Skip to content

Commit

Permalink
chg: [security] Added missing CSRF token on various forms.
Browse files Browse the repository at this point in the history
  • Loading branch information
@cedricbonhomme
cedricbonhomme committed Jul 15, 2024
1 parent ca18b97 commit 3c3cb29
Show file tree
Hide file tree
Showing 4 changed files with 91 additions and 84 deletions.
65 changes: 33 additions & 32 deletions website/web/templates/bundles/edit_bundle.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,40 +117,41 @@ <h2>{{ action | safe }}</h2>


document.getElementById("savebundle").onclick = function(event) {
var json = jsoneditor.getValue();
json["description"] = easyMDE.value();
// json["comment"] = "{{ comment_id }}";
data = JSON.stringify(json);
console.log(data);
fetch("{{ url_for('apiv1.bundle_bundles_list') }}", {
method: "POST",
headers: {
'Content-Type': 'application/json',
},
body: data
})
.then(res => {
if (!res.ok) {
res.json().then(json => {
document.getElementById("modal-error-text").innerText = json['message'];
var modal = new bootstrap.Modal(document.getElementById('modalError'), {});
modal.show();
});
} else {
// reinitializes the form
// window.jsoneditor.setValue({});
// easyMDE.value("");

document.getElementById("modal-error-text").innerText = "Bundle saved.";
var csrf_token = "{{ csrf_token() }}";
var json = jsoneditor.getValue();
json["description"] = easyMDE.value();
// json["comment"] = "{{ comment_id }}";
data = JSON.stringify(json);
console.log(data);
fetch("{{ url_for('apiv1.bundle_bundles_list') }}", {
method: "POST",
headers: {
'Content-Type': 'application/json',
'X-CSRFToken': csrf_token
},
body: data
})
.then(res => {
if (!res.ok) {
res.json().then(json => {
document.getElementById("modal-error-text").innerText = json['message'];
var modal = new bootstrap.Modal(document.getElementById('modalError'), {});
modal.show();
// window.location = "{{ url_for('bundles_bp.list_bundles') }}";
}
})
.catch((error) => {
console.log(error);
});
};
});
} else {
// reinitializes the form
// window.jsoneditor.setValue({});
// easyMDE.value("");
document.getElementById("modal-error-text").innerText = "Bundle saved.";
var modal = new bootstrap.Modal(document.getElementById('modalError'), {});
modal.show();
// window.location = "{{ url_for('bundles_bp.list_bundles') }}";
}
})
.catch((error) => {
console.log(error);
});
};

</script>
{% endblock %}
42 changes: 22 additions & 20 deletions website/web/templates/search.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,10 @@
{%else%}
<div class="position-relative top-0 start-50 translate-middle-x">
{%endif%}
<form class="row g-3" role="form" method=post action="search" enctype=multipart/form-data>
<form class="row g-3" role="form" method="post" action="search" enctype="multipart/form-data">
<div class="col-auto">
<input type="text" class="form-control" id="freetext_search" placeholder="What are you looking for?" name="freetext_search" autofocus>
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
</div>
<div class="col-auto">
<button type="submit" class="btn btn-primary mb-3">Search</button>
Expand Down Expand Up @@ -103,25 +104,26 @@ <h5>Vulnerabilites related to the one you searched</h5>
<div class="position-relative top-0 start-50 translate-middle-x">
<h1>{{vendor}}</h1>
</div>
<form class="row g-3" role="form" method=post action="search" enctype=multipart/form-data>
<input type="text" class="form-control" id="vendor" name="vendor" value="{{vendor}}" hidden>
<label for="productsList" class="form-label">Search a product</label>
<input class="form-control" list="productslistOptions" id="productsList" name="product" placeholder="Type to search...">
<datalist id="productslistOptions">
{%for product in vendor_products%}
<option value="{{product}}">
{% endfor%}
</datalist>
<label for="vulnsList" class="form-label">Search a vulnerability</label>
<input class="form-control" list="vulnslistOptions" id="vulnsList" name="vendor_vuln" placeholder="Type to search...">
<datalist id="vulnslistOptions">
{%for vuln in vendor_vulns%}
<option value="{{vuln}}">
{% endfor%}
</datalist>
<div class="col-auto">
<button type="submit" class="btn btn-primary mb-3">Search</button>
</div>
<form class="row g-3" role="form" method="post" action="search" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
<input type="text" class="form-control" id="vendor" name="vendor" value="{{vendor}}" hidden>
<label for="productsList" class="form-label">Search a product</label>
<input class="form-control" list="productslistOptions" id="productsList" name="product" placeholder="Type to search...">
<datalist id="productslistOptions">
{%for product in vendor_products%}
<option value="{{product}}">
{% endfor%}
</datalist>
<label for="vulnsList" class="form-label">Search a vulnerability</label>
<input class="form-control" list="vulnslistOptions" id="vulnsList" name="vendor_vuln" placeholder="Type to search...">
<datalist id="vulnslistOptions">
{%for vuln in vendor_vulns%}
<option value="{{vuln}}">
{% endfor%}
</datalist>
<div class="col-auto">
<button type="submit" class="btn btn-primary mb-3">Search</button>
</div>
</form>
{% if vp_vulnerabilities %}
<h5>All the vulnerabilites related to {{vendor}} - {{product}}</h5>
Expand Down
66 changes: 34 additions & 32 deletions website/web/templates/vuln.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -220,38 +220,40 @@ <h5 class="modal-title">Action not permitted</h5>
}

document.getElementById("savecomment").onclick = function(event) {
var json = jsoneditor.getValue();
json["description"] = easyMDE.value();
json["vulnerability"] = "{{ vulnerability_id }}";
data = JSON.stringify(json);
fetch("{{ url_for('apiv1.comment_comments_list') }}", {
method: "POST",
headers: {
'Content-Type': 'application/json',
},
body: data
})
.then(res => {
if (!res.ok) {
res.json().then(json => {
document.getElementById("modal-error-text").innerText = json['message'];
var modal = new bootstrap.Modal(document.getElementById('modalError'), {});
modal.show();
});
} else {
// reinitializes the form
window.jsoneditor.setValue({});
easyMDE.value("");
// collapse the view which is containing the form
new bootstrap.Collapse(document.getElementById("newComment{{vulnerability_id}}"));
// load the updated list of comments
loadComments();
}
})
.catch((error) => {
console.log(error);
});
};
var csrf_token = "{{ csrf_token() }}";
var json = jsoneditor.getValue();
json["description"] = easyMDE.value();
json["vulnerability"] = "{{ vulnerability_id }}";
data = JSON.stringify(json);
fetch("{{ url_for('apiv1.comment_comments_list') }}", {
method: "POST",
headers: {
'Content-Type': 'application/json',
'X-CSRFToken': csrf_token
},
body: data
})
.then(res => {
if (!res.ok) {
res.json().then(json => {
document.getElementById("modal-error-text").innerText = json['message'];
var modal = new bootstrap.Modal(document.getElementById('modalError'), {});
modal.show();
});
} else {
// reinitializes the form
window.jsoneditor.setValue({});
easyMDE.value("");
// collapse the view which is containing the form
new bootstrap.Collapse(document.getElementById("newComment{{vulnerability_id}}"));
// load the updated list of comments
loadComments();
}
})
.catch((error) => {
console.log(error);
});
};


function setEditEvents() {
Expand Down
2 changes: 2 additions & 0 deletions website/web/templates/vulnogram/bundle.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -297,6 +297,7 @@


document.getElementById("save").onclick = function(event) {
var csrf_token = "{{ csrf_token() }}";
var data = mainTabGroup.getValue();
data = textUtil.reduceJSON(data);
data = JSON.stringify(data);
Expand All @@ -305,6 +306,7 @@
method: "POST",
headers: {
'Content-Type': 'application/json',
'X-CSRFToken': csrf_token
},
body: data
})
Expand Down

0 comments on commit 3c3cb29

Please sign in to comment.