Adding checkboxes to handle capturing credentials and passwords

pull/176/head
Jordan Wright 2016-02-13 16:11:45 -06:00
parent 4fadcc1ee5
commit bbe0163366
3 changed files with 31 additions and 1 deletions

3
static/css/main.css vendored
View File

@ -455,3 +455,6 @@ td.details-control{
.tooltip-inner {
width:300px !important;
}
#capture_passwords {
display:none;
}

View File

@ -9,7 +9,20 @@ var pages = []
function save(idx) {
var page = {}
page.name = $("#name").val()
page.html = CKEDITOR.instances["html_editor"].getData();
editor = CKEDITOR.instances["html_editor"]
html = editor.getData();
ck_dom = $(html)
// Handle capturing credentials
if ($("#capture_credentials_checkbox").prop("checked")) {
ck_dom.find("form").attr("action", "")
if (!$("#capture_passwords_checkbox").prop("checked")) {
// Remove the name so the credential isn't submitted
ck_dom.find("input[type='password']").removeAttr("name")
}
} else {
ck_dom.find("form").attr("action", "#")
}
page.html = editor.getData();
if (idx != -1) {
page.id = pages[idx].id
api.pageId.put(page)
@ -163,5 +176,8 @@ $(document).ready(function() {
}
}, this));
};
$("#capture_credentials_checkbox").change(function(){
$("#capture_passwords").toggle()
})
load()
})

View File

@ -80,6 +80,17 @@
<textarea id="html_editor"></textarea>
</div>
</div>
<div class="checkbox checkbox-primary">
<input id="capture_credentials_checkbox" type="checkbox">
<label for="capture_credentials_checkbox">Capture Submitted Data <i class="fa fa-question-circle" data-toggle="tooltip" data-placement="right" title="If the landing page contains a form, submitted input (except passwords!) will be captured."></i></label>
</div>
<div class="checkbox checkbox-primary" id="capture_passwords">
<input id="capture_passwords_checkbox" type="checkbox">
<label for="capture_passwords_checkbox">Capture Passwords</label>
<div class="alert alert-warning">
<i class="fa fa-exclamation-circle"></i> <b>Warning:</b> Credentials are currently <b>not encrypted</b>. This means that captured passwords are stored in the database as cleartext. Be careful with this!
</div>
</div>
</div>
<div class="modal-footer">
<button type="button" data-dismiss="modal" class="btn btn-default" onclick="dismiss()">Cancel</button>