@
"integrity": "sha512-CWBzXQrc/qOkhidw1OzBTQuYRbfyxDXJMVJ1XNwUHGROVmuaeiEm3OslpZ1RV96d7SKKjZKrSJu3+t/xlw3R9A==",
"dev": true,
"license": "Apache-2.0",
"peer": true,
"bin": {
"tsc": "bin/tsc",
"tsserver": "bin/tsserver"
@@ -6501,6 +6924,56 @@
"integrity": "sha512-hPB1XUsnh+SIeVSW2beb5RnuFxz4ZNgxjGD78o52F49gS4xaoLeEMh9qrQnJrnEn/vjjBI7IlxrrXmz4tGV0Kw==",
"license": "MIT"
},
"node_modules/w3c-xmlserializer": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-5.0.0.tgz",
"integrity": "sha512-o8qghlI8NZHU1lLPrpi2+Uq7abh4GGPpYANlalzWxyWteJOCsr/P+oPBA49TOLu5FTZO4d3F9MnWJfiMo4BkmA==",
"dependencies": {
"xml-name-validator": "^5.0.0"
},
"engines": {
"node": ">=18"
}
},
"node_modules/webidl-conversions": {
"version": "8.0.0",
"resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-8.0.0.tgz",
"integrity": "sha512-n4W4YFyz5JzOfQeA8oN7dUYpR+MBP3PIUsn2jLjWXwK5ASUzt0Jc/A5sAUZoCYFJRGF0FBKJ+1JjN43rNdsQzA==",
"engines": {
"node": ">=20"
}
},
"node_modules/whatwg-encoding": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-3.1.1.tgz",
"integrity": "sha512-6qN4hJdMwfYBtE3YBTTHhoeuUrDBPZmbQaxWAqSALV/MeEnR5z1xd8UKud2RAkFoPkmB+hli1TZSnyi84xz1vQ==",
"dependencies": {
"iconv-lite": "0.6.3"
},
"engines": {
"node": ">=18"
}
},
"node_modules/whatwg-mimetype": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-4.0.0.tgz",
"integrity": "sha512-QaKxh0eNIi2mE9p2vEdzfagOKHCcj1pJ56EEHGQOVxp8r9/iszLUUV7v89x9O1p/T+NlTM5W7jW6+cz4Fq1YVg==",
"engines": {
"node": ">=18"
}
},
"node_modules/whatwg-url": {
"version": "15.1.0",
"resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-15.1.0.tgz",
"integrity": "sha512-2ytDk0kiEj/yu90JOAp44PVPUkO9+jVhyf+SybKlRHSDlvOOZhdPIrr7xTH64l4WixO2cP+wQIcgujkGBPPz6g==",
"dependencies": {
"tr46": "^6.0.0",
"webidl-conversions": "^8.0.0"
},
"engines": {
"node": ">=20"
}
},
"node_modules/which": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
@@ -6622,6 +7095,39 @@
"integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==",
"license": "ISC"
},
"node_modules/ws": {
"version": "8.18.3",
"resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz",
"integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==",
"engines": {
"node": ">=10.0.0"
},
"peerDependencies": {
"bufferutil": "^4.0.1",
"utf-8-validate": ">=5.0.2"
},
"peerDependenciesMeta": {
"bufferutil": {
"optional": true
},
"utf-8-validate": {
"optional": true
}
}
},
"node_modules/xml-name-validator": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-5.0.0.tgz",
"integrity": "sha512-EvGK8EJ3DhaHfbRlETOWAS5pO9MZITeauHKJyb8wyajUfQUenkIg2MvLDTZ4T/TgIcm3HU0TFBgWWboAZ30UHg==",
"engines": {
"node": ">=18"
}
},
"node_modules/xmlchars": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz",
"integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw=="
},
"node_modules/yet-another-react-lightbox": {
"version": "3.25.0",
"resolved": "https://registry.npmjs.org/yet-another-react-lightbox/-/yet-another-react-lightbox-3.25.0.tgz",

9
frontEnd/package.json
View File

@@ -6,11 +6,16 @@
"dev": "next dev",
"build": "next build",
"start": "next start",
"lint": "next lint"
"lint": "next lint",
"security:audit": "npm audit --audit-level=moderate",
"security:fix": "npm audit fix",
"security:check": "npm audit && npm outdated",
"security:scan": "npm audit --json > security-audit.json && echo 'Security audit saved to security-audit.json'"
},
"dependencies": {
"framer-motion": "^12.23.16",
"gsap": "^3.12.2",
"isomorphic-dompurify": "^2.34.0",
"lenis": "^1.3.11",
"lucide-react": "^0.544.0",
"next": "^15.5.3",
@@ -29,10 +34,12 @@
"yet-another-react-lightbox": "^3.15.2"
},
"devDependencies": {
"@types/dompurify": "^3.0.5",
"@types/node": "^20",
"@types/react": "^19.1.13",
"@types/react-dom": "^19.1.9",
"@types/react-modal-video": "^1.2.3",
"dompurify": "^3.3.1",
"eslint": "^8",
"eslint-config-next": "^15.5.3",
"sass-migrator": "^2.4.2",

300
frontEnd/public/styles/components/_forms.scss
View File

@@ -208,6 +208,285 @@
appearance: none;
}
// Math Captcha Styles - Luxury Design
&.captcha-container {
margin-top: var(--space-6);
margin-bottom: var(--space-6);
position: relative;
&::before {
content: '';
position: absolute;
top: -2px;
left: -2px;
right: -2px;
bottom: -2px;
background: linear-gradient(135deg, #daa520, #d4af37, #ffd700, #daa520);
border-radius: var(--radius-xl);
opacity: 0;
transition: opacity 0.3s ease;
z-index: -1;
}
&:focus-within::before {
opacity: 0.3;
}
label {
font-size: var(--text-sm);
font-weight: var(--font-weight-semibold);
color: var(--secondary-700);
margin-bottom: var(--space-3);
display: flex;
align-items: center;
gap: var(--space-2);
&::before {
content: '🔒';
font-size: var(--text-base);
}
.captcha-hint {
font-size: var(--text-xs);
font-weight: var(--font-weight-normal);
color: var(--secondary-500);
margin-left: auto;
font-style: italic;
}
}
.captcha-wrapper {
display: flex;
flex-direction: column;
gap: var(--space-4);
}
.captcha-question {
display: flex;
align-items: center;
justify-content: space-between;
gap: var(--space-4);
padding: var(--space-5) var(--space-6);
background: linear-gradient(135deg, #ffffff 0%, #f8fafc 50%, #ffffff 100%);
border: 2px solid transparent;
background-clip: padding-box;
border-radius: var(--radius-xl);
box-shadow:
0 4px 20px rgba(0, 0, 0, 0.08),
0 1px 3px rgba(0, 0, 0, 0.05),
inset 0 1px 0 rgba(255, 255, 255, 0.9);
position: relative;
overflow: hidden;
transition: all 0.3s cubic-bezier(0.4, 0, 0.2, 1);
&::before {
content: '';
position: absolute;
top: 0;
left: 0;
right: 0;
height: 3px;
background: linear-gradient(90deg, #daa520, #d4af37, #ffd700, #d4af37, #daa520);
background-size: 200% 100%;
animation: shimmer 3s infinite;
}
&::after {
content: '';
position: absolute;
top: 0;
left: -100%;
width: 100%;
height: 100%;
background: linear-gradient(90deg, transparent, rgba(255, 255, 255, 0.4), transparent);
transition: left 0.5s ease;
}
&:hover {
transform: translateY(-2px);
box-shadow:
0 8px 30px rgba(218, 165, 32, 0.15),
0 4px 12px rgba(0, 0, 0, 0.1),
inset 0 1px 0 rgba(255, 255, 255, 0.9);
border-color: rgba(218, 165, 32, 0.3);
&::after {
left: 100%;
}
}
.captcha-numbers {
font-size: var(--text-2xl);
font-weight: var(--font-weight-bold);
background: linear-gradient(135deg, #1e293b 0%, #334155 100%);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
background-clip: text;
font-family: 'Georgia', 'Times New Roman', serif;
letter-spacing: 3px;
user-select: none;
position: relative;
padding: var(--space-2) var(--space-4);
border-radius: var(--radius-md);
background-color: rgba(248, 250, 252, 0.8);
box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.06);
&::before {
content: '';
position: absolute;
inset: 0;
border-radius: var(--radius-md);
padding: 1px;
background: linear-gradient(135deg, rgba(218, 165, 32, 0.3), rgba(212, 175, 55, 0.1));
-webkit-mask: linear-gradient(#fff 0 0) content-box, linear-gradient(#fff 0 0);
-webkit-mask-composite: xor;
mask-composite: exclude;
}
}
.captcha-refresh {
background: linear-gradient(135deg, #ffffff 0%, #f8fafc 100%);
border: 2px solid rgba(218, 165, 32, 0.3);
border-radius: var(--radius-lg);
padding: var(--space-3);
color: #daa520;
cursor: pointer;
transition: all 0.3s cubic-bezier(0.4, 0, 0.2, 1);
display: flex;
align-items: center;
justify-content: center;
min-width: 44px;
height: 44px;
box-shadow:
0 2px 8px rgba(218, 165, 32, 0.15),
inset 0 1px 0 rgba(255, 255, 255, 0.9);
position: relative;
overflow: hidden;
&::before {
content: '';
position: absolute;
inset: 0;
background: linear-gradient(135deg, #daa520, #d4af37);
opacity: 0;
transition: opacity 0.3s ease;
}
i {
font-size: var(--text-lg);
position: relative;
z-index: 1;
transition: transform 0.3s ease;
}
&:hover {
background: linear-gradient(135deg, #daa520, #d4af37);
border-color: #daa520;
color: #ffffff;
transform: rotate(180deg) scale(1.05);
box-shadow:
0 4px 16px rgba(218, 165, 32, 0.4),
0 2px 8px rgba(218, 165, 32, 0.2),
inset 0 1px 0 rgba(255, 255, 255, 0.3);
&::before {
opacity: 1;
}
i {
color: #ffffff;
transform: scale(1.1);
}
}
&:active {
transform: rotate(180deg) scale(0.98);
box-shadow:
0 2px 8px rgba(218, 165, 32, 0.3),
inset 0 2px 4px rgba(0, 0, 0, 0.1);
}
&:focus {
outline: none;
box-shadow:
0 0 0 4px rgba(218, 165, 32, 0.2),
0 4px 16px rgba(218, 165, 32, 0.3);
}
}
}
input[type="number"] {
width: 100%;
padding: var(--space-5) var(--space-6);
font-size: var(--text-2xl);
font-weight: var(--font-weight-bold);
text-align: center;
letter-spacing: 2px;
background: linear-gradient(135deg, #ffffff 0%, #f8fafc 100%);
border: 2px solid rgba(218, 165, 32, 0.2);
border-radius: var(--radius-xl);
color: var(--secondary-800);
box-shadow:
0 4px 12px rgba(0, 0, 0, 0.08),
inset 0 2px 4px rgba(0, 0, 0, 0.04);
transition: all 0.3s cubic-bezier(0.4, 0, 0.2, 1);
position: relative;
&::placeholder {
color: var(--secondary-400);
font-weight: var(--font-weight-normal);
letter-spacing: 1px;
}
&:focus {
outline: none;
border-color: #daa520;
box-shadow:
0 0 0 4px rgba(218, 165, 32, 0.15),
0 6px 20px rgba(218, 165, 32, 0.2),
inset 0 2px 4px rgba(0, 0, 0, 0.04);
transform: translateY(-1px);
background: linear-gradient(135deg, #ffffff 0%, #ffffff 100%);
}
&:hover:not(:focus) {
border-color: rgba(218, 165, 32, 0.4);
box-shadow:
0 6px 16px rgba(0, 0, 0, 0.1),
inset 0 2px 4px rgba(0, 0, 0, 0.04);
}
&::-webkit-inner-spin-button,
&::-webkit-outer-spin-button {
opacity: 1;
height: auto;
width: 20px;
cursor: pointer;
}
}
.captcha-error {
display: flex;
align-items: center;
gap: var(--space-2);
color: var(--error);
font-size: var(--text-sm);
font-weight: var(--font-weight-semibold);
margin-top: var(--space-2);
padding: var(--space-3) var(--space-4);
background: linear-gradient(135deg, rgba(239, 68, 68, 0.1) 0%, rgba(239, 68, 68, 0.05) 100%);
border: 1px solid rgba(239, 68, 68, 0.3);
border-radius: var(--radius-lg);
box-shadow: 0 2px 8px rgba(239, 68, 68, 0.1);
animation: shake 0.3s ease-in-out;
i {
font-size: var(--text-base);
color: var(--error);
}
}
}
// Input validation states
&.has-error {
input, textarea, select {
@@ -247,6 +526,27 @@
}
}
@keyframes shake {
0%, 100% {
transform: translateX(0);
}
25% {
transform: translateX(-5px);
}
75% {
transform: translateX(5px);
}
}
@keyframes shimmer {
0% {
background-position: -200% 0;
}
100% {
background-position: 200% 0;
}
}
// Enhanced checkbox styling
.checkbox-group {
display: flex;

192
frontEnd/scripts/security-scan.sh Executable file
View File

@@ -0,0 +1,192 @@
#!/bin/bash
# Frontend Security Scanning Script
# Scans for security vulnerabilities, malware, and suspicious patterns
set -e
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
FRONTEND_DIR="$( cd "$SCRIPT_DIR/.." && pwd )"
echo -e "${BLUE}=========================================="
echo "Frontend Security Scan"
echo "==========================================${NC}"
echo ""
# Check if running from correct directory
if [ ! -f "$FRONTEND_DIR/package.json" ]; then
echo -e "${RED}Error: package.json not found. Run from frontend directory.${NC}"
exit 1
fi
cd "$FRONTEND_DIR"
# 1. Check for postinstall scripts
echo -e "${BLUE}[1/8] Checking for postinstall scripts...${NC}"
if grep -q '"postinstall"' package.json; then
echo -e "${RED}⚠️ WARNING: postinstall script found in package.json${NC}"
grep -A 5 '"postinstall"' package.json
else
echo -e "${GREEN}✅ No postinstall scripts found${NC}"
fi
echo ""
# 2. Check for suspicious scripts (curl, wget, sh execution)
echo -e "${BLUE}[2/8] Scanning for suspicious script executions...${NC}"
SUSPICIOUS_FOUND=0
# Check TypeScript/JavaScript files (exclude false positives)
if grep -r -E "(curl|wget|exec\(|spawn|child_process|\.sh|bash |sh )" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" . 2>/dev/null | \
grep -v "node_modules" | \
grep -v ".next" | \
grep -v "security-scan.sh" | \
grep -v "start-services.sh" | \
grep -v "deploy.sh" | \
grep -v "short_description" | \
grep -v "Refresh" | \
grep -v "showSettings" | \
grep -v "showBanner" | \
grep -v "refresh" | \
grep -v "Service not found"; then
echo -e "${YELLOW}⚠️ Found potential script execution patterns (review manually)${NC}"
SUSPICIOUS_FOUND=1
else
echo -e "${GREEN}✅ No suspicious script executions found${NC}"
fi
echo ""
# 3. Check for dangerous patterns (eval, Function, innerHTML)
echo -e "${BLUE}[3/8] Scanning for dangerous code patterns...${NC}"
DANGEROUS_FOUND=0
# Check for dangerous patterns (exclude safe uses)
if grep -r -E "(eval\(|Function\(|\.innerHTML\s*=|dangerouslySetInnerHTML)" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" . 2>/dev/null | \
grep -v "node_modules" | \
grep -v ".next" | \
grep -v "sanitize" | \
grep -v "lib/security" | \
grep -v "JSON.stringify" | \
grep -v "StructuredData" | \
grep -v "app/layout.tsx.*scrollRestoration" | \
grep -v "app/layout.tsx.*DOMContentLoaded"; then
echo -e "${YELLOW}⚠️ Found dangerous patterns (should use sanitization)${NC}"
DANGEROUS_FOUND=1
else
echo -e "${GREEN}✅ No unsanitized dangerous patterns found${NC}"
fi
echo ""
# 4. Check for exposed secrets
echo -e "${BLUE}[4/8] Scanning for exposed secrets...${NC}"
SECRETS_FOUND=0
# Check for API keys, passwords, tokens
if grep -r -E "(api[_-]?key|secret[_-]?key|password|token|private[_-]?key)" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" -i . 2>/dev/null | grep -v "node_modules" | grep -v ".next" | grep -v "NEXT_PUBLIC_" | grep -v "process.env" | grep -v "INTERNAL_API_KEY" | grep -v "lib/config" | grep -v "SECURITY_AUDIT"; then
echo -e "${YELLOW}⚠️ Potential secrets found (review manually)${NC}"
SECRETS_FOUND=1
else
echo -e "${GREEN}✅ No exposed secrets found${NC}"
fi
echo ""
# 5. Run npm audit
echo -e "${BLUE}[5/8] Running npm audit...${NC}"
if npm audit --audit-level=moderate 2>/dev/null; then
echo -e "${GREEN}✅ No critical vulnerabilities found${NC}"
else
echo -e "${YELLOW}⚠️ Vulnerabilities found. Run 'npm audit fix' to fix automatically.${NC}"
fi
echo ""
# 6. Check for outdated packages
echo -e "${BLUE}[6/8] Checking for outdated packages...${NC}"
OUTDATED=$(npm outdated 2>/dev/null | wc -l)
if [ "$OUTDATED" -gt 1 ]; then
echo -e "${YELLOW}⚠️ Found $((OUTDATED - 1)) outdated packages${NC}"
npm outdated 2>/dev/null | head -10
else
echo -e "${GREEN}✅ All packages are up to date${NC}"
fi
echo ""
# 7. Check .env files are not committed
echo -e "${BLUE}[7/8] Checking .env file security...${NC}"
if [ -f ".env" ] && git ls-files --error-unmatch .env >/dev/null 2>&1; then
echo -e "${RED}⚠️ WARNING: .env file is tracked in git!${NC}"
else
echo -e "${GREEN}✅ .env files are not tracked in git${NC}"
fi
echo ""
# 8. Check for malware patterns (basic scan)
echo -e "${BLUE}[8/8] Scanning for malware patterns...${NC}"
MALWARE_PATTERNS=(
"base64_decode"
"eval(base64"
"gzinflate"
"str_rot13"
"preg_replace.*\/e"
"assert.*eval"
"system\("
"shell_exec\("
"passthru\("
"proc_open\("
)
MALWARE_FOUND=0
for pattern in "${MALWARE_PATTERNS[@]}"; do
# Exclude security config file (it contains patterns we check FOR, not actual malware)
if grep -r -E "$pattern" --include="*.ts" --include="*.tsx" --include="*.js" --include="*.jsx" . 2>/dev/null | \
grep -v "node_modules" | \
grep -v ".next" | \
grep -v "lib/security/config.ts" | \
grep -v "SUSPICIOUS_PATTERNS"; then
echo -e "${RED}⚠️ WARNING: Potential malware pattern found: $pattern${NC}"
MALWARE_FOUND=1
fi
done
if [ $MALWARE_FOUND -eq 0 ]; then
echo -e "${GREEN}✅ No malware patterns detected${NC}"
fi
echo ""
# Summary
echo -e "${BLUE}=========================================="
echo "Security Scan Summary"
echo "==========================================${NC}"
ISSUES=0
if [ $SUSPICIOUS_FOUND -eq 1 ]; then
echo -e "${YELLOW}⚠️ Suspicious patterns found${NC}"
ISSUES=$((ISSUES + 1))
fi
if [ $DANGEROUS_FOUND -eq 1 ]; then
echo -e "${YELLOW}⚠️ Dangerous code patterns found${NC}"
ISSUES=$((ISSUES + 1))
fi
if [ $SECRETS_FOUND -eq 1 ]; then
echo -e "${YELLOW}⚠️ Potential secrets found${NC}"
ISSUES=$((ISSUES + 1))
fi
if [ $MALWARE_FOUND -eq 1 ]; then
echo -e "${RED}⚠️ Malware patterns detected${NC}"
ISSUES=$((ISSUES + 1))
fi
if [ $ISSUES -eq 0 ]; then
echo -e "${GREEN}✅ Security scan completed. No critical issues found.${NC}"
exit 0
else
echo -e "${YELLOW}⚠️ Security scan completed with $ISSUES issue(s) found.${NC}"
echo -e "${YELLOW}Please review the warnings above.${NC}"
exit 1
fi

139
frontEnd/seccheck.sh Executable file
View File

@@ -0,0 +1,139 @@
# Commands to Verify New Code is Loaded
## 1. Check PM2 Logs (Most Important)
```bash
# View recent logs
pm2 logs gnxsoft-frontend --lines 50
# Follow logs in real-time
pm2 logs gnxsoft-frontend
# Check for errors
pm2 logs gnxsoft-frontend --err --lines 100
```
## 2. Check Build Timestamp
```bash
# Check when .next directory was last modified
ls -ld /var/www/GNX-WEB/frontEnd/.next
# Check build info
cat /var/www/GNX-WEB/frontEnd/.next/BUILD_ID 2>/dev/null || echo "No BUILD_ID found"
# Check standalone build timestamp
ls -lh /var/www/GNX-WEB/frontEnd/.next/standalone/server.js 2>/dev/null || echo "Standalone not found"
```
## 3. Check if New Files Exist
```bash
# Check security files
ls -la /var/www/GNX-WEB/frontEnd/middleware.ts
ls -la /var/www/GNX-WEB/frontEnd/lib/security/sanitize.ts
ls -la /var/www/GNX-WEB/frontEnd/app/policy/layout.tsx
ls -la /var/www/GNX-WEB/frontEnd/app/support-center/layout.tsx
# Check package.json for new dependencies
grep -A 2 "isomorphic-dompurify" /var/www/GNX-WEB/frontEnd/package.json
```
## 4. Check Node Modules (New Dependencies)
```bash
# Check if new packages are installed
ls -la /var/www/GNX-WEB/frontEnd/node_modules/isomorphic-dompurify 2>/dev/null && echo "✅ isomorphic-dompurify installed" || echo "❌ Not installed"
ls -la /var/www/GNX-WEB/frontEnd/node_modules/dompurify 2>/dev/null && echo "✅ dompurify installed" || echo "❌ Not installed"
```
## 5. Test the Website
```bash
# Test homepage
curl -I http://localhost:1087
# Test policy page (should work now)
curl -I http://localhost:1087/policy
# Test support-center page
curl -I http://localhost:1087/support-center
# Check if middleware is active (should see security headers)
curl -I http://localhost:1087 | grep -i "x-content-type-options\|x-frame-options"
```
## 6. Check PM2 Process Info
```bash
# Check process details
pm2 describe gnxsoft-frontend
# Check process uptime (should be recent if just restarted)
pm2 list
# Check if process is using new code
pm2 show gnxsoft-frontend
```
## 7. Verify Security Middleware is Active
```bash
# Test a request and check for security headers
curl -v http://localhost:1087 2>&1 | grep -i "x-content-type-options\|x-frame-options\|content-security-policy"
# Test from external (if server is accessible)
curl -I https://gnxsoft.com | grep -i "x-content-type-options"
```
## 8. Check Application Version/Code
```bash
# Check if middleware.ts has the latest code
head -20 /var/www/GNX-WEB/frontEnd/middleware.ts
# Check if sanitize.ts exists and has content
wc -l /var/www/GNX-WEB/frontEnd/lib/security/sanitize.ts
# Check package.json version
grep '"version"' /var/www/GNX-WEB/frontEnd/package.json
```
## 9. Quick Verification Script
```bash
cd /var/www/GNX-WEB/frontEnd
echo "=== Deployment Verification ==="
echo ""
echo "1. Build timestamp:"
ls -ld .next 2>/dev/null | awk '{print $6, $7, $8}'
echo ""
echo "2. Security files:"
[ -f middleware.ts ] && echo "✅ middleware.ts exists" || echo "❌ middleware.ts missing"
[ -f lib/security/sanitize.ts ] && echo "✅ sanitize.ts exists" || echo "❌ sanitize.ts missing"
[ -f app/policy/layout.tsx ] && echo "✅ policy/layout.tsx exists" || echo "❌ policy/layout.tsx missing"
echo ""
echo "3. Dependencies:"
[ -d node_modules/isomorphic-dompurify ] && echo "✅ isomorphic-dompurify installed" || echo "❌ Not installed"
echo ""
echo "4. PM2 Status:"
pm2 list | grep gnxsoft-frontend
echo ""
echo "5. Recent logs (last 5 lines):"
pm2 logs gnxsoft-frontend --lines 5 --nostream
```
## 10. Check for Specific Code Changes
```bash
# Check if policy page has the new structure
grep -A 5 "PolicyContentWithParams" /var/www/GNX-WEB/frontEnd/app/policy/page.tsx
# Check if sanitizeHTML is being used
grep -r "sanitizeHTML" /var/www/GNX-WEB/frontEnd/app/policy/page.tsx
grep -r "sanitizeHTML" /var/www/GNX-WEB/frontEnd/components/pages/blog/BlogSingle.tsx
```
## Most Reliable Check:
```bash
# 1. Check PM2 logs for startup messages
pm2 logs gnxsoft-frontend --lines 20 --nostream
# 2. Test the website directly
curl -I http://localhost:1087/policy
# 3. Check if new security headers are present
curl -I http://localhost:1087 2>&1 | head -20
```

148
frontEnd/test.sh Executable file
View File

@@ -0,0 +1,148 @@
#!/bin/bash
# Script to test backend API endpoints
# This helps diagnose if the backend is the problem
echo "=========================================="
echo "Backend API Diagnostic Test"
echo "=========================================="
echo ""
# Colors
GREEN='\033[0;32m'
RED='\033[0;31m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# Configuration
BACKEND_URL="http://127.0.0.1:1086"
API_KEY="9hZtPwyScigoBAl59Uvcz_9VztSRC6Zt_6L1B2xTM2M"
echo -e "${YELLOW}Testing Backend API at: ${BACKEND_URL}${NC}"
echo ""
# Test 1: Check if backend is running
echo -e "${YELLOW}[Test 1] Checking if backend is running...${NC}"
if curl -s -o /dev/null -w "%{http_code}" "${BACKEND_URL}/api/services/" | grep -q "200\|403\|401"; then
echo -e "${GREEN}✓ Backend is responding${NC}"
else
echo -e "${RED}✗ Backend is not responding or not accessible${NC}"
echo " Make sure the backend is running on port 1086"
exit 1
fi
echo ""
# Test 2: Test services list endpoint (without API key - should fail in production)
echo -e "${YELLOW}[Test 2] Testing services list endpoint WITHOUT API key...${NC}"
response=$(curl -s -w "\n%{http_code}" "${BACKEND_URL}/api/services/")
http_code=$(echo "$response" | tail -n1)
body=$(echo "$response" | sed '$d')
if [ "$http_code" = "200" ]; then
echo -e "${GREEN}✓ Services list accessible (DEBUG mode or security disabled)${NC}"
service_count=$(echo "$body" | grep -o '"count"' | wc -l || echo "0")
echo " Response preview: ${body:0:200}..."
elif [ "$http_code" = "403" ]; then
echo -e "${YELLOW}⚠ Services list blocked (403) - API key required${NC}"
echo " This is expected in production mode"
else
echo -e "${RED}✗ Unexpected response: HTTP ${http_code}${NC}"
echo " Response: ${body:0:200}"
fi
echo ""
# Test 3: Test services list endpoint (with API key)
echo -e "${YELLOW}[Test 3] Testing services list endpoint WITH API key...${NC}"
response=$(curl -s -w "\n%{http_code}" \
-H "X-Internal-API-Key: ${API_KEY}" \
"${BACKEND_URL}/api/services/")
http_code=$(echo "$response" | tail -n1)
body=$(echo "$response" | sed '$d')
if [ "$http_code" = "200" ]; then
echo -e "${GREEN}✓ Services list accessible with API key${NC}"
# Try to extract service count
if echo "$body" | grep -q '"count"'; then
count=$(echo "$body" | grep -o '"count":[0-9]*' | grep -o '[0-9]*' | head -1)
echo " Found ${count} services"
fi
# Extract service slugs
slugs=$(echo "$body" | grep -o '"slug":"[^"]*"' | sed 's/"slug":"\([^"]*\)"/\1/' | head -5)
if [ -n "$slugs" ]; then
echo " Sample service slugs:"
echo "$slugs" | while read slug; do
echo " - $slug"
done
fi
else
echo -e "${RED}✗ Services list failed: HTTP ${http_code}${NC}"
echo " Response: ${body:0:300}"
echo ""
echo -e "${YELLOW}⚠ API key might not match between nginx and Django .env${NC}"
fi
echo ""
# Test 4: Test specific service endpoint
echo -e "${YELLOW}[Test 4] Testing specific service endpoint...${NC}"
test_slug="enterprise-backend-development-services"
response=$(curl -s -w "\n%{http_code}" \
-H "X-Internal-API-Key: ${API_KEY}" \
"${BACKEND_URL}/api/services/${test_slug}/")
http_code=$(echo "$response" | tail -n1)
body=$(echo "$response" | sed '$d')
if [ "$http_code" = "200" ]; then
echo -e "${GREEN}✓ Service '${test_slug}' found${NC}"
title=$(echo "$body" | grep -o '"title":"[^"]*"' | head -1 | sed 's/"title":"\([^"]*\)"/\1/')
if [ -n "$title" ]; then
echo " Title: $title"
fi
elif [ "$http_code" = "404" ]; then
echo -e "${RED}✗ Service '${test_slug}' not found (404)${NC}"
echo " This service might not exist in the database"
echo " Check Django admin or run: python manage.py shell"
echo " Then: Service.objects.filter(slug__icontains='backend').values('slug', 'title', 'is_active')"
else
echo -e "${RED}✗ Unexpected response: HTTP ${http_code}${NC}"
echo " Response: ${body:0:300}"
fi
echo ""
# Test 5: List all service slugs
echo -e "${YELLOW}[Test 5] Listing all available service slugs...${NC}"
response=$(curl -s \
-H "X-Internal-API-Key: ${API_KEY}" \
"${BACKEND_URL}/api/services/")
if echo "$response" | grep -q '"slug"'; then
echo -e "${GREEN}Available service slugs:${NC}"
echo "$response" | grep -o '"slug":"[^"]*"' | sed 's/"slug":"\([^"]*\)"/ - \1/' | head -10
total=$(echo "$response" | grep -o '"slug":"[^"]*"' | wc -l)
echo ""
echo " Total services found: $total"
else
echo -e "${RED}✗ Could not extract service slugs${NC}"
echo " Response: ${response:0:200}"
fi
echo ""
# Summary
echo "=========================================="
echo "Summary"
echo "=========================================="
echo ""
echo "If you see 403 errors, check:"
echo " 1. INTERNAL_API_KEY in backEnd/.env matches nginx config"
echo " 2. Backend is running in production mode (DEBUG=False)"
echo ""
echo "If you see 404 errors for services:"
echo " 1. Services might not exist in the database"
echo " 2. Service slugs might not match"
echo " 3. Services might be marked as is_active=False"
echo ""
echo "To check services in database:"
echo " python manage.py shell"
echo " >>> from services.models import Service"
echo " >>> Service.objects.filter(is_active=True).values('slug', 'title')"
echo ""

89
nginx-gnxsoft.conf
View File

@@ -11,11 +11,14 @@
# 3. Database: PostgreSQL on host (port 5433 to avoid conflict with Docker instance on 5432)
# 4. Use install-postgresql.sh to install and configure PostgreSQL
# 5. Use start-services.sh to start both backend and frontend services
<<<<<<< HEAD
=======
#
# NOTE: Rate limiting zones must be defined in the main nginx.conf http context
# Add these lines to /etc/nginx/nginx.conf inside the http {} block:
# limit_req_zone $binary_remote_addr zone=api_limit:10m rate=10r/s;
# limit_req_zone $binary_remote_addr zone=general_limit:10m rate=100r/s;
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
# Frontend - Public facing (Next.js Production Server on port 1087)
upstream frontend {
@@ -241,6 +244,84 @@ server {
proxy_read_timeout 60s;
}
<<<<<<< HEAD
# API Proxy - Frontend talks to backend ONLY through this internal proxy
# Backend port 1086 is BLOCKED from internet by firewall
location /api/ {
limit_req zone=api_limit burst=20 nodelay;
# Internal proxy to backend (127.0.0.1:1086)
# Backend is NOT accessible from public internet
proxy_pass http://backend_internal/api/;
proxy_http_version 1.1;
# Add internal API key (must match INTERNAL_API_KEY in Django .env)
# Update this value with your actual API key from .env file
set $api_key "PLACEHOLDER_INTERNAL_API_KEY";
proxy_set_header X-Internal-API-Key $api_key;
# Backend sees request as coming from localhost
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
# Hide backend server info
proxy_hide_header X-Powered-By;
proxy_hide_header Server;
# Timeouts
proxy_connect_timeout 30s;
proxy_send_timeout 30s;
proxy_read_timeout 30s;
# CORS headers (if needed)
add_header Access-Control-Allow-Origin "https://gnxsoft.com" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
add_header Access-Control-Allow-Headers "Authorization, Content-Type, X-Internal-API-Key" always;
add_header Access-Control-Allow-Credentials "true" always;
# Handle preflight requests
if ($request_method = 'OPTIONS') {
return 204;
}
}
# Media files (served by nginx directly for better performance)
# Update path to match your actual deployment location
location /media/ {
alias /home/gnx/Desktop/GNX-WEB/backEnd/media/;
expires 30d;
add_header Cache-Control "public, immutable";
access_log off;
# Security
location ~ \.(php|py|pl|sh)$ {
deny all;
}
}
# Static files (served by nginx directly)
# Update path to match your actual deployment location
location /static/ {
alias /home/gnx/Desktop/GNX-WEB/backEnd/staticfiles/;
expires 1y;
add_header Cache-Control "public, immutable";
access_log off;
}
# Next.js static files
location /_next/static/ {
proxy_pass http://frontend;
expires 1y;
add_header Cache-Control "public, immutable";
access_log off;
}
=======
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
# Deny access to hidden files
location ~ /\. {
deny all;
@@ -252,7 +333,11 @@ server {
location /admin/ {
# IP restriction is handled by Django middleware
# Add internal API key (must match INTERNAL_API_KEY in Django .env)
<<<<<<< HEAD
set $api_key "PLACEHOLDER_INTERNAL_API_KEY";
=======
set $api_key "9hZtPwyScigoBAl59Uvcz_9VztSRC6Zt_6L1B2xTM2M";
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
proxy_set_header X-Internal-API-Key $api_key;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@@ -288,6 +373,10 @@ server {
# 5. Public internet can ONLY access nginx (ports 80, 443)
# 6. All API calls go through nginx proxy (/api/* → 127.0.0.1:1086/api/*)
# 7. Backend IP whitelist middleware ensures only localhost requests
<<<<<<< HEAD
# 8. Update PLACEHOLDER_INTERNAL_API_KEY with actual key from Django .env
=======
# 8. Rate limiting zones must be added to /etc/nginx/nginx.conf http {} block
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
# 9. PostgreSQL runs on port 5433 (to avoid conflict with Docker on 5432)
# ==============================================================================

139
seccheck.sh Executable file
View File

@@ -0,0 +1,139 @@
# Commands to Verify New Code is Loaded
## 1. Check PM2 Logs (Most Important)
```bash
# View recent logs
pm2 logs gnxsoft-frontend --lines 50
# Follow logs in real-time
pm2 logs gnxsoft-frontend
# Check for errors
pm2 logs gnxsoft-frontend --err --lines 100
```
## 2. Check Build Timestamp
```bash
# Check when .next directory was last modified
ls -ld /var/www/GNX-WEB/frontEnd/.next
# Check build info
cat /var/www/GNX-WEB/frontEnd/.next/BUILD_ID 2>/dev/null || echo "No BUILD_ID found"
# Check standalone build timestamp
ls -lh /var/www/GNX-WEB/frontEnd/.next/standalone/server.js 2>/dev/null || echo "Standalone not found"
```
## 3. Check if New Files Exist
```bash
# Check security files
ls -la /var/www/GNX-WEB/frontEnd/middleware.ts
ls -la /var/www/GNX-WEB/frontEnd/lib/security/sanitize.ts
ls -la /var/www/GNX-WEB/frontEnd/app/policy/layout.tsx
ls -la /var/www/GNX-WEB/frontEnd/app/support-center/layout.tsx
# Check package.json for new dependencies
grep -A 2 "isomorphic-dompurify" /var/www/GNX-WEB/frontEnd/package.json
```
## 4. Check Node Modules (New Dependencies)
```bash
# Check if new packages are installed
ls -la /var/www/GNX-WEB/frontEnd/node_modules/isomorphic-dompurify 2>/dev/null && echo "✅ isomorphic-dompurify installed" || echo "❌ Not installed"
ls -la /var/www/GNX-WEB/frontEnd/node_modules/dompurify 2>/dev/null && echo "✅ dompurify installed" || echo "❌ Not installed"
```
## 5. Test the Website
```bash
# Test homepage
curl -I http://localhost:1087
# Test policy page (should work now)
curl -I http://localhost:1087/policy
# Test support-center page
curl -I http://localhost:1087/support-center
# Check if middleware is active (should see security headers)
curl -I http://localhost:1087 | grep -i "x-content-type-options\|x-frame-options"
```
## 6. Check PM2 Process Info
```bash
# Check process details
pm2 describe gnxsoft-frontend
# Check process uptime (should be recent if just restarted)
pm2 list
# Check if process is using new code
pm2 show gnxsoft-frontend
```
## 7. Verify Security Middleware is Active
```bash
# Test a request and check for security headers
curl -v http://localhost:1087 2>&1 | grep -i "x-content-type-options\|x-frame-options\|content-security-policy"
# Test from external (if server is accessible)
curl -I https://gnxsoft.com | grep -i "x-content-type-options"
```
## 8. Check Application Version/Code
```bash
# Check if middleware.ts has the latest code
head -20 /var/www/GNX-WEB/frontEnd/middleware.ts
# Check if sanitize.ts exists and has content
wc -l /var/www/GNX-WEB/frontEnd/lib/security/sanitize.ts
# Check package.json version
grep '"version"' /var/www/GNX-WEB/frontEnd/package.json
```
## 9. Quick Verification Script
```bash
cd /var/www/GNX-WEB/frontEnd
echo "=== Deployment Verification ==="
echo ""
echo "1. Build timestamp:"
ls -ld .next 2>/dev/null | awk '{print $6, $7, $8}'
echo ""
echo "2. Security files:"
[ -f middleware.ts ] && echo "✅ middleware.ts exists" || echo "❌ middleware.ts missing"
[ -f lib/security/sanitize.ts ] && echo "✅ sanitize.ts exists" || echo "❌ sanitize.ts missing"
[ -f app/policy/layout.tsx ] && echo "✅ policy/layout.tsx exists" || echo "❌ policy/layout.tsx missing"
echo ""
echo "3. Dependencies:"
[ -d node_modules/isomorphic-dompurify ] && echo "✅ isomorphic-dompurify installed" || echo "❌ Not installed"
echo ""
echo "4. PM2 Status:"
pm2 list | grep gnxsoft-frontend
echo ""
echo "5. Recent logs (last 5 lines):"
pm2 logs gnxsoft-frontend --lines 5 --nostream
```
## 10. Check for Specific Code Changes
```bash
# Check if policy page has the new structure
grep -A 5 "PolicyContentWithParams" /var/www/GNX-WEB/frontEnd/app/policy/page.tsx
# Check if sanitizeHTML is being used
grep -r "sanitizeHTML" /var/www/GNX-WEB/frontEnd/app/policy/page.tsx
grep -r "sanitizeHTML" /var/www/GNX-WEB/frontEnd/components/pages/blog/BlogSingle.tsx
```
## Most Reliable Check:
```bash
# 1. Check PM2 logs for startup messages
pm2 logs gnxsoft-frontend --lines 20 --nostream
# 2. Test the website directly
curl -I http://localhost:1087/policy
# 3. Check if new security headers are present
curl -I http://localhost:1087 2>&1 | head -20
```

7
start-services.sh
View File

@@ -211,6 +211,12 @@ else
fi
fi
<<<<<<< HEAD
# Set PORT environment variable and start with PM2
PORT=$FRONTEND_PORT NODE_ENV=production pm2 start npm \
--name "gnxsoft-frontend" \
-- start
=======
# Check if Next.js is using standalone output mode
if grep -q '"output":\s*"standalone"' next.config.js 2>/dev/null || grep -q "output:.*'standalone'" next.config.js 2>/dev/null; then
echo -e "${BLUE}Detected standalone mode. Starting with standalone server...${NC}"
@@ -246,6 +252,7 @@ else
--name "gnxsoft-frontend" \
-- start
fi
>>>>>>> d7d7a2757a183aa1abd9dbabff804c45298df4e5
# Save PM2 configuration
pm2 save