Add detection for WebMidi and Window Placement APIs (#162)

* allow binding to a specific IP * Detect more harmful APIs
duckduckgo · Jul 10, 2023 · 65341bf · 65341bf
1 parent 84a0190
commit 65341bf
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 2 deletions.
diff --git a/features/harmful-apis/main.js b/features/harmful-apis/main.js
@@ -44,6 +44,12 @@ const tests = [
             return ('hid' in navigator);
         }
     },
+    {
+        id: 'web-midi-api',
+        run: () => {
+            return ('requestMIDIAccess' in navigator);
+        }
+    },
     {
         id: 'accelerometer-api',
         run: () => {
@@ -220,6 +226,12 @@ const tests = [
         run: () => {
             return ('joinAdInterestGroup' in navigator) || ('runAdAuction' in navigator);
         }
+    },
+    {
+        id: 'window-placement-api',
+        run: () => {
+            return ('screen' in window && 'isExtended' in window.screen);
+        }
     }
 ];
 

diff --git a/server.js b/server.js
@@ -2,6 +2,7 @@ const express = require('express');
 const ws = require('ws');
 const app = express();
 const port = process.env.PORT || 3000;
+const host = process.env.HOST || '127.0.0.1';
 const url = require('url');
 const cmd = require('node-cmd');
 const crypto = require('crypto');
@@ -20,8 +21,8 @@ function fullUrl (req) {
 
 // Start the HTTP server. On Glitch the proxy will forward both HTTP and HTTPS
 // traffic to this server.
-const listener = app.listen(port, () => {
-    console.log(`HTTP Server listening at port ${listener.address().port}`);
+const listener = app.listen(port, host, () => {
+    console.log(`HTTP Server listening at ${listener.address().address}:${listener.address().port}`);
 });
 
 // Start HTTPS server for https://first-party.example and https://third-party.example