chg: Allow to disable user context form

config/generic.json.sample

@@ -14,6 +14,7 @@
   "max_depth": 1,
   "use_user_agents_users": false,
   "enable_default_blur_screenshot": false,
+  "enable_context_by_users": false,
   "enable_mail_notification": false,
   "email": {
       "from": "Lookyloo <lookyloo@myorg.local>",
@@ -35,6 +36,7 @@
     "max_depth": "Maximum depth for scraping. Anything > 1 will be exponentially bigger.",
     "use_user_agents_users": "Only usable for medium/high use instances: use the user agents of the users of the platform",
     "enable_default_blur_screenshot": "If true, blur the screenshot by default (useful on public instances)",
+    "enable_context_by_users": "Allow the users to add context to a response body",
     "enable_mail_notification": "Enable email notification or not",
     "email": "Configuration for sending email notifications."
   }

website/web/__init__.py

@@ -191,6 +191,10 @@ def hostnode_popup(tree_uuid: str, node_uuid: str):
     keys_request = {
         'request_cookie': "/static/cookie_read.png",
     }
+    if lookyloo.get_config('enable_context_by_users'):
+        enable_context_by_users = True
+    else:
+        enable_context_by_users = False
 
     hostnode, urls = lookyloo.get_hostnode_investigator(tree_uuid, node_uuid)
 
@@ -200,7 +204,8 @@ def hostnode_popup(tree_uuid: str, node_uuid: str):
                            hostname=hostnode.name,
                            urls=urls,
                            keys_response=keys_response,
-                           keys_request=keys_request)
+                           keys_request=keys_request,
+                           enable_context_by_users=enable_context_by_users)
 
 
 @app.route('/tree/<string:tree_uuid>/url/<string:node_uuid>/request_cookies', methods=['GET'])

website/web/templates/hostname_popup.html

@@ -158,9 +158,10 @@
             </p>
           </div>
           {% endif %}
+          {% if enable_context_by_users%}
           <button class="btn btn-primary collapsed" type="button" data-toggle="collapse" data-target="#context_response_{{ url['url_object'].uuid }}" aria-expanded="false" aria-controls="collapseContextForm">
-            <span class="if-collapsed">Add context.</span>
-            <span class="if-not-collapsed">Hide context form.</span>
+            <span class="if-collapsed">Add context</span>
+            <span class="if-not-collapsed">Hide context form</span>
           </button>
           <div class="collapse" id="context_response_{{ url['url_object'].uuid }}">
             <div class="card card-body">
@@ -199,6 +200,7 @@
                 </form>
             </div>
           </div>
+          {% endif %}
 
           {% if url['embedded_ressources'] %}
           {# Details on embedded resources #}