Patch de faille XSS et mise aux normes W3C
This commit is contained in:
parent
234b79f218
commit
0b8aa84ddb
GPG key ID:
9570A7DB7CB2F436
3 changed files with 13 additions and 28 deletions
11
app.py
11
app.py
|
|
@ -1,4 +1,4 @@
|
||||||
from flask import Flask, render_template, request, redirect, url_for
|
from flask import Flask, render_template, request, redirect, url_for, make_response
|
||||||
from os import path
|
from os import path
|
||||||
from bs4 import BeautifulSoup
|
from bs4 import BeautifulSoup
|
||||||
|
|
||||||
|
|
@ -7,7 +7,9 @@ app.config['TEMPLATES_AUTO_RELOAD'] = True
|
||||||
|
|
||||||
@app.route('/')
|
@app.route('/')
|
||||||
def slash():
|
def slash():
|
||||||
return render_template("index.html")
|
response = make_response(render_template("index.html"))
|
||||||
|
response.headers["Content-Security-Policy"] = "default-src 'self'"
|
||||||
|
return response
|
||||||
|
|
||||||
@app.route("/ajout")
|
@app.route("/ajout")
|
||||||
def ajout():
|
def ajout():
|
||||||
|
|
@ -25,15 +27,16 @@ def bizutage():
|
||||||
desc = request.values['desc']
|
desc = request.values['desc']
|
||||||
nouvLien = "<div class=\"elem\"><h2>{}</h2><p><a href=\"{}\">Lien</a></p><hr><p>{}</p>".format(titre, lien, desc)
|
nouvLien = "<div class=\"elem\"><h2>{}</h2><p><a href=\"{}\">Lien</a></p><hr><p>{}</p>".format(titre, lien, desc)
|
||||||
nouvLienHtml = BeautifulSoup(nouvLien, "html.parser")
|
nouvLienHtml = BeautifulSoup(nouvLien, "html.parser")
|
||||||
|
|
||||||
with open("templates/index.html", 'r') as file:
|
with open("templates/index.html", 'r') as file:
|
||||||
soup = BeautifulSoup(file, 'html.parser')
|
soup = BeautifulSoup(file, 'html.parser')
|
||||||
soup.find("hr").append(nouvLienHtml)
|
soup.find("hr").insert_after("", nouvLienHtml)
|
||||||
with open("templates/index.html", 'w') as file:
|
with open("templates/index.html", 'w') as file:
|
||||||
file.write(soup.prettify())
|
file.write(soup.prettify())
|
||||||
|
|
||||||
with open("lite/index.html", 'r') as file:
|
with open("lite/index.html", 'r') as file:
|
||||||
soup = BeautifulSoup(file, 'html.parser')
|
soup = BeautifulSoup(file, 'html.parser')
|
||||||
soup.find("hr").append(nouvLienHtml)
|
soup.find("hr").insert_after("", nouvLienHtml)
|
||||||
with open("lite/index.html", 'w') as file:
|
with open("lite/index.html", 'w') as file:
|
||||||
file.write(soup.prettify())
|
file.write(soup.prettify())
|
||||||
else:
|
else:
|
||||||
|
|
|
||||||
|
|
@ -4,36 +4,21 @@
|
||||||
<meta charset="UTF-8">
|
<meta charset="UTF-8">
|
||||||
<link rel="stylesheet" href="styles/index.css">
|
<link rel="stylesheet" href="styles/index.css">
|
||||||
<link rel="stylesheet" href="styles/base.css">
|
<link rel="stylesheet" href="styles/base.css">
|
||||||
<title>Document</title>
|
<title>Partage de liens</title>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<div id="menu">
|
<div id="menu">
|
||||||
<h1>Liens</h1>
|
<h1>Liens</h1>
|
||||||
<header>
|
<header>
|
||||||
<!-- <a href="recherche/">Recherche</a> -->
|
|
||||||
<a href="ajout.html">Ajout</a>
|
<a href="ajout.html">Ajout</a>
|
||||||
<a href="apropos.html">A propos</a>
|
<a href="apropos.html">A propos</a>
|
||||||
</header>
|
</header>
|
||||||
</div>
|
</div>
|
||||||
<hr>
|
<hr>
|
||||||
<!-- <div id="categories">
|
|
||||||
<ul>
|
|
||||||
<li><p>Informatique</p></li>
|
|
||||||
<li><p>Opsec</p></li>
|
|
||||||
<li><p>Tutoriel</p></li>
|
|
||||||
</ul>
|
|
||||||
</div> -->
|
|
||||||
|
|
||||||
<div class="elem">
|
<footer>
|
||||||
<h2>Titre</h2>
|
|
||||||
<p>Lien</p>
|
|
||||||
<hr>
|
<hr>
|
||||||
<p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed dui eros, molestie vitae dui in, porta volutpat augue. Donec fermentum efficitur ligula, ut facilisis metus ornare a. Vestibulum tempus tincidunt elit, in mattis tellus rutrum facilisis. Phasellus tempor tempus magna, quis vehicula libero commodo a. Nulla eget est euismod, aliquam est vitae, tempor enim. Etiam tincidunt cursus massa et rhoncus. Nunc ut justo mattis, dapibus diam et, viverra magna. Nulla commodo luctus lectus vitae elementum. Cras ullamcorper eu velit ut varius. Nam dictum ante ex, luctus tempor dolor scelerisque sed. Vestibulum malesuada sodales eros vel imperdiet. Cras placerat libero metus, sed mollis augue mattis vitae. Pellentesque sed quam et ligula vestibulum gravida vel vitae tortor. Proin iaculis libero a vulputate rutrum. Proin ornare bibendum tellus, sed fringilla ex posuere vitae. Ut sed lorem vel neque tempor placerat. </p>
|
Version Alpha
|
||||||
<p>Tags:</p>
|
</footer>
|
||||||
<ul>
|
|
||||||
<li> Opsec </li>
|
|
||||||
<li> Informatique </li>
|
|
||||||
</ul>
|
|
||||||
</div>
|
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
||||||
|
|
@ -15,15 +15,12 @@
|
||||||
</header>
|
</header>
|
||||||
</div>
|
</div>
|
||||||
<hr>
|
<hr>
|
||||||
<p>
|
<p>Site en alpha. Futurs ajouts :</p>
|
||||||
Site en alpha. Futurs ajouts :
|
|
||||||
<ul>
|
<ul>
|
||||||
<li>Tags</li>
|
<li>Tags</li>
|
||||||
<li>Recherche</li>
|
<li>Recherche</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
<p>Vous pouvez me proposer des ajouts en ouvrant un ticket sur le git ou en envoyant un mail à <code>rick <AT> gnous <dot> eu</code>.</p>
|
||||||
Vous pouvez me proposer des ajouts en ouvrant un ticket sur le git ou en envoyant un mail à <code>rick <AT> gnous <dot> eu</code>.
|
|
||||||
</p>
|
|
||||||
|
|
||||||
<p> Ce site est conçu pour réunir des liens de manière efficace afin de retrouver ou de stocker facilement une url.</p>
|
<p> Ce site est conçu pour réunir des liens de manière efficace afin de retrouver ou de stocker facilement une url.</p>
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue