def search(): defenses.setup(request, response) csrftoken = defenses.csrfDefense.init(request, response) defenses.xssDefense.init(response) query = defenses.xssDefense.filter(request.query.q) user = getUser() if user and user.id: if query != "": database.addHistory(user.id, query) history = database.getHistory(user.id) else: history = None return dict(v=FormsDict(defenses=defenses.selectors(), user=getUser(), query=query, history=history, csrfcode=defenses.csrfDefense.formHTML(csrftoken)))
def search(): defenses.setup(request, response) csrftoken = defenses.csrfDefense.init(request, response) defenses.xssDefense.init(response) query = defenses.xssDefense.filter(request.query.q) user = getUser() if user and user.id: if user.username != 'attacker': # Hack to prevent students from polluting each others' history if query != "": database.addHistory(user.id, query) history = database.getHistory(user.id) else: history = None return dict(v=FormsDict(defenses=defenses.selectors(), user=getUser(), query=query, history=history, csrfcode=defenses.csrfDefense.formHTML(csrftoken)))
def search(): defenses.setup(request, response) csrftoken = defenses.csrfDefense.init(request, response) defenses.xssDefense.init(response) query = defenses.xssDefense.filter(request.query.q) user = getUser() if user and user.id: if user.username != "attacker": # Hack to prevent students from polluting each others' history if query != "": database.addHistory(user.id, query) history = database.getHistory(user.id) else: history = None return dict( v=FormsDict( defenses=defenses.selectors(), user=getUser(), query=query, history=history, csrfcode=defenses.csrfDefense.formHTML(csrftoken), ) )
def index(): defenses.setup(request, response) csrftoken = defenses.csrfDefense.init(request, response) return dict(v=FormsDict(defenses=defenses.selectors(), user=getUser(), csrfcode=defenses.csrfDefense.formHTML(csrftoken)))
def index(): defenses.setup(request, response) csrftoken = defenses.csrfDefense.init(request, response) return dict( v=FormsDict(defenses=defenses.selectors(), user=getUser(), csrfcode=defenses.csrfDefense.formHTML(csrftoken)) )