forked from ab-smith/gruyere
-
Notifications
You must be signed in to change notification settings - Fork 0
/
data.py
executable file
·74 lines (65 loc) · 2.44 KB
/
data.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
"""Gruyere - Default data for Gruyere, a web application with holes.
Copyright 2017 Google Inc. All rights reserved.
This code is licensed under the https://creativecommons.org/licenses/by-nd/3.0/us/
Creative Commons Attribution-No Derivative Works 3.0 United States license.
DO NOT COPY THIS CODE!
This application is a small self-contained web application with numerous
security holes. It is provided for use with the Web Application Exploits and
Defenses codelab. You may modify the code for your own use while doing the
codelab but you may not distribute the modified code. Brief excerpts of this
code may be used for educational or instructional purposes provided this
notice is kept intact. By using Gruyere you agree to the Terms of Service
https://www.google.com/intl/en/policies/terms/
"""
__author__ = 'Bruce Leban'
# system modules
import copy
DEFAULT_DATA = {
'administrator': {
'name': 'Admin',
'pw': 'secret',
'is_author': False,
'is_admin': True,
'private_snippet': 'My password is secret. Get it?',
'web_site': 'https://www.google.com/contact/',
},
'cheddar': {
'name': 'Cheddar Mac',
'pw': 'orange',
'is_author': True,
'is_admin': False,
'private_snippet': 'My SSN is <a href="https://www.google.com/' +
'search?q=078-05-1120">078-05-1120</a>.',
'web_site': 'https://images.google.com/?q=cheddar+cheese',
'color': 'blue',
'snippets': [
'Gruyere is the cheesiest application on the web.',
'I wonder if there are any security holes in this....'
],
},
'sardo': {
'name': 'Miss Sardo',
'pw': 'odras',
'is_author': True,
'is_admin': False,
'private_snippet': 'I hate my brother Romano.',
'web_site': 'https://www.google.com/search?q="pecorino+sardo"',
'color': 'red',
'snippets': [],
},
'brie': {
'name': 'Brie',
'pw': 'briebrie',
'is_author': True,
'is_admin': False,
'private_snippet': 'I use the same password for all my accounts.',
'web_site': 'https://news.google.com/news/search?q=brie',
'color': 'red; text-decoration:underline',
'snippets': [
'Brie is the queen of the cheeses<span style=color:red>!!!</span>'
],
},
}
def DefaultData():
"""Provides default data for Gruyere."""
return copy.deepcopy(DEFAULT_DATA)