blob: 5afcf942926b4db963317d1967da1960ab5d772b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
## xssbook
### description
who doesn't want to run non free javascript
now with xssbook you can run as much stallman disapprovement as you want
- all inputs on the site are unfiltered
- api calls dont care what you send them as long as they are valid strings
- upload anyfiles to be your profile avatar and banner (even adobe flash!!!)
### installation
To get the checkout run:
```sh
git clone https://g.freya.cat/freya/xssbook2 xssbook2
cd xssbook2
git submodule update --init
```
XSSBook v2 runs in docker compose. Do ALL of the following:
- MUST Copy `example.env` to `.env`
- MUST update the following settings in `.env`
- `API_SECRET` - Your own private JWT secret
- `XSSBOOK_*` - Domain info for XSSBook is being hosted
- NOT REQUIRED in [development](https://g.freya.cat/freya/crimson/src/branch/main/src/config.php#L20) mode
- MAY want to update the following settings in `.env`
- `HTTP_BIND` - The addresses XSSBook will listen on
- `HTTP_PORT` - The port XSSBook will listen on
- `ENVIRONMENT` - If you want to test XSSBook in [development] mode
- MUST build the following assets by running `make`
- CSS files. MUST have `sassc` installed
- MUST use `site/bin/compose` instead of `docker compose`
Once XSSBook is configured properly. Run the following to build the container
images and start up the compose stack for XSSBook.
```sh
./site/bin/compose build --pull
./site/bin/compose up -d
```
> NOTE: XSSBook needs all docker volumes to be owned by uid 1000 gid 1000. If
you are NOT the root user or user 1000:1000, the compose script will ask for
sudo access to be able to set the volume permissions.
### migrating from xssbook v1
See `shim/README.md`
### license
This project is licensed under the GNU GPLv3.
|
