dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

search box moved and jwt encode/decode with little delay (#1664)

Browse Source
This commit is contained in:
René Zubcevic 2023-11-16 14:42:10 +01:00 committed by GitHub
parent 8450c5a5be
commit 88a321c268
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 47 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
robot/README.md
View File

@ -12,8 +12,10 @@ Then see security settings and allow the file to run
pip3 install virtualenv --user pip3 install virtualenv --user
python3 -m virtualenv .venv python3 -m virtualenv .venv
source .venv/bin/activate source .venv/bin/activate
pip install robotframework pip install --upgrade robotframework
pip install robotframework-SeleniumLibrary pip install --upgrade robotframework-SeleniumLibrary
pip install webdriver-manager pip install --upgrade webdriver-manager
brew upgrade
robot --variable HEADLESS:"0" --variable ENDPOINT:"http://127.0.0.1:8080/WebGoat" goat.robot robot --variable HEADLESS:"0" --variable ENDPOINT:"http://127.0.0.1:8080/WebGoat" goat.robot
Make sure that the Chrome version, the webdriver version and all related components are up-to-date and compatible!

1
robot/goat.robot
View File

@ -121,6 +121,7 @@ Check_JWT_Page
Log To Console Found token ${OUT_VALUE} Log To Console Found token ${OUT_VALUE}
${OUT_RESULT} Evaluate "ImuPnHvLdU7ULKfbD4aJU" in """${OUT_VALUE}""" ${OUT_RESULT} Evaluate "ImuPnHvLdU7ULKfbD4aJU" in """${OUT_VALUE}"""
Log To Console Found token ${OUT_RESULT} Log To Console Found token ${OUT_RESULT}
Capture Page Screenshot
Check_Files_Page Check_Files_Page
Go To ${ENDPOINT_WOLF}/files Go To ${ENDPOINT_WOLF}/files

5
src/main/resources/webgoat/static/js/main.js
View File

@ -33,9 +33,12 @@ require.config({
bootstrap: 'libs/bootstrap.min', bootstrap: 'libs/bootstrap.min',
text: 'libs/text', text: 'libs/text',
templates: 'goatApp/templates', templates: 'goatApp/templates',
polyglot: 'libs/polyglot.min' polyglot: 'libs/polyglot.min',
search: 'search'
}, },
deps: ['search'],
shim: { shim: {
"jqueryui": { "jqueryui": {
exports:"$", exports:"$",

13
src/main/resources/webgoat/templates/main_new.html
View File

@ -15,13 +15,8 @@
<link rel="stylesheet" type="text/css" th:href="@{/css/font-awesome.min.css}"/> <link rel="stylesheet" type="text/css" th:href="@{/css/font-awesome.min.css}"/>
<link rel="stylesheet" type="text/css" th:href="@{/css/animate.css}"/> <link rel="stylesheet" type="text/css" th:href="@{/css/animate.css}"/>
<link rel="stylesheet" type="text/css" th:href="@{/css/coderay.css}"/> <link rel="stylesheet" type="text/css" th:href="@{/css/coderay.css}"/>
<!-- <link rel="stylesheet" type="text/css" th:href="@{/css/asciidoctor-default.css}"/>-->
<!-- end of CSS --> <!-- end of CSS -->
<!-- JS -->
<!-- <script src="js/modernizr.min.js"></script>-->
<!-- Require.js used to load js asynchronously --> <!-- Require.js used to load js asynchronously -->
<script src="js/libs/require.min.js" data-main="js/main"></script> <script src="js/libs/require.min.js" data-main="js/main"></script>
<meta http-equiv="Content-Type" content="text/id; charset=UTF-8"/> <meta http-equiv="Content-Type" content="text/id; charset=UTF-8"/>
@ -39,8 +34,9 @@
<div id="lesson-title-wrapper"> <div id="lesson-title-wrapper">
</div><!--lesson title end--> </div><!--lesson title end-->
<!--<div class="user-nav pull-right" id="user-and-info-nav" style="margin-right: 75px;">--> <div style="position: absolute;width:600px; z-index:3; top:22px; right: -90px;">
<div style="position: absolute;width:400px; z-index:3; top:22px; right: -90px;"> <input class="form-control" type="text" id="search" name="search" th:placeholder="#{searchmenu}" style="width:200px;display:inline-block" />
<!-- webwolf menu item --> <!-- webwolf menu item -->
<a th:href="@{/WebWolf}" target="_blank"> <a th:href="@{/WebWolf}" target="_blank">
<button type="button" id="webwolf-button" class="btn btn-default right_nav_button" <button type="button" id="webwolf-button" class="btn btn-default right_nav_button"
@ -151,8 +147,7 @@
</button> </button>
</a> </a>
<input class="form-control" type="text" id="search" name="search" th:placeholder="#{searchmenu}" style="width:60%" />
<script src="js/search.js" ></script>
</div> </div>
</header> </header>

37
src/main/resources/webwolf/static/js/jwt.js
View File

@ -11,17 +11,43 @@
$(document).ready(() => { $(document).ready(() => {
$('#payload').on('input', call(true)); let tokeninput = document.getElementById('token');
$('#header').on('input', call(true)); let headerinput = document.getElementById('header');
$('#secretKey').on('input', call(true)); let secretKeyinput = document.getElementById('secretKey');
$('#token').on('input', call(false)); let payloadinput = document.getElementById('payload');
let timeout = null;
tokeninput.addEventListener('keyup', function (e) {
clearTimeout(timeout);
timeout = setTimeout(function () {
call(false);
}, 1000);
});
headerinput.addEventListener('keyup', function (e) {
clearTimeout(timeout);
timeout = setTimeout(function () {
call(true);
}, 1000);
});
secretKeyinput.addEventListener('keyup', function (e) {
clearTimeout(timeout);
timeout = setTimeout(function () {
call(true);
}, 1000);
});
payloadinput.addEventListener('keyup', function (e) {
clearTimeout(timeout);
timeout = setTimeout(function () {
call(true);
}, 1000);
});
}); });
function call(encode) { function call(encode) {
return () => {
var url = encode ? 'jwt/encode' : 'jwt/decode'; var url = encode ? 'jwt/encode' : 'jwt/decode';
var formData = encode ? $('#encodeForm').getFormData() : $('#decodeForm').getFormData(); var formData = encode ? $('#encodeForm').getFormData() : $('#decodeForm').getFormData();
formData["secretKey"] = $('#secretKey').val(); formData["secretKey"] = $('#secretKey').val();
console.log(formData);
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
@ -34,7 +60,6 @@ function call(encode) {
dataType: 'json' dataType: 'json'
}); });
} }
}
function update(token) { function update(token) {
$('#token').val(token.encoded); $('#token').val(token.encoded);