fix FOUC

routes/upload.js

@@ -2,12 +2,25 @@ const express = require('express');
 const router = express.Router();
 const handler = require('express-async-handler');
 const content = require('../helpers/content');
+
+const memcache = require('memcached');
+const cache = new memcache(process.env.SESSION_MEMCACHE_HOST);
 const crypto = require('crypto');
 
-const { MAXFILES } = process.env;
+const { MAXFILES, APP_DEBUG, RATE_LIMIT } = process.env;
+
+let ratelimits = {};
 
 async function upload(req, res) {
 
+    if (!ratelimits[req.ip])
+        ratelimits[req.ip] = Date.now();
+
+    if (Date.now() - ratelimits[req.ip] < RATE_LIMIT) {
+        res.status(503).send('You are being rate limited.');
+        return;
+    }
+
     if (req.body['_csrf'] != req.session.csrf) {
         res.status(405).send('CSRF error');
         return;
@@ -18,14 +31,13 @@ async function upload(req, res) {
         return;
     }
 
-    if (req.body[req.session.captcha_input] != req.session.captcha) {
+    if ((req.body[req.session.captcha_input] != req.session.captcha) | APP_DEBUG) {
         res.status(405).send('Bad captcha');
         return;
     }
 
     req.session.captcha = crypto.randomBytes(8).toString('base64').substring(0,6);
 
-
     if (content.submitted() >= MAXFILES) {
         res.status(405).send('Not allowed');
         return;
@@ -42,6 +54,8 @@ async function upload(req, res) {
     res.redirect(
         '/view?id=' + encodeURIComponent(id)
     );
+
+    req.session.last_text = '';
 }
 
 router.post('/upload', handler(upload));

views/template/main.pug

@@ -7,6 +7,7 @@ html(lang='en_US')
         title blek! Bin#{title ? title : ''}
         link(rel='stylesheet' href='/static/main.css')
     body
+        script 0
         h1(align='center')
             a(href='/') blek! Bin
         p(align='center')