CIRCL
/
lookyloo
mirror of https://github.com/CIRCL/lookyloo
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #911 from adrima01/sri_ignore 

changes so that you can ignore the sri while developing
pull/913/head
Raphaël Vinot 2024-05-02 13:20:29 +02:00 committed by GitHub
parent 9eb14548e3 7eaeefb828
commit f730f118b0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 22 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/generic.json.sample
View File

@ -13,6 +13,7 @@
"days": 0, "days": 0,
"hours": 0 "hours": 0
}, },
"enable_ignore_sri": false,
"async_capture_processes": 1, "async_capture_processes": 1,
"use_user_agents_users": false, "use_user_agents_users": false,
"enable_default_blur_screenshot": false, "enable_default_blur_screenshot": false,
@ -112,6 +113,7 @@
"max_capture_time": "The very maximal time we allow a capture to keep going. Should only be triggered by captures that cause playwright to never quit.", "max_capture_time": "The very maximal time we allow a capture to keep going. Should only be triggered by captures that cause playwright to never quit.",
"max_tree_create_time": "The max time the generation of a tree is allowed to take", "max_tree_create_time": "The max time the generation of a tree is allowed to take",
"s3fs": "The config to access a S3FS instance with the s3fs python module - it is not integrated properly for now as it requires urllib < 2.0 which is a non-started at this stage.", "s3fs": "The config to access a S3FS instance with the s3fs python module - it is not integrated properly for now as it requires urllib < 2.0 which is a non-started at this stage.",
"index_everything": "If true, index every capture, even if it's not public. This feature requires a dedicated kvrocks instance, and is only accessible when logged-in as admin." "index_everything": "If true, index every capture, even if it's not public. This feature requires a dedicated kvrocks instance, and is only accessible when logged-in as admin.",
"enable_ignore_sri": "If true, the sri values are ignored and not calculated so that there are no problems while developing and testing."
} }
} }

6
website/web/__init__.py
View File

@ -135,6 +135,7 @@ blur_screenshot = get_config('generic', 'enable_default_blur_screenshot')
use_own_ua = get_config('generic', 'use_user_agents_users') use_own_ua = get_config('generic', 'use_user_agents_users')
enable_mail_notification = get_config('generic', 'enable_mail_notification') enable_mail_notification = get_config('generic', 'enable_mail_notification')
enable_ignore_sri = get_config('generic', 'enable_ignore_sri')
if enable_mail_notification: if enable_mail_notification:
confirm_message = get_config('generic', 'email').get('confirm_message') confirm_message = get_config('generic', 'email').get('confirm_message')
else: else:
@ -178,8 +179,10 @@ app.jinja_env.globals.update(month_name=month_name)
def get_sri(directory: str, filename: str) -> str: def get_sri(directory: str, filename: str) -> str:
if enable_ignore_sri:
return ""
sha512 = sri_load()[directory][filename] sha512 = sri_load()[directory][filename]
return f'sha512-{sha512}' return f'integrity=sha512-{sha512}'
app.jinja_env.globals.update(get_sri=get_sri) app.jinja_env.globals.update(get_sri=get_sri)
@ -1173,6 +1176,7 @@ def tree(tree_uuid: str, node_uuid: str | None=None) -> Response | str | Werkzeu
screenshot_size=screenshot_size, screenshot_size=screenshot_size,
meta=meta, enable_mail_notification=enable_mail_notification, meta=meta, enable_mail_notification=enable_mail_notification,
enable_monitoring=lookyloo.monitoring_enabled, enable_monitoring=lookyloo.monitoring_enabled,
ignore_sri_enable=enable_ignore_sri,
monitoring_settings=lookyloo.monitoring_settings if lookyloo.monitoring_enabled else None, monitoring_settings=lookyloo.monitoring_settings if lookyloo.monitoring_enabled else None,
monitoring_collections=monitoring_collections if lookyloo.monitoring_enabled else [], monitoring_collections=monitoring_collections if lookyloo.monitoring_enabled else [],
enable_context_by_users=enable_context_by_users, enable_context_by_users=enable_context_by_users,

2
website/web/templates/capture.html
View File

@ -375,7 +375,7 @@
{% block scripts %} {% block scripts %}
{{ super() }} {{ super() }}
<script src='{{ url_for('static', filename='capture.js') }}' <script src='{{ url_for('static', filename='capture.js') }}'
integrity="{{get_sri('static', 'capture.js')}}" {{get_sri('static', 'capture.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
<script> <script>
$('#nav-url-tab').on('click', function(e) { $('#nav-url-tab').on('click', function(e) {

2
website/web/templates/index.html
View File

@ -51,7 +51,7 @@ $(document).ready(function () {
{% block styles %} {% block styles %}
{{ super() }} {{ super() }}
<link rel="stylesheet" href="{{ url_for('static', filename='index.css') }}" <link rel="stylesheet" href="{{ url_for('static', filename='index.css') }}"
integrity="{{get_sri('static', 'index.css')}}" {{get_sri('static', 'index.css')}}
crossorigin="anonymous"> crossorigin="anonymous">
{% endblock %} {% endblock %}

12
website/web/templates/main.html
View File

@ -6,17 +6,17 @@
<meta charset="utf-8"> <meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<link rel="shortcut icon" href="{{ url_for('static', filename='favicon.ico') }}" <link rel="shortcut icon" href="{{ url_for('static', filename='favicon.ico') }}"
integrity="{{get_sri('static', 'favicon.ico')}}" {{get_sri('static', 'favicon.ico')}}
crossorigin="anonymous"> crossorigin="anonymous">
{% block styles %} {% block styles %}
<!-- Bootstrap CSS --> <!-- Bootstrap CSS -->
{{ bootstrap.load_css() }} {{ bootstrap.load_css() }}
<link rel="stylesheet" href="{{ url_for('static', filename='generic.css') }}" <link rel="stylesheet" href="{{ url_for('static', filename='generic.css') }}"
integrity="{{get_sri('static', 'generic.css')}}" {{get_sri('static', 'generic.css')}}
crossorigin="anonymous"> crossorigin="anonymous">
<link rel="stylesheet" href="{{ url_for('static', filename='datatables.min.css') }}" <link rel="stylesheet" href="{{ url_for('static', filename='datatables.min.css') }}"
integrity="{{get_sri('static', 'datatables.min.css')}}" {{get_sri('static', 'datatables.min.css')}}
crossorigin="anonymous"> crossorigin="anonymous">
{% endblock %} {% endblock %}
@ -36,13 +36,13 @@
<!-- Optional JavaScript --> <!-- Optional JavaScript -->
{{ bootstrap.load_js() }} {{ bootstrap.load_js() }}
<script src='{{ url_for('static', filename='jquery.min.js') }}' <script src='{{ url_for('static', filename='jquery.min.js') }}'
integrity="{{get_sri('static', 'jquery.min.js')}}" {{get_sri('static', 'jquery.min.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
<script src='{{ url_for('static', filename='datatables.min.js') }}' <script src='{{ url_for('static', filename='datatables.min.js') }}'
integrity="{{get_sri('static', 'datatables.min.js')}}" {{get_sri('static', 'datatables.min.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
<script src='{{ url_for('static', filename='generic.js') }}' <script src='{{ url_for('static', filename='generic.js') }}'
integrity="{{get_sri('static', 'generic.js')}}" {{get_sri('static', 'generic.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
{% endblock %} {% endblock %}
</body> </body>

2
website/web/templates/search.html
View File

@ -62,6 +62,6 @@
{% block scripts %} {% block scripts %}
{{ super() }} {{ super() }}
<script src='{{ url_for('static', filename='capture.js') }}' <script src='{{ url_for('static', filename='capture.js') }}'
integrity="{{get_sri('static', 'capture.js')}}" {{get_sri('static', 'capture.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
{% endblock %} {% endblock %}

6
website/web/templates/stats.html
View File

@ -70,16 +70,16 @@
{% block scripts %} {% block scripts %}
{{ super() }} {{ super() }}
<script src='{{ url_for('static', filename='d3.min.js') }}' <script src='{{ url_for('static', filename='d3.min.js') }}'
integrity="{{get_sri('static', 'd3.min.js')}}" {{get_sri('static', 'd3.min.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
<script src='{{ url_for('static', filename='stats_graph.js') }}' <script src='{{ url_for('static', filename='stats_graph.js') }}'
integrity="{{get_sri('static', 'stats_graph.js')}}" {{get_sri('static', 'stats_graph.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
{% endblock %} {% endblock %}
{% block styles %} {% block styles %}
{{ super() }} {{ super() }}
<link rel="stylesheet" href="{{ url_for('static', filename='stats.css') }}" <link rel="stylesheet" href="{{ url_for('static', filename='stats.css') }}"
integrity="{{get_sri('static', 'stats.css')}}" {{get_sri('static', 'stats.css')}}
crossorigin="anonymous"> crossorigin="anonymous">
{% endblock %} {% endblock %}

4
website/web/templates/tree.html
View File

@ -29,10 +29,10 @@
{% block scripts %} {% block scripts %}
{{ super() }} {{ super() }}
<script src='{{ url_for('static', filename='d3.min.js') }}' <script src='{{ url_for('static', filename='d3.min.js') }}'
integrity="{{get_sri('static', 'd3.min.js')}}" {{get_sri('static', 'd3.min.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
<script src='{{ url_for('static', filename='tree.js') }}' <script src='{{ url_for('static', filename='tree.js') }}'
integrity="{{get_sri('static', 'tree.js')}}" {{get_sri('static', 'tree.js')}}
crossorigin="anonymous"></script> crossorigin="anonymous"></script>
<script> <script>