diff --git a/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js b/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js index 60ca65a36..5d3a0d169 100644 --- a/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js +++ b/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js @@ -21,7 +21,7 @@ define(['jquery', //this.baseUrlRoot = ''; }, loadData: function(options) { - this.urlRoot = _.escape(encodeURIComponent(options.name)) + '.lesson' + // this.urlRoot = _.escape(encodeURIComponent(options.name)) + '.lesson' // if (options.stage != null) { // this.urlRoot += '&stage=' + options.stage; // } diff --git a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js index 29d09ae7d..0abf17e82 100644 --- a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js +++ b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js @@ -49,19 +49,65 @@ define(['jquery', this.$el.find(this.$contentPages[this.currentPage]).show(); this.addPaginationControls(); } + }, + +// makeFormsAjax: function() { +// var options = { +// success:this.onAttackExecution.bind(this), +// url: this.model.urlRoot.replace('\.lesson','.attack'), +// type:'GET' +// // $.ajax options can be used here too, for example: +// //timeout: 3000 +// }; +// //hook forms //TODO: clarify form selectors later +// $("form.attack-form").ajaxForm(options); +// }, + + makeFormsAjax: function () { + this.$form = $('form.attack-form'); + // turn off standard submit + + //set standard options + var contentType = (this.$form.attr('contentType')) ? this.$form.attr('contentType') : 'url-form-encoded'; + this.formOptions = { + //success:this.reLoadView.bind(this), + url: this.$form.attr('action'), + method: this.$form.attr('method'), + contentType: contentType, + timeout: 3000, //usually running locally ... should be plenty faster than this - makeFormsAjax: function() { - var options = { - success:this.onAttackExecution.bind(this), - url: this.model.urlRoot.replace('\.lesson','.attack'), - type:'GET' - // $.ajax options can be used here too, for example: - //timeout: 3000 }; - //hook forms //TODO: clarify form selectors later - $("form.attack-form").ajaxForm(options); + +// if (typeof this.$form.attr('prepareData') === 'string') { +// if (typeof this.$form.attr('prepareData') !== 'undefined' && typeof CustomGoat[this.$form.attr('prepareData')] === 'function') { // I'm sure this is dangerous ... but hey, it's WebGoat, right? +// this.formOptions.prepareData = CustomGoat[this.$form.attr('prepareData')]; +// } +// } +// set up submit to run via ajax and be handled by the success handler + this.$form.submit(this.onFormSubmit.bind(this)); + }, + onFormSubmit: function () { + var self = this; + console.log(this.formOptions); + var submitData = (typeof this.formOptions.prepareData === 'function') ? this.formOptions.prepareData() : this.$form.serialize(); + + $.ajax({ + data:submitData, + url:this.formOptions.url, + method:this.formOptions.method, + contentType:this.formOptions.contentType, + data: submitData + }).success(function(data) { + //Log shows warning, see https://bugzilla.mozilla.org/show_bug.cgi?id=884693 + // Explicitly loading the lesson instead of triggering an + // event in goatRouter.navigate(). + self.reLoadView(data); + }); + return false; + }, + ajaxifyAttackHref: function() { // rewrite any links with hrefs point to relative attack URLs var self = this; // The current LessonAdapter#getLink() generates a hash-mark link. It will not match the mask below. @@ -72,7 +118,7 @@ define(['jquery', //.done(self.reLoadView.bind(self)) .fail(function() { alert("failed to GET " + url); }); }); - + }, onAttackExecution: function(feedback) {