aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2025-12-17 14:04:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

1.2.0 (#627)

Browse Source 
* Changing to a new plugin oriented challenge type plugin and fixing extra width on admin chal description

* Add window.challenge.submit, renderSubmissionResponse, and csrf_nonce

* Update admin side renderer calls

* Updating to Flask 1.0 and adding files for flask run

* Adding a preliminary case-insensitive key

* Adding case insensitive keys

* Adding CTF Logo

* Reducing the amount of team information shown on the main page

* Add better base64 helpers

* Switch from button to badge

* Rudimentary solve checking from admin panel

* Refine admin chals solves view & fix PEP8

* Compare base64 encoded data with bytestring

* Removing need to urlencode/urldecode in base64 wrappers

* Adding decorator documentation

* Randomly order tests & add test for case_insensitive flags

* Add regex flag case_insensitive test

* Add tests for /admin/chal/1/solves and ctf_logo
This commit is contained in:
Kevin Chung
2018-05-03 18:04:39 -04:00
committed by GitHub
parent 9c812ad52e
commit 36c83b59bc
40 changed files with 695 additions and 429 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/user/test_auth.py
View File

@@ -118,7 +118,7 @@ def test_expired_confirmation_links():
client = login_as_user(app, name="user", password="password")
# user@user.com "2012-01-14 03:21:34"
confirm_link = 'http://localhost/confirm/InVzZXJAdXNlci5jb20iLkFmS0dQZy5kLUJnVkgwaUhadzFHaXVENHczWTJCVVJwdWc%3D'
confirm_link = 'http://localhost/confirm/InVzZXJAdXNlci5jb20iLkFmS0dQZy5kLUJnVkgwaUhadzFHaXVENHczWTJCVVJwdWc'
r = client.get(confirm_link)
assert "Your confirmation link has expired" in r.get_data(as_text=True)
@@ -137,7 +137,7 @@ def test_invalid_confirmation_links():
client = login_as_user(app, name="user", password="password")
# user@user.com "2012-01-14 03:21:34"
confirm_link = 'http://localhost/confirm/a8375iyu<script>alert(1)<script>hn3048wueorighkgnsfg%3D%3D'
confirm_link = 'http://localhost/confirm/a8375iyu<script>alert(1)<script>hn3048wueorighkgnsfg'
r = client.get(confirm_link)
assert "Your confirmation token is invalid" in r.get_data(as_text=True)
@@ -180,7 +180,7 @@ def test_invalid_reset_password_link():
with app.test_client() as client:
# user@user.com "2012-01-14 03:21:34"
forgot_link = 'http://localhost/reset_password/5678ytfghjiu876tyfg<>hvbnmkoi9u87y6trdfcgvhbnm,lp09iujmk%3D'
forgot_link = 'http://localhost/reset_password/5678ytfghjiu876tyfg<>hvbnmkoi9u87y6trdfcgvhbnm,lp09iujmk'
r = client.get(forgot_link)
assert "Your reset token is invalid" in r.get_data(as_text=True)