Few fixes

.gitignore

@@ -80,13 +80,10 @@ lib-cov
 # Coverage directory used by tools like istanbul
 coverage
 
-# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
-.grunt
-
 # node-waf configuration
 .lock-wscript
 
-# Compiled binary addons (http://nodejs.org/api/addons.html)
+# Compiled binary addons (https://nodejs.org/api/addons.html)
 build/Release
 
 # Dependency directories

LICENSE.md

@@ -1,4 +1,4 @@
-This project is based on Start Bootstrap - Freelancer Bootstrap Theme (http://startbootstrap.com)
+This project is based on Start Bootstrap - Freelancer Bootstrap Theme (https://startbootstrap.com)
 which is licensed under the MIT license.
 
 All the original code in this project is also licensed under the MIT License:

README.md

@@ -1,20 +1,19 @@
 SpongeHome
 ==========
 
-The Sponge Project [website](https://www-staging.spongepowered.org/), licensed
+The Sponge Project [website](https://www.spongepowered.org/), licensed
 under the MIT license. See [LICENSE.md](LICENSE.md) for details.
 
 ### Branches
 
-- `master` is hooked up to [www staging](https://www-staging.spongepowered.org/)
-- `production` is hooked up to [www prod](https://www.spongepowered.org/)
+- `master` is hooked up to [www prod](https://www.spongepowered.org/)
 
 ## Running locally
 
 ### 1. Prerequisites
 
-- [Golang](http://golang.org/doc/install)
-- [node.js](http://nodejs.org/download/)
+- [Golang](https://golang.org/doc/install)
+- [node.js](https://nodejs.org/download/)
 
 ### 2. Cloning
 

controllers/announcements.go

@@ -27,12 +27,13 @@ package controllers
 
 import (
 	"encoding/json"
-	"github.com/SpongePowered/SpongeWebGo/cache"
-	"github.com/SpongePowered/SpongeWebGo/fastly"
-	"gopkg.in/macaron.v1"
 	"log"
 	"net/http"
 	"strconv"
+
+	"github.com/SpongePowered/SpongeWebGo/cache"
+	"github.com/SpongePowered/SpongeWebGo/fastly"
+	"gopkg.in/macaron.v1"
 )
 
 type Topic struct {
@@ -47,7 +48,7 @@ type TopicList struct {
 }
 
 func (t *TopicList) GetRegularTopics() []Topic {
-	var topics []Topic = []Topic{}
+	var topics = []Topic{}
 
 	for _, topic := range t.Topics {
 		if topic.Archetype == "regular" {
@@ -108,7 +109,7 @@ func GetAnnouncements(ctx *macaron.Context, logger *log.Logger) {
 		return
 	}
 
-	var topics []Topic = res.TopicList.GetRegularTopics()
+	var topics = res.TopicList.GetRegularTopics()
 
 	first, err := getAnnouncement(topics[0])
 	if err != nil {

controllers/header.go

@@ -26,20 +26,23 @@
 package controllers
 
 import (
+	"net/http"
+
 	"github.com/SpongePowered/SpongeWebGo/cache"
 	"github.com/SpongePowered/SpongeWebGo/fastly"
 	"gopkg.in/macaron.v1"
-	"net/http"
 )
 
 func AddHeaders(resp http.ResponseWriter) {
 	header := resp.Header()
 
-	// TODO: Needs more testing and a few changes to make it more restrictive
-	/*header.Add("Content-Security-Policy", "default-src 'self' https:; "+
-	"style-src 'self' 'unsafe-inline' https:; "+
-	"script-src 'self' 'unsafe-eval' https://cdnjs.cloudflare.com https://www.google-analytics.com; "+
-	"frame-ancestors 'none'")*/
+	header.Set("Content-Security-Policy", "default-src 'none'; " +
+			"script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com/ ; " +
+			"style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; " +
+			"font-src https://cdnjs.cloudflare.com/ https://fonts.googleapis.com/; " +
+			"connect-src 'self' https://dl-api.spongepowered.org/; " +
+			"frame-src https://kiwiirc.com; frame-ancestors 'none'; img-src 'self'; " +
+			"upgrade-insecure-requests; block-all-mixed-content; ")
 
 	// Set cache headers only in production environment
 	if macaron.Env == macaron.PROD {

controllers/page.go

@@ -26,9 +26,10 @@
 package controllers
 
 import (
-	"gopkg.in/macaron.v1"
 	"net/http"
 	"path/filepath"
+
+	"gopkg.in/macaron.v1"
 )
 
 var DistDir string
@@ -43,13 +44,13 @@ func init() {
 }
 
 func ServePage(ctx *macaron.Context) {
-	serveHtmlPage(ctx, ctx.Params("page"))
+	serveHTMLPage(ctx, ctx.Params("page"))
 }
 
 func ServeDownloadsPage(ctx *macaron.Context) {
-	serveHtmlPage(ctx, "downloads")
+	serveHTMLPage(ctx, "downloads")
 }
 
-func serveHtmlPage(ctx *macaron.Context, page string) {
+func serveHTMLPage(ctx *macaron.Context, page string) {
 	http.ServeFile(ctx.Resp, ctx.Req.Request, filepath.Join(DistDir, page+".html"))
 }

controllers/statusz.go

@@ -26,10 +26,11 @@
 package controllers
 
 import (
-	"gopkg.in/macaron.v1"
 	"net/http"
 	"os"
 	"regexp"
+
+	"gopkg.in/macaron.v1"
 )
 
 const service = "SpongeHome"
@@ -40,7 +41,7 @@ func readStatus() interface{} {
 		return nil
 	}
 
-	buildNameRe := regexp.MustCompile(`^(.+)-([0-9]+)$`)
+	buildNameRe := regexp.MustCompile(`^(.+)-(\d+)$`)
 	buildNamePieces := buildNameRe.FindStringSubmatch(buildName)
 	jobName := buildNamePieces[1]
 	buildNum := buildNamePieces[2]

spongehome.go

@@ -26,15 +26,16 @@
 package main // import "github.com/SpongePowered/SpongeHome"
 
 import (
+	"log"
+	"net/http"
+	"os"
+	"strings"
+
 	"github.com/SpongePowered/SpongeHome/controllers"
 	"github.com/SpongePowered/SpongeWebGo"
 	"github.com/SpongePowered/SpongeWebGo/fastly"
 	"github.com/go-macaron/gzip"
 	"gopkg.in/macaron.v1"
-	"log"
-	"net/http"
-	"os"
-	"strings"
 )
 
 func main() {
@@ -75,7 +76,7 @@ func main() {
 
 	staticOptions := macaron.StaticOptions{
 		SkipLogging: macaron.Env == macaron.PROD,
-		ETag: true,
+		ETag:        true,
 	}
 
 	m.Use(macaron.Static("public", staticOptions))

src/html/downloads.html

@@ -39,7 +39,7 @@
     <header>
         <div class="container">
             <div class="logo">
-                <img src="assets/img/icons/spongie-mark-reverse-dark.svg" />
+                <img src="assets/img/icons/spongie-mark-reverse-dark.svg" alt="">
                 <h1>Sponge</h1>
             </div>
             <h2>Downloads</h2>
@@ -50,7 +50,7 @@ <h2>Downloads</h2>
         <div class="container">
             <h1>Loading...</h1>
             <p>If this message does not disappear, make sure that JavaScript is enabled in your browser.</p>
-            <img src="assets/img/icons/spongie-mascot.png" alt="Spongie" />
+            <img src="assets/img/icons/spongie-mascot.png" alt="Spongie">
         </div>
     </section>
 </div>

src/html/include/base.html

@@ -55,7 +55,7 @@
     <div class="container">
         <div id="sp-logo-container" class="page-scroll">
             <a class="logo" href="#top">
-                <img src="assets/img/icons/spongie-mark.svg" style="height: 40px">
+                <img src="assets/img/icons/spongie-mark.svg" alt="" style="height: 40px">
                 <span>Sponge</span>
                 <i class="fa fa-fw fa-chevron-down"></i>
             </a>
@@ -129,7 +129,7 @@ <h3>Our Aim</h3>
                 <p>Copyright &copy; SpongePowered 2014-2017</p>
                 <p id="fastly">Accelerated by<br>
                     <a href="https://www.fastly.com">
-                        <img src="assets/img/fastly.png" alt="Fastly" />
+                        <img src="assets/img/fastly.png" alt="Fastly" height="45" width="100">
                     </a>
                 </p>
             </div>

src/html/index.html

@@ -39,7 +39,7 @@
         <div id="main-display" class="col-lg-8 col-lg-offset-0 col-md-8 col-md-offset-0 col-sm-12">
             <div class="row">
                 <div class="col-lg-4 col-md-3">
-                    <img src="assets/img/icons/spongie-mark-dark.svg" alt="Sponge Logo" class="logo" />
+                    <img src="assets/img/icons/spongie-mark-dark.svg" alt="Sponge Logo" class="logo">
                 </div>
                 <div class="intro-text col-lg-8 col-lg-offset-0 col-md-6 col-md-offset-2 col-sm-10 col-sm-offset-1 col-xs-10 col-xs-offset-1">
                     <h1 class="name">Sponge</h1>
@@ -53,7 +53,7 @@ <h1 class="name">Sponge</h1>
             {% for sponsor in sponsors %}
             <div class="col-lg-12 col-lg-offset-0 col-md-12 col-md-offset-0 col-sm-6 col-sm-offset-0 col-xs-10 col-xs-offset-1">
                 <a href="{{ sponsor.link }}">
-                    <img src="{{ sponsor.image }}" alt="{{ sponsor.name }}" />
+                    <img src="{{ sponsor.image }}" alt="{{ sponsor.name }}">
                 </a>
             </div>
             {% endfor %}
@@ -134,7 +134,7 @@ <h4>Code</h4>
                     community has ever seen, or just love testing stuff to destruction and then writing long and
                     detailed bug reports about it? Come get involved on GitHub!
                 </p>
-                <a class="btn btn-outline" href="https://docs.spongepowered.org/en/contributing/index.html">
+                <a class="btn btn-outline" href="https://docs.spongepowered.org/stable/en/contributing/index.html">
                     Getting Started Documentation</a>
             </div>
             <div class="col-lg-4">

src/html/sponsors.html

@@ -59,7 +59,7 @@ <h2>About SpongePowered</h2>
             <p>
                 SpongePowered is a major project that receives input from developers and users across the entire Minecraft community.
                 We have over 30 Staff and Developers on our Team (see our complete staff list
-                <a href="https://docs.spongepowered.org/en/about/staff.html">on our documentation</a>).
+                <a href="https://docs.spongepowered.org/stable/en/about/staff.html">on our documentation</a>).
                 We collaborate closely with developers from other projects in the community, including Bukkit, Cauldron, Forge, and Spout, as
                 well as Mojang itself.
                 Our amazing community involves and commits themselves to the project, whether through developing plugins, displaying their
@@ -114,7 +114,7 @@ <h2>Our Sponsors</h2>
             <div class="col-lg-12 col-md-4 col-sm-6 col-xs-12">
                 <a href="{{ sponsor.link }}" class="sponsors-logo">
                     <div class="logo">
-                        <img src="{{ sponsor.image }}" alt="{{ sponsor.name }}" />
+                        <img src="{{ sponsor.image }}" alt="{{ sponsor.name }}">
                     </div>
                 </a>
             </div>

src/js/downloads/Downloads.vue

@@ -30,7 +30,7 @@
             <div class="row">
                 <div class="col-lg-5 col-md-6">
                     <div class="logo">
-                        <img src="assets/img/icons/spongie-mark-reverse-dark.svg" />
+                        <img src="assets/img/icons/spongie-mark-reverse-dark.svg" alt="">
                         <h1>Sponge<span :class="['platform-badge', platform.id]">{{ platform.suffix }}</span></h1>
                     </div>
                     <h2>Downloads</h2>
@@ -110,7 +110,7 @@
         <div class="container">
             <h1>Loading builds...</h1>
             <p>Spongie is loading them as fast as possible!</p>
-            <img src="assets/img/icons/spongie-mascot.png" alt="Spongie" />
+            <img src="assets/img/icons/spongie-mascot.png" alt="Spongie">
         </div>
     </section>
     </div>

src/js/downloads/Main.vue

@@ -30,7 +30,7 @@
             <div class="row">
                 <div class="col-lg-5 col-md-6">
                     <div class="logo">
-                        <img src="assets/img/icons/spongie-mark-reverse-dark.svg" />
+                        <img src="assets/img/icons/spongie-mark-reverse-dark.svg" alt="">
                         <h1>Sponge</h1>
                     </div>
                     <h2>Downloads</h2>

src/js/downloads/platforms.js

@@ -124,7 +124,7 @@ export const Platforms = {
                     name: `Forge ${forgeVersion.split('.')[3]}`,
                     color: 'forge',
                     title: "Recommended Forge version",
-                    link: `http://files.minecraftforge.net/maven/net/minecraftforge/forge/index_${minecraftVersion}.html`
+                    link: `https://files.minecraftforge.net/maven/net/minecraftforge/forge/index_${minecraftVersion}.html`
                 })
             }
         }