Version bump to 0.0.5 is needed for my latest commits. This update fixes issues reported to me by email that users have encountered.

Nick, please get to this asap.

Keep the project history within a (recognized) file, named CHANGELOG.md.

Allow users to customize processors and minifier options
Something like

scripts: {
  processor: 'amd',
  options: {},
  minify: {}
}

Hi guys,

server-configs-node is aging and offers features like style and javascript processing that may be out of scope. I would like to propose a full clean rewrite that only reflects other server configs.

This project is a little different than other server-configs-* projects since it's a server. But the community is already using existing libraries like express to create servers. So I think we should only propose a universal middleware that would work in any context, instead of a server.
We could officially support most used libraries by default (express, builtin, others?).

This rewrite would aim the 1.0.0 release and freeze the api to a single function taking options (like any middleware). A migration guide would be provided for users that want to upgrade and keep existing style and javascript processing.
The current legacy version would be supported in a separated branch.

@h5bp/owners @h5bp/server-configs What do you think? Do you have any feedback on this?

Thanks!

It's third party code so let's see how we can pull it in using npm.

Or even better, search another solution as the cache.js code dates from 2011.

I am using jmeter to test the performance of my code.For that i am firing 50 requests at a time but the code takes only 11 requests and and gives the warning as follow.

I am using h5bp npm library to compress the data send over the network.

(node) warning: possible EventEmitter memory leak detected. 11 listeners added. Use emitter.setMaxListeners() to increase limit.
Trace
at ServerResponse.addListener (events.js:160:15)
at headersLayer (C:\Users\Pratik\Documents\brigge\source\node_modules\h5bp\lib\layers\headers.js:133:7)
at fn (C:\Users\Pratik\Documents\brigge\source\node_modules\h5bp\node_modules\async\lib\async.js:582:34)
at Object._onImmediate (C:\Users\Pratik\Documents\brigge\source\node_modules\h5bp\node_modules\async\lib\async.js:49
8:34)
at processImmediate as _immediateCallback

Also refator some parts.
I'm thinking about the standalone section which is now, internally, the same as express/connect.

Was expecting to see something like "app.js" in the root directory calling /lib/h5bp.js. But with no example code/app and no documentation I'm puzzled how I can get the value out of what is obviously a lot of thought and expertise backed into h5BP.js.

Hi guys,

I proposed a few month ago a big refactoring for the node implementation of the h5bp server configs.
I was wishing it would become a more attractive and better tested project.
Nowadays I can see that tests don't even run and the project does contains major bugs that make it unusable :'(

So I would like to propose myself to become an official contributor, and eventually one of the maintainers for this project.

What do you think about that ?

Related to #22.

Like cache busting and concatenation, we could propose a built-in system to resize images on the fly, based on the url:

• [email protected]: would serve retina images.
• image-400x300.jpg: would serve a resized version.

As mentioned in #22.

Currently the logic in headers looks up mime type and sets the Content-Type header whenever the path doesn't end in a trailing /

I'd like to see this improved in two ways.

First - add a check to see if Content-Type is already set and skip this logic if that is the case.

Second, change the regex to check for the existence of an extension at the end of the path as the comments to the code state rather than just whether the path ends with a trailing /.

The reason for my request may be a bit contentious as there is a bit of a religious war going on as to whether a resource path must end in a trailing slash if it does not reference a file resource. However I believe these two changes would make the logic more correct irrespective of how I'd like the behavior to change.

As it stands now, accessing a resource such as http://foo.com/bar returns a content-type of application/octet-stream with no good way to override the behavior.

When starting my application that uses express and h5bp as express middleware:

Error: Cannot find module 'express/node_modules/send'
at Function.Module._resolveFilename (module.js:469:15)
at Function.Module._load (module.js:417:25)
at Module.require (module.js:497:17)
at require (internal/module.js:20:19)
at Object. (/home/brenton/Code/Projects/timestamper-fcc/node_modules/h5bp/lib/layers/headers.js:6:45)
at Module._compile (module.js:570:32)
at Object.Module._extensions..js (module.js:579:10)
at Module.load (module.js:487:32)
at tryModuleLoad (module.js:446:12)
at Function.Module._load (module.js:438:3)

Hi guys, I'm new in node.js, and I'm not sure what I am doing wrong
i have installed h5bp npm package, included in my app.js and tried to create server with express option as it is in the example (I read in issues that npm is updated). but the console keep saying that there is no such method. I'm a big fan of html5 bolerplate, I used it in several project with apache and iis but never with node.js. Any help will be appreciated. If you say that it's not finished yet I'll understand, but it seems it is. all the rules from htaccess are kinda included in h5bp.js.

Hi @h5bp/server-configs folks!

This module is aging and mostly deprecated. Node.js ecosystem has since evolved a lot and there is a plethora of server frameworks that address (in a better way) most of the best practices we try to advocate here.

Since all those frameworks and their ecosystem already implement the code and maintain it, I think it makes no sense to do it here. Our goal is to tell people how to configure servers in the best way possible, not to implement servers.

Given the context, I propose that this repo evolve from plain code to How to configure X framework properly? We would need to list the most used frameworks out there and document how to configure them properly.

This could be done either by:

1. Creating one markdown document per framework and explain how to configure it for each key best practice.
2. Creating a heavily commented boilerplate per framework that one could use directly or cherry pick from.

What do you think about this? Do you have any ideas/remarks?

Thanks!

1. Wouldn't it be better to move all the How to contribute? info to a CONTRIBUTING.md file to take advantage of GitHub's UI and also make the README.md shorter ?

2. Instead of the outdated stats from the README.md, why not link to https://github.com/h5bp/server-configs-node/graphs/contributors and just list the maintainers so that people know who to refer if something? (e.g.: for apache)

Hi,

It would be nice to sync the npm package with this repository, as suggested in h5bp/server-configs/pull/115.
I've bumped the version to 0.0.4 following your 0.0.3 @niftylettuce.
Although this version is still missing some of the Apache features, it works and is pretty stable.

• Update npm package to point to correct git repo URL (following the recent rename).

• Fix / remove the image banner in the README as the link 404's.

• Add more maintainers to the package.

• Include a proper CLI command, e.g.:

  npm install --save <name>

Related: #11 - rename the package.

Because other middlewares can generate dynamic content w/ an appropriate content-type but with a custom url, we should defer setting other headers by subscribing to the .on('header', ...) event.

We should continue relying on the given content-type to apply cache and other stuff.

By defering, we also ensure that we have the last word and that nobody will override what we set.

By providing dynamic content, the user takes the responsability to match the correct content-type correctly.

If nobody sets the content-type it should be defaulted to application/octet-stream (the current behavior).

@ngryman I've added you as an owner on NPM to this project

λ ~/Public/server-configs-node/ master npm owner ls 
niftylettuce <[email protected]>
ngryman <[email protected]>

express has updated its API or provides some methods we should rely on:

• Response#type
• Response#set
• Response#get

Hi, I have included today h5bp as middleware in my express app, it's added exactly as in your example, before compress and static content. I think something is wrong with the header. Here is what I get from network tab in Chrome. It's Content-Type:application/octet-stream. Can you please help me with configuration, I'm using this example as testing platform

https://github.com/madhums/nodejs-express-mongoose-demo

Request URL:http://localhost:3000/
Request Method:GET
Status Code:206 Partial Content

Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en,bg;q=0.8,en-US;q=0.6
Connection:keep-alive
Host:localhost:3000
If-Range:Sun, 24 Feb 2013 16:42:41 GMT
Range:bytes=3811-3811
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.97 Safari/537.22

Response Headers
Accept-Ranges:bytes
cache-control:public,max-age=2419200,no-transform
connection:keep-alive
Content-Length:1
Content-Range:bytes 3811-3811/6738
Content-Type:application/octet-stream
Date:Sun, 24 Feb 2013 16:58:35 GMT
Last-Modified:Sun, 24 Feb 2013 16:42:41 GMT
Vary:Accept-Encoding

So for current processors, we should enable minification:

• automatically when process.NODE_ENV is set to production.
• with an additional option, which take precedence over automatic (we could force no minification in production).

Affected processors are:

• amd
• commonjs
• sass
• less
• stylus

Once this issue completed, I think we are good to release 0.0.7!

First todo in my list is this feature.

With node we could do this on-the-fly without any build step involved.

Concatenation

Convention over configuration

As the Apache version, we could say that every js file in a given directory should be automatically concatened to a given filename. We could default libs.js and app.js. This would be an automatic process.

I think we can do much better with node. The only thing I find usefull is that this is very simple for beginners. In fact this could even be a default configuration for any other approach.

Configuration over convention

We could let the user configure exactly which scripts to concatenate and in what order. As the previous approach, we could propose two defaults targets libs.js and app.js.

I think this is better that the previous approach because we don't loose any best practice value by defaulting the configuration. We let the user refine the order of the scripts and define additional targets.
But I also think that maintaining a configuration like this is painful, error prone ... and so 2010...

Dependency management

CommonJS or AMD could (and should) be our friends for client-side scripts. There is a lot of good libraries offering a client-side implementation and I think this should be a 2013 best practice for font-end developers, with Harmony incoming.

With node we could easily get this done server-side (i.e. Browserify) on-the-fly.

The user could configure target scripts like this:

app.use(h5bp({
  root: __dirname + '/public',
  scripts: ['app.js', 'libs.js']
}));

Internally h5bp will start watching for file changes (Browserify does this well) and compile if needed. The static middleware will simply serve compiled files.

Minification

For minification, we could use the same approach of concatenation (i.e. UglifyJS 2) by proxying requests to javascripts, cache local minified version and internal redirect to it.

The user could enable minification like this:

app.use(h5bp({
  root: __dirname + '/public',
  scripts: ['app.js', 'libs.js'],
  minify: true
}));

In the future we could also default minification when NODE_ENV=production is defined for example.

@paulirish, do you think we could go with something like this ?

EDIT: we could also always minify and use source maps when NODE_ENV!=production

JSCS for example.

The name "h5bp" is vague and it feels confusing to have a server config package named after a software organization. I'd suggest that an alternative name (that's clearer) is used at some point in the future.