mirror of
https://github.com/aljazceru/CTFd.git
synced 2025-12-18 22:44:24 +01:00
6e8c7aaa50
* Require CSRF-Token header on state changing API requests * Require CSRF nonces on more than just POSTs, * Replace usage of `fetch()` with custom `CTFd.fetch()` implementation
56 lines
1.3 KiB
JavaScript
56 lines
1.3 KiB
JavaScript
window.challenge.data = undefined;
|
|
|
|
window.challenge.renderer = new markdownit({
|
|
html: true,
|
|
});
|
|
|
|
window.challenge.preRender = function () {
|
|
|
|
};
|
|
|
|
window.challenge.render = function (markdown) {
|
|
return window.challenge.renderer.render(markdown);
|
|
};
|
|
|
|
|
|
window.challenge.postRender = function () {
|
|
|
|
};
|
|
|
|
|
|
window.challenge.submit = function (cb, preview) {
|
|
var challenge_id = parseInt($('#challenge-id').val());
|
|
var submission = $('#submission-input').val();
|
|
var url = "/api/v1/challenges/attempt";
|
|
|
|
if (preview) {
|
|
url += "?preview=true";
|
|
}
|
|
|
|
var params = {
|
|
'challenge_id': challenge_id,
|
|
'submission': submission
|
|
};
|
|
|
|
CTFd.fetch(url, {
|
|
method: 'POST',
|
|
credentials: 'same-origin',
|
|
headers: {
|
|
'Accept': 'application/json',
|
|
'Content-Type': 'application/json'
|
|
},
|
|
body: JSON.stringify(params)
|
|
}).then(function (response) {
|
|
if (response.status === 429) {
|
|
// User was ratelimited but process response
|
|
return response.json();
|
|
}
|
|
if (response.status === 403) {
|
|
// User is not logged in or CTF is paused.
|
|
return response.json();
|
|
}
|
|
return response.json();
|
|
}).then(function (response) {
|
|
cb(response);
|
|
});
|
|
}; |