## xssbook ### description who doesn't want to run non free javascript now with xssbook you can run as much stallman disapprovement as you want - all inputs on the site are unfiltered - api calls dont care what you send them as long as they are valid strings - upload anyfiles to be your profile avatar and banner (even adobe flash!!!) ### installation To get the checkout run: ```sh git clone https://g.freya.cat/freya/xssbook2 xssbook2 cd xssbook2 git submodule update --init ``` XSSBook v2 runs in docker compose. Do ALL of the following: - MUST Copy `example.env` to `.env` - MUST update the following settings in `.env` - `API_SECRET` - Your own private JWT secret - `XSSBOOK_*` - Domain info for XSSBook is being hosted - NOT REQUIRED in [development](https://g.freya.cat/freya/crimson/src/branch/main/src/config.php#L20) mode - MAY want to update the following settings in `.env` - `HTTP_BIND` - The addresses XSSBook will listen on - `HTTP_PORT` - The port XSSBook will listen on - `ENVIRONMENT` - If you want to test XSSBook in [development] mode - MUST build the following assets by running `make` - CSS files. MUST have `sassc` installed - MUST use `site/bin/compose` instead of `docker compose` Once XSSBook is configured properly. Run the following to build the container images and start up the compose stack for XSSBook. ```sh ./site/bin/compose build --pull ./site/bin/compose up -d ``` > NOTE: XSSBook needs all docker volumes to be owned by uid 1000 gid 1000. If you are NOT the root user or user 1000:1000, the compose script will ask for sudo access to be able to set the volume permissions. ### migrating from xssbook v1 See `shim/README.md` ### license This project is licensed under the GNU GPLv3.