github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

added ability to copy suppression data from HTML report

Browse Source 
Former-commit-id: 5429dc4a2738b5ea021cc33cf3d1efc68615f99f
This commit is contained in:
Jeremy Long
2013-12-01 07:46:29 -05:00
parent 80df96fd0d
commit 97619d8ba1
1 changed files with 129 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

132
dependency-check-core/src/main/resources/templates/HtmlReport.vsl
View File

@@ -51,14 +51,132 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
});
});
</script>
<script type="text/javascript">
$(function(){
$("#modal-background, #modal-close").click(function () {
$("#modal-content,#modal-background").toggleClass("active");
});
$("#modal-text").bind('copy cut', function() {
setTimeout('$("#modal-content,#modal-background").toggleClass("active");',100);
});
$("#modal-add-header").click(function () {
xml = '<?xml version="1.0" encoding="UTF-8"?>\n<suppressions xmlns="https://www.owasp.org/index.php/OWASP_Dependency_Check_Suppression">\n ';
xml += $("#modal-text").text().replace(/\n/g,'\n ');
xml += '\n</suppressions>';
$("#modal-text").text(xml).focus().select();
});
});
function copyText(name, sha1, type, val) {
xml = '<suppress>\n';
xml += ' <notes><!'+'[CDATA[\n file name: ' + name + '\n ]]'+'></notes>\n';
xml += ' <sha1>' + sha1 + '</sha1>\n';
xml += ' <'+type+'>' + val + '</'+type+'>\n';
xml += '</suppress>';
$("#modal-text").text(xml);
$("#modal-content,#modal-background").toggleClass("active");
$("#modal-text").focus();
$("#modal-text").select();
}
function toggleVuln() {
$(".notvulnerable").toggle();
}
</script>
<style type="text/css">
#modal-background {
display: none;
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-color: white;
opacity: .50;
-webkit-opacity: .5;
-moz-opacity: .5;
filter: alpha(opacity=50);
z-index: 1000;
}
#modal-content {
background-color: white;
border-radius: 10px;
-webkit-border-radius: 10px;
-moz-border-radius: 10px;
box-shadow: 0 0 20px 0 #222;
-webkit-box-shadow: 0 0 20px 0 #222;
-moz-box-shadow: 0 0 20px 0 #222;
display: none;
height: 240px;
left: 50%;
margin: -120px 0 0 -160px;
padding: 10px;
position: absolute;
top: 50%;
z-index: 1000;
}
#modal-background.active, #modal-content.active {
display: block;
}
#modal-text {
border: 0;
overflow: hidden
}
#modal-text:focus {
outline: none;
}
.copybutton {
padding:1px;
background-color: #eeeeee;
border: 1px solid #555555;
color:#555555;
text-decoration:none;
-moz-border-radius: 3px;
-webkit-border-radius: 3px;
-khtml-border-radius: 3px;
-o-border-radius: 3px;
border-radius: 3px;
}
.copybutton:hover {
padding:1px;
background-color: #dddddd;
border: 1px solid #444444;
color:#444444;
text-decoration:none;
-moz-border-radius: 3px;
-webkit-border-radius: 3px;
-khtml-border-radius: 3px;
-o-border-radius: 3px;
border-radius: 3px;
}
.modal-button {
padding:1px;
float:right;
background-color: #eeeeee;
border: 1px solid #555555;
color:#555555;
text-decoration:none;
-moz-border-radius: 3px;
-webkit-border-radius: 3px;
-khtml-border-radius: 3px;
-o-border-radius: 3px;
border-radius: 3px;
}
.modal-button:hover {
padding:1px;
float:right;
background-color: #dddddd;
border: 1px solid #333333;
color:#333333;
text-decoration:none;
-moz-border-radius: 3px;
-webkit-border-radius: 3px;
-khtml-border-radius: 3px;
-o-border-radius: 3px;
border-radius: 3px;
}
.rounded-corners {
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
@@ -292,6 +410,12 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
</style>
</head>
<body>
<div id="modal-background"></div>
<div id="modal-content">
<div>Press CTR-C to copy XML<button id="modal-add-header" class="modal-button">Complete XML Doc</button></div>
<textarea id="modal-text" cols="50" rows="10"></textarea><br/>
<button id="modal-close" class="modal-button">Close</button>
</div>
<div class="wrapper">
<h1>Dependency Report</h1>
]]#
@@ -424,6 +548,8 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
#else
<li><b>$esc.html($id.type):</b>&nbsp;$esc.html($id.value)
#end
##yes, we are HTML Encoding into JavaScript... the escape utils don't have a JS Encode and I haven't written one yet
&nbsp;&nbsp;<button class="copybutton" onclick="copyText('$esc.html($dependency.FileName)', '$esc.html($dependency.Sha1sum)', 'cpe', '$esc.html($id.value)')">suppress</button>
#if( $id.description )
<br/>$esc.html($id.description)
#end
@@ -437,7 +563,7 @@ Copyright (c) 2012 Jeremy Long. All Rights Reserved.
<h4 id="header$cnt" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4>
<div id="content$cnt" class="subsectioncontent standardsubsection">
#foreach($vuln in $dependency.getVulnerabilities())
<p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=$esc.url($vuln.name)">$esc.html($vuln.name)</a></b></p>
<p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=$esc.url($vuln.name)">$esc.html($vuln.name)</a></b>&nbsp;&nbsp;<button class="copybutton" onclick="copyText('$esc.html($dependency.FileName)', '$esc.html($dependency.Sha1sum)', 'cve', '$esc.html($vuln.name)')">suppress</button></p>
<p>Severity:
#if ($vuln.cvssScore<4.0)
Low