team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Convert file indentation to spaces

Browse Source
This commit is contained in:
James Espinosa
2014-07-05 20:17:27 -05:00
parent 68e6a01743
commit 7e4fad462b
88 changed files with 2915 additions and 2999 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/views/layouts/tutorial/xss/_dom_xss.html.erb
+57 -57
View File
@@ -11,7 +11,7 @@
<a href="#collapseFive" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
<i class="icon-info icon-white">
</i>
Description
Description
</a>
</div>
<div class="accordion-body in collapse" id="collapseFive" style="height: auto;">
@@ -33,30 +33,30 @@
<div class="accordion-body collapse" id="collapseSix" style="height: 0px;">
<div class="accordion-inner">
<p>
The following code was taken from app/views/sessions/new.html.erb:
</p>
<pre class="javascript">
<%=
%{
<script>
//document.write("<select style=\"width: 100px;\">");
//document.write("<OPTION value=1>English</OPTION>");
//document.write("<OPTION value=2>Spanish</OPTION>");
try \{
var hashParam = location.hash.split("#")[1];
var paramName = hashParam.split('=')[0];
var paramValue = hashParam.split('=')[1];
document.write("<OPTION value=3>" +} %> <span style="background-color:yellow"> paramValue</span> <%= %{ + "</OPTION>");
\} catch(err) \{
\}
//document.write("</select>");
The following code was taken from app/views/sessions/new.html.erb:
</p>
<pre class="javascript">
<%=
%{
<script>
//document.write("<select style=\"width: 100px;\">");
//document.write("<OPTION value=1>English</OPTION>");
//document.write("<OPTION value=2>Spanish</OPTION>");
try \{
var hashParam = location.hash.split("#")[1];
var paramName = hashParam.split('=')[0];
var paramValue = hashParam.split('=')[1];
document.write("<OPTION value=3>" +} %> <span style="background-color:yellow"> paramValue</span> <%= %{ + "</OPTION>");
\} catch(err) \{
\}
//document.write("</select>");
</script>
}
%>
</pre>
<p class="desc">
The code (above) takes user input (params), and renders it back on the page without any output encoding or escaping.
</p>
}
%>
</pre>
<p class="desc">
The code (above) takes user input (params), and renders it back on the page without any output encoding or escaping.
</p>
</div>
</div>
</div>
@@ -71,40 +71,40 @@
<div class="accordion-body collapse" id="collapseSeven" style="height: 0px;">
<div class="accordion-inner">
<p><b> Stored Cross-Site Scripting ATTACK:</b></p>
<p class="desc">
Ensure you are signed out of the application first. Make sure you are using something like Firefox as Safari/Chrome won't work for this exercise. Then, use the following link (substitute hostname for your actual hostname) to execute an alert box:
</p>
<pre>
<%= %{http://127.0.0.1:3000/#test=<script>alert(1)</script>} %>
</pre>
<p><b> Stored Cross-Site Scripting SOLUTION:</b></p>
<p>
Leverage the Hogan function for escaping (found in the application.js file) to escape user input:
</p>
<pre class="javascript">
<%= %{
<!-- support for multiple languages coming soon! -->
<script>
//document.write("<select style=\"width: 100px;\">");
//document.write("<OPTION value=1>English</OPTION>");
//document.write("<OPTION value=2>Spanish</OPTION>");
try \{
var hashParam = location.hash.split("#")[1];
var paramName = hashParam.split('=')[0];
var paramValue = hashParam.split('=')[1];
document.write("<OPTION value=3>" + } %> <span style="background-color:yellow"> hoganEscape(paramValue)</span> <%= %{ + "</OPTION>");
\} catch(err) \{
\}
//document.write("</select>");
</script>
}
<p class="desc">
Ensure you are signed out of the application first. Make sure you are using something like Firefox as Safari/Chrome won't work for this exercise. Then, use the following link (substitute hostname for your actual hostname) to execute an alert box:
</p>
<pre>
<%= %{http://127.0.0.1:3000/#test=<script>alert(1)</script>} %>
</pre>
<p><b> Stored Cross-Site Scripting SOLUTION:</b></p>
<p>
Leverage the Hogan function for escaping (found in the application.js file) to escape user input:
</p>
<pre class="javascript">
<%= %{
<!-- support for multiple languages coming soon! -->
<script>
//document.write("<select style=\"width: 100px;\">");
//document.write("<OPTION value=1>English</OPTION>");
//document.write("<OPTION value=2>Spanish</OPTION>");
try \{
var hashParam = location.hash.split("#")[1];
var paramName = hashParam.split('=')[0];
var paramValue = hashParam.split('=')[1];
document.write("<OPTION value=3>" + } %> <span style="background-color:yellow"> hoganEscape(paramValue)</span> <%= %{ + "</OPTION>");
\} catch(err) \{
\}
//document.write("</select>");
</script>
}
%>
</pre>
%>
</pre>
</div>
</div>
</div>
<div class="accordion-group">
<div class="accordion-group">
<div class="accordion-heading">
<a style="background-color: rgb(181, 121, 158)" href="#collapseEight" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
<i class="icon-aid icon-white">
@@ -115,11 +115,11 @@
<div class="accordion-body collapse" id="collapseEight" style="height: 0px;">
<div class="accordion-inner">
<p class="desc">
You should view the source of the login page, might be something interesting there.
</p>
You should view the source of the login page, might be something interesting there.
</p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>