Turns out using `X-Forwarded-For` appends each proxy's IP. This leads
to being able to easily circumvent IP duplication checking especially
behind hosts like cloudflare that use different routes each time to
reach the destination server.
Now the IP is being split at all commas, as hosts are comma separated in
the header and uses the first IP it can get.
The first issue is an invalid option to the MySQL connector in the form
of the table prefix. It instead gets set as a private prop on the
storage class and then removed from the options object.
The second and more important issue is that the field to store the
duplication check data ended up being too small too quickly, causing it
to quickly fail to write a full JSON string and leading to an error
while retrieving the poll. An `ALTER` statement during init is used to
make sure the datatype is now a `MEDIUMTEXT`. With 16MB it should fill
up way less quickly than previously.
`<meta>` tags have been added to relay information for websites trying
to pull information from the page (like discord) as well as web crawlers
to index the page.
This way, people can easily just use their QR readers to reach the
voting page. The QR is constructed via Google Charts API and the URL is
based on the HOST header of the request.
The API has been moved to a /api path to distinguish it from the form
submission path and make it clear it is a callable API.
The API also has been rudimentarily documented.
Duplicate entries were deduplicated during saving but not checked for
when verifying for at least 2 options set. This lead to being able to
have polls with only a single vote.
Now deduplication is run at the start of the creation function.
When a heroku dyno goes into sleep mode it loses connection to the
backend database. Once it is woken back up, no more reads or
writes could be done anymore due to a dead connection. This change
reinstates a new db connection when the connection is fatally
terminated.
Including to the previous flatfile storage, a new storage for MySQL has
been added to store polls in a database.
The amount of possible Poll Options has also been reduced to 20.
This page displays all options that have been set on creation. Thanks to
`textFit` the texts in the title and options automatically get sized
correctly. The create poll button has also been renamed to submit-button
to make it more universal on other pages.
If more than 3 options are written down, additional inputs will load in
to allow more options. The maximum cap of options currently is set to
255 but can be configured in Config.ts.
Likewise, the input length can also be controlled from there.
The frontend should work without having JS enabled. JS will enhance the
experience but should under no circumstance be necessary.
To achieve this, the entire entry system has been turned into a form
that posts its values to a new backend path specifically made to take
form responses. Instead of returning an API response, it also redirects
the browser to either the voting page on successful creation or the
frontpage with a bunch of get parameters that are used to prefill the
form in a server-side rendering process.
An error parameter is also given but there is no way to display said
error for now.
Running from a subdirectory makes the entire script a bit cumbersome
to wrap around when it comes to relative paths. They should now all work
properly though.
Paths that are relative to the Project Root now work as expected (eg.
package.json path) and other paths like the data and config path are
based on the current execution directory.
The issue with ambigous characters is that they are hard to write
when only seeing them, as one could confuse 0 for O with certain
typefaces for example.
Ambiguity is lessened by removing `Oo0Iil1` from the possible charset.
In order to keep a big enough pool of IDs the ID length changed from 6
to 8 characters instead, which seems like an OK tradeoff.
This is currently untested, but the backend allows creating a new poll,
getting results of an existing poll, voting and retrieving info of a
poll for display purposes.
Recaptcha is not yet implemented at this stage.
