├── CHANGELOG.md
├── INSTALL.md
├── LICENSE
├── README.md
├── RISKS.md
├── ace-builds
├── index.html
└── src-min-noconflict
│ ├── ace.js
│ ├── index.html
│ ├── mode-json.js
│ ├── theme-xcode.js
│ └── worker-json.js
├── api
└── cve
│ ├── CVE-9999-0000
│ └── CVE-9999-9999
├── autoCompleter.js
├── certicon.ico
├── cveClientlib.js
├── cveInterface.css
├── cveInterface.js
├── cveIterface.js
├── encrypt-storage.js
├── index.html
├── language-codes.json
├── schemaToForm.js
└── sweetalert2
├── index.html
└── sweetalert2.all.min.js
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # cveClient Changelog
2 |
3 | Version 1.0.20 2023-08-21
4 |
5 | * Add schemaToJson.js generic library to support conversion of CVE schema
6 | * Added updates to support viewing of full schema as presented by CVE5.0 schema
7 |
8 |
9 | Version 1.0.19 2023-08-21
10 |
11 | * Fixed some bugs on cveInterface.js related to apply_diff
12 | * Added the ability to download CVE JSON from repositories for edit/duplicate
13 | * Moved display capabilities using CSS.
14 |
15 |
16 | Version 1.0.18 2023-08-09
17 |
18 | * Fixed some bugs on cveInterface.js related to from_json and to_json routines
19 | * The cveclientLib on 1.0.14 now support ADP capability
20 | * The User Management interface bug fixes on duplicate ID or duplicate name field fixed.
21 | * ADP client interface is available only via JSON editor at this time.
22 | * Require at least One product to have STatus "affected" or "unknown".
23 |
24 | Version 1.0.17 2023-08-09
25 | * Allow entry of CVE data without being logged in just to create mock records
26 | * Implemented offload download button for CVE records
27 | * Fixed XSS issue due to changes to CVE Services RSUS interface
28 | * Pagination issues resolved
29 |
--------------------------------------------------------------------------------
/INSTALL.md:
--------------------------------------------------------------------------------
1 | ### Installing cveClient on your webserver (apache2, IIS, nginx, tinyhttp)
2 |
3 | All the files in this repository are client utilities expected to served from a webserver to run inside a web browser. Directly accessing the index.html file inside a browser will NOT work as most browsers will not allow network activity from static files on your local or network attached drive/storage.
4 |
5 | Clone this repository to a web accessible folder in your webserver says into a folder called `cveClient` using git command `git clone https://github.com/CERTCC/cveClient`. Once you have cloned this folder, you can visit your webserver's relative URL at `/cveClient/` to the folder where the repository was cloned. Ensure your webserver's default index file is `index.html`
6 |
7 | If you use Content-Security-Policy (CSP) headers on your webserver or on your web reverse proxy, make sure the appropriate domain URLs are allowed for the folder that was cloned (`cveClient`). Below is the sample Content-Security-Policy header recommended for this folder:
8 |
9 | `default-src 'self' blob: http://127.0.0.1:* http://localhost:*; connect-src 'self' http://127.0.0.1:* http://localhost:* *.mitre.org; script-src 'self' https://stackpath.bootstrapcdn.com https://code.jquery.com https://cdnjs.cloudflare.com https://unpkg.com https://apis.google.com blob:; style-src 'self' https://stackpath.bootstrapcdn.com 'unsafe-inline' https://unpkg.com; img-src 'self' data: blob:;object-src 'self'`
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | The following license applies to software contained in this repository.
2 |
3 | ----
4 | MIT License
5 |
6 | Copyright (c) 2020 Carnegie Mellon University
7 |
8 | Permission is hereby granted, free of charge, to any person obtaining a copy
9 | of this software and associated documentation files (the "Software"), to deal
10 | in the Software without restriction, including without limitation the rights
11 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 | copies of the Software, and to permit persons to whom the Software is
13 | furnished to do so, subject to the following conditions:
14 |
15 | The above copyright notice and this permission notice shall be included in all
16 | copies or substantial portions of the Software.
17 |
18 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24 | SOFTWARE.
25 |
26 | ----
27 | The following statement applies to documents contained in this repository, and can also be found in each
28 | individual document.
29 |
30 | This material is based upon work funded and supported by the Department of Defense
31 | under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation
32 | of the Software Engineering Institute, a federally funded research and development center.
33 |
34 | The view, opinions, and/or findings contained in this material are those of the author(s)
35 | and should not be construed as an official Government position, policy, or decision, unless
36 | designated by other documentation.
37 |
38 | References herein to any specific commercial product, process, or service by trade name,
39 | trade mark, manufacturer, or otherwise, does not necessarily constitute or imply its
40 | endorsement, recommendation, or favoring by Carnegie Mellon University or its
41 | Software Engineering Institute.
42 |
43 | NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL
44 | IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND,
45 | EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF
46 | FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE
47 | MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT
48 | TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.
49 |
50 | [DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution.
51 | Please see Copyright notice for non-US Government use and distribution.
52 |
53 | Internal use:
54 | * Permission to reproduce this material and to prepare derivative works from this material for internal
55 | use is granted, provided the copyright and “No Warranty” statements are included with all reproductions
56 | and derivative works.
57 |
58 | External use:
59 | * This material may be reproduced in its entirety, without modification, and freely distributed in
60 | written or electronic form without requesting formal permission. Permission is required for any
61 | other external and/or commercial use. Requests for permission should be directed to the
62 | Software Engineering Institute at permission@sei.cmu.edu.
63 |
64 | * These restrictions do not apply to U.S. government entities.
65 |
66 | Carnegie Mellon®, CERT Coordination Center® and OCTAVE® are registered in the U.S. Patent and
67 | Trademark Office by Carnegie Mellon University.
68 | DM18-1203, DM19-1222
69 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # cveClient
2 | A web-based client interface and a client library to cve-services 2.x to provide CVE JSON (5.x) vulnerability management for CVE Numbering Authorities (CNAs) and Roots.
3 |
4 |
5 | # Introduction
6 | A JavaScript library and simple HTML interface for CVE services that is like RedHat's [cvelib](https://github.com/RedHatProductSecurity/cvelib) and [Vulnogram](https://github.com/Vulnogram/Vulnogram). Provides capabilities to interface with [cve-services](https://github.com/CVEProject/cve-services) with a JavaScript client and simple HTML UI. You can just serve the index.html file from any static content area of your webserver (Apache2, NGINX, thttpd, lighttpd, Caddy).
7 |
8 | A JavaScript encryption toolkit is also served from [encrypt-storage.js](./encrypt-storage.js) file. This is a simple asymmetric encryption to protect your API Key while in `localStorage` (if *Keep me logged in* checkbox is enabled) or `sessionStorage` with PKI stored in native `indexedDB`. This provides some limited protection of your API keys. Currently cve-services expects API key for every transaction, there is no middleware providing session capability or related CSRF protection.
9 |
10 | Demo of the UI and client library can be accessed at [https://certcc.github.io/cveClient/](https://certcc.github.io/cveClient/) or CERT's [demo site](https://democert.org/cveClient). Currently the allowed servers (cve-services servers) are limited with Content Security Policy headers to cve-services 2.x production site, testing site and a localhost instance.
11 |
12 | Dependency libraries for HTML UI only.
13 | * [jQuery - 3.5.1](https://jquery.com/)
14 | * [Bootstrap - 4.3.1](https://getbootstrap.com/)
15 | * [Popper - 1.14.7](https://popper.js.org/)
16 | * [SweetAlert2 - 2.11](https://sweetalert2.github.io/)
17 | * [Bootstrap-Table - 1.19.1](https://bootstrap-table.com/)
18 | * [Ace Editor - 1.2.4](https://ace.c9.io/)
19 |
20 | Except for Ace Editor and SweetAlert2 library all the dependencies are served from CDN sources with sha-284 [Subsource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) checks. There is some issue with the nightly builds, so these two libraries are served from local. Please ensure you understand their license agreements as well.
21 |
22 | # Roll out your own using cveClientlib
23 | If you plan to rollour your own UI, this JavaScript library is helpful. Also note that there is another client library with similar capabilities built with ECMAScrip6 requirement at [https://github.com/xdrr/cve.js](https://github.com/xdrr/cve.js).
24 |
25 | You can use the [cveClientlib.js](./cveClientlib.js) to do all the tasks being performed by the current UI. The file is called cveClientlib.js as Safari browsers have trouble with filename and a Class name being the same.
26 |
27 | # Risks of using API keys in browser for CVE-Services
28 |
29 | See the [RISKS.md](./RISKS.md) that captures some of the inherent risks of using API keys to access an API service. If you decide to use these web base clients to access `cve-services`, please be aware of these risks.
30 |
31 |
32 | # Installation on your own webserver
33 |
34 | See the [INSTALL.md](./INSTALL.md), if you would like to run a private version of the cveClient in your own webserver.
--------------------------------------------------------------------------------
/RISKS.md:
--------------------------------------------------------------------------------
1 | # Risk of using API keys in browser for CVE-Services
2 |
3 |
4 | The [cve-services](https://github.com/CVEProject/cve-services)' API interface is protected by an API key to perform CNA functions to manage CVE records. An API-key assigned to a user with Admin role (administrator) is also able manage users under their organization.
5 |
6 | Any browser-based client to cve-services requires unencrypted access to the API key to perform each transaction with the cve-services endpoints. The browser-based clients such as Vulnogram and cveClient depend on the browser to protect these API keys. API key, unlike passwords, are rarely changed and could be stolen from the browser where the API key was entered. This is a known risk in using browser-based clients when accessing CVE program capabilities as a CNA. Although there are several technologies such as [ServiceWorkers](https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers) and [Storage APIs](https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html#storage-apis), the browser needs to repeatedly retrieve and use the API keys making this data available in its raw form to support CAN activities.
7 |
8 | If a CNA decides to use these clients, they should be aware of the risks that the API key could be stolen from the browser. The CNA should take necessary precautions as appropriate for their organization to protect the API keys.
9 |
10 | If a CNA chooses to use this or other web based interfaces to access the cve-services, here are some precautionary measures the CNA may adapt to reduce risk of abuse of their cve-services credentials.
11 | * Secure the browser.
12 | Ensure the organization’s computer and browser software are well-managed and kept up to date with security updates. Limit the browser plugins to ensure secure and audited plugins are installed on the browser. Use automatic updates and timely restart of the browser to reduce long-running unpatched software.
13 | * Audit and manage users.
14 | Organization audits and verifies the users who belong to their organization and timely disables the users who have left the organization or have no longer need the role to manage CVE records for the organization.
15 | * Regenerate your API keys periodically.
16 | The cve-program allows for regeneration of the API keys for users in an organization. This is recommended to match the organization password and API credentials lifecycle management policy. This can also allow for timely auditing and detection of rogue users and stray accounts that are part of your organization
17 | * Protect web server, if you run your own.
18 | The software Vulnogram can be accessed at [https://vulnogram.github.io](https://vulnogram.github.io) for a client only solution from GitHub site. Similarly cveClient is also accessible from [https://certcc.github.io/cveClient/](https://certcc.github.io/cveClient/). These are static websites hosted at GitHub and do not collect any information from your browser but only serve static web content. However, if you wish to run a cloned or forked version of Vulnogram or cveClient software from GitHub, ensure your publishing web server is protected from Cross-Site Scripting (XSS) attacks using something like [Content-Security-Policy headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy).
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------
/ace-builds/index.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERTCC/cveClient/23eca2298a3a429e5e61d951450834648de3fc38/ace-builds/index.html
--------------------------------------------------------------------------------
/ace-builds/src-min-noconflict/index.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERTCC/cveClient/23eca2298a3a429e5e61d951450834648de3fc38/ace-builds/src-min-noconflict/index.html
--------------------------------------------------------------------------------
/ace-builds/src-min-noconflict/mode-json.js:
--------------------------------------------------------------------------------
1 | ace.define("ace/mode/json_highlight_rules",["require","exports","module","ace/lib/oop","ace/mode/text_highlight_rules"],function(e,t,n){"use strict";var r=e("../lib/oop"),i=e("./text_highlight_rules").TextHighlightRules,s=function(){this.$rules={start:[{token:"variable",regex:'["](?:(?:\\\\.)|(?:[^"\\\\]))*?["]\\s*(?=:)'},{token:"string",regex:'"',next:"string"},{token:"constant.numeric",regex:"0[xX][0-9a-fA-F]+\\b"},{token:"constant.numeric",regex:"[+-]?\\d+(?:(?:\\.\\d*)?(?:[eE][+-]?\\d+)?)?\\b"},{token:"constant.language.boolean",regex:"(?:true|false)\\b"},{token:"text",regex:"['](?:(?:\\\\.)|(?:[^'\\\\]))*?[']"},{token:"comment",regex:"\\/\\/.*$"},{token:"comment.start",regex:"\\/\\*",next:"comment"},{token:"paren.lparen",regex:"[[({]"},{token:"paren.rparen",regex:"[\\])}]"},{token:"text",regex:"\\s+"}],string:[{token:"constant.language.escape",regex:/\\(?:x[0-9a-fA-F]{2}|u[0-9a-fA-F]{4}|["\\\/bfnrt])/},{token:"string",regex:'"|$',next:"start"},{defaultToken:"string"}],comment:[{token:"comment.end",regex:"\\*\\/",next:"start"},{defaultToken:"comment"}]}};r.inherits(s,i),t.JsonHighlightRules=s}),ace.define("ace/mode/matching_brace_outdent",["require","exports","module","ace/range"],function(e,t,n){"use strict";var r=e("../range").Range,i=function(){};(function(){this.checkOutdent=function(e,t){return/^\s+$/.test(e)?/^\s*\}/.test(t):!1},this.autoOutdent=function(e,t){var n=e.getLine(t),i=n.match(/^(\s*\})/);if(!i)return 0;var s=i[1].length,o=e.findMatchingBracket({row:t,column:s});if(!o||o.row==t)return 0;var u=this.$getIndent(e.getLine(o.row));e.replace(new r(t,0,t,s-1),u)},this.$getIndent=function(e){return e.match(/^\s*/)[0]}}).call(i.prototype),t.MatchingBraceOutdent=i}),ace.define("ace/mode/folding/cstyle",["require","exports","module","ace/lib/oop","ace/range","ace/mode/folding/fold_mode"],function(e,t,n){"use strict";var r=e("../../lib/oop"),i=e("../../range").Range,s=e("./fold_mode").FoldMode,o=t.FoldMode=function(e){e&&(this.foldingStartMarker=new RegExp(this.foldingStartMarker.source.replace(/\|[^|]*?$/,"|"+e.start)),this.foldingStopMarker=new RegExp(this.foldingStopMarker.source.replace(/\|[^|]*?$/,"|"+e.end)))};r.inherits(o,s),function(){this.foldingStartMarker=/([\{\[\(])[^\}\]\)]*$|^\s*(\/\*)/,this.foldingStopMarker=/^[^\[\{\(]*([\}\]\)])|^[\s\*]*(\*\/)/,this.singleLineBlockCommentRe=/^\s*(\/\*).*\*\/\s*$/,this.tripleStarBlockCommentRe=/^\s*(\/\*\*\*).*\*\/\s*$/,this.startRegionRe=/^\s*(\/\*|\/\/)#?region\b/,this._getFoldWidgetBase=this.getFoldWidget,this.getFoldWidget=function(e,t,n){var r=e.getLine(n);if(this.singleLineBlockCommentRe.test(r)&&!this.startRegionRe.test(r)&&!this.tripleStarBlockCommentRe.test(r))return"";var i=this._getFoldWidgetBase(e,t,n);return!i&&this.startRegionRe.test(r)?"start":i},this.getFoldWidgetRange=function(e,t,n,r){var i=e.getLine(n);if(this.startRegionRe.test(i))return this.getCommentRegionBlock(e,i,n);var s=i.match(this.foldingStartMarker);if(s){var o=s.index;if(s[1])return this.openingBracketBlock(e,s[1],n,o);var u=e.getCommentFoldRange(n,o+s[0].length,1);return u&&!u.isMultiLine()&&(r?u=this.getSectionRange(e,n):t!="all"&&(u=null)),u}if(t==="markbegin")return;var s=i.match(this.foldingStopMarker);if(s){var o=s.index+s[0].length;return s[1]?this.closingBracketBlock(e,s[1],n,o):e.getCommentFoldRange(n,o,-1)}},this.getSectionRange=function(e,t){var n=e.getLine(t),r=n.search(/\S/),s=t,o=n.length;t+=1;var u=t,a=e.getLength();while(++tf)break;var l=this.getFoldWidgetRange(e,"all",t);if(l){if(l.start.row<=s)break;if(l.isMultiLine())t=l.end.row;else if(r==f)break}u=t}return new i(s,o,u,e.getLine(u).length)},this.getCommentRegionBlock=function(e,t,n){var r=t.search(/\s*$/),s=e.getLength(),o=n,u=/^\s*(?:\/\*|\/\/|--)#?(end)?region\b/,a=1;while(++no)return new i(o,r,l,t.length)}}.call(o.prototype)}),ace.define("ace/mode/json",["require","exports","module","ace/lib/oop","ace/mode/text","ace/mode/json_highlight_rules","ace/mode/matching_brace_outdent","ace/mode/behaviour/cstyle","ace/mode/folding/cstyle","ace/worker/worker_client"],function(e,t,n){"use strict";var r=e("../lib/oop"),i=e("./text").Mode,s=e("./json_highlight_rules").JsonHighlightRules,o=e("./matching_brace_outdent").MatchingBraceOutdent,u=e("./behaviour/cstyle").CstyleBehaviour,a=e("./folding/cstyle").FoldMode,f=e("../worker/worker_client").WorkerClient,l=function(){this.HighlightRules=s,this.$outdent=new o,this.$behaviour=new u,this.foldingRules=new a};r.inherits(l,i),function(){this.lineCommentStart="//",this.blockComment={start:"/*",end:"*/"},this.getNextLineIndent=function(e,t,n){var r=this.$getIndent(t);if(e=="start"){var i=t.match(/^.*[\{\(\[]\s*$/);i&&(r+=n)}return r},this.checkOutdent=function(e,t,n){return this.$outdent.checkOutdent(t,n)},this.autoOutdent=function(e,t,n){this.$outdent.autoOutdent(t,n)},this.createWorker=function(e){var t=new f(["ace"],"ace/mode/json_worker","JsonWorker");return t.attachToDocument(e.getDocument()),t.on("annotate",function(t){e.setAnnotations(t.data)}),t.on("terminate",function(){e.clearAnnotations()}),t},this.$id="ace/mode/json"}.call(l.prototype),t.Mode=l}); (function() {
2 | ace.require(["ace/mode/json"], function(m) {
3 | if (typeof module == "object" && typeof exports == "object" && module) {
4 | module.exports = m;
5 | }
6 | });
7 | })();
8 |
--------------------------------------------------------------------------------
/ace-builds/src-min-noconflict/theme-xcode.js:
--------------------------------------------------------------------------------
1 | ace.define("ace/theme/xcode",["require","exports","module","ace/lib/dom"],function(e,t,n){t.isDark=!1,t.cssClass="ace-xcode",t.cssText=".ace-xcode .ace_gutter {background: #e8e8e8;color: #333}.ace-xcode .ace_print-margin {width: 1px;background: #e8e8e8}.ace-xcode {background-color: #FFFFFF;color: #000000}.ace-xcode .ace_cursor {color: #000000}.ace-xcode .ace_marker-layer .ace_selection {background: #B5D5FF}.ace-xcode.ace_multiselect .ace_selection.ace_start {box-shadow: 0 0 3px 0px #FFFFFF;}.ace-xcode .ace_marker-layer .ace_step {background: rgb(198, 219, 174)}.ace-xcode .ace_marker-layer .ace_bracket {margin: -1px 0 0 -1px;border: 1px solid #BFBFBF}.ace-xcode .ace_marker-layer .ace_active-line {background: rgba(0, 0, 0, 0.071)}.ace-xcode .ace_gutter-active-line {background-color: rgba(0, 0, 0, 0.071)}.ace-xcode .ace_marker-layer .ace_selected-word {border: 1px solid #B5D5FF}.ace-xcode .ace_constant.ace_language,.ace-xcode .ace_keyword,.ace-xcode .ace_meta,.ace-xcode .ace_variable.ace_language {color: #C800A4}.ace-xcode .ace_invisible {color: #BFBFBF}.ace-xcode .ace_constant.ace_character,.ace-xcode .ace_constant.ace_other {color: #275A5E}.ace-xcode .ace_constant.ace_numeric {color: #3A00DC}.ace-xcode .ace_entity.ace_other.ace_attribute-name,.ace-xcode .ace_support.ace_constant,.ace-xcode .ace_support.ace_function {color: #450084}.ace-xcode .ace_fold {background-color: #C800A4;border-color: #000000}.ace-xcode .ace_entity.ace_name.ace_tag,.ace-xcode .ace_support.ace_class,.ace-xcode .ace_support.ace_type {color: #790EAD}.ace-xcode .ace_storage {color: #C900A4}.ace-xcode .ace_string {color: #DF0002}.ace-xcode .ace_comment {color: #008E00}.ace-xcode .ace_indent-guide {background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAACCAYAAACZgbYnAAAAE0lEQVQImWP4////f4bLly//BwAmVgd1/w11/gAAAABJRU5ErkJggg==) right repeat-y}";var r=e("../lib/dom");r.importCssString(t.cssText,t.cssClass)}); (function() {
2 | ace.require(["ace/theme/xcode"], function(m) {
3 | if (typeof module == "object" && typeof exports == "object" && module) {
4 | module.exports = m;
5 | }
6 | });
7 | })();
8 |
--------------------------------------------------------------------------------
/ace-builds/src-min-noconflict/worker-json.js:
--------------------------------------------------------------------------------
1 | "no use strict";!function(e){function t(e,t){var n=e,r="";while(n){var i=t[n];if(typeof i=="string")return i+r;if(i)return i.location.replace(/\/*$/,"/")+(r||i.main||i.name);if(i===!1)return"";var s=n.lastIndexOf("/");if(s===-1)break;r=n.substr(s)+r,n=n.slice(0,s)}return e}if(typeof e.window!="undefined"&&e.document)return;if(e.require&&e.define)return;e.console||(e.console=function(){var e=Array.prototype.slice.call(arguments,0);postMessage({type:"log",data:e})},e.console.error=e.console.warn=e.console.log=e.console.trace=e.console),e.window=e,e.ace=e,e.onerror=function(e,t,n,r,i){postMessage({type:"error",data:{message:e,data:i.data,file:t,line:n,col:r,stack:i.stack}})},e.normalizeModule=function(t,n){if(n.indexOf("!")!==-1){var r=n.split("!");return e.normalizeModule(t,r[0])+"!"+e.normalizeModule(t,r[1])}if(n.charAt(0)=="."){var i=t.split("/").slice(0,-1).join("/");n=(i?i+"/":"")+n;while(n.indexOf(".")!==-1&&s!=n){var s=n;n=n.replace(/^\.\//,"").replace(/\/\.\//,"/").replace(/[^\/]+\/\.\.\//,"")}}return n},e.require=function(r,i){i||(i=r,r=null);if(!i.charAt)throw new Error("worker.js require() accepts only (parentId, id) as arguments");i=e.normalizeModule(r,i);var s=e.require.modules[i];if(s)return s.initialized||(s.initialized=!0,s.exports=s.factory().exports),s.exports;if(!e.require.tlns)return console.log("unable to load "+i);var o=t(i,e.require.tlns);return o.slice(-3)!=".js"&&(o+=".js"),e.require.id=i,e.require.modules[i]={},importScripts(o),e.require(r,i)},e.require.modules={},e.require.tlns={},e.define=function(t,n,r){arguments.length==2?(r=n,typeof t!="string"&&(n=t,t=e.require.id)):arguments.length==1&&(r=t,n=[],t=e.require.id);if(typeof r!="function"){e.require.modules[t]={exports:r,initialized:!0};return}n.length||(n=["require","exports","module"]);var i=function(n){return e.require(t,n)};e.require.modules[t]={exports:{},factory:function(){var e=this,t=r.apply(this,n.slice(0,r.length).map(function(t){switch(t){case"require":return i;case"exports":return e.exports;case"module":return e;default:return i(t)}}));return t&&(e.exports=t),e}}},e.define.amd={},require.tlns={},e.initBaseUrls=function(t){for(var n in t)require.tlns[n]=t[n]},e.initSender=function(){var n=e.require("ace/lib/event_emitter").EventEmitter,r=e.require("ace/lib/oop"),i=function(){};return function(){r.implement(this,n),this.callback=function(e,t){postMessage({type:"call",id:t,data:e})},this.emit=function(e,t){postMessage({type:"event",name:e,data:t})}}.call(i.prototype),new i};var n=e.main=null,r=e.sender=null;e.onmessage=function(t){var i=t.data;if(i.event&&r)r._signal(i.event,i.data);else if(i.command)if(n[i.command])n[i.command].apply(n,i.args);else{if(!e[i.command])throw new Error("Unknown command:"+i.command);e[i.command].apply(e,i.args)}else if(i.init){e.initBaseUrls(i.tlns),r=e.sender=e.initSender();var s=require(i.module)[i.classname];n=e.main=new s(r)}}}(this),ace.define("ace/lib/oop",[],function(e,t,n){"use strict";t.inherits=function(e,t){e.super_=t,e.prototype=Object.create(t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}})},t.mixin=function(e,t){for(var n in t)e[n]=t[n];return e},t.implement=function(e,n){t.mixin(e,n)}}),ace.define("ace/range",[],function(e,t,n){"use strict";var r=function(e,t){return e.row-t.row||e.column-t.column},i=function(e,t,n,r){this.start={row:e,column:t},this.end={row:n,column:r}};(function(){this.isEqual=function(e){return this.start.row===e.start.row&&this.end.row===e.end.row&&this.start.column===e.start.column&&this.end.column===e.end.column},this.toString=function(){return"Range: ["+this.start.row+"/"+this.start.column+"] -> ["+this.end.row+"/"+this.end.column+"]"},this.contains=function(e,t){return this.compare(e,t)==0},this.compareRange=function(e){var t,n=e.end,r=e.start;return t=this.compare(n.row,n.column),t==1?(t=this.compare(r.row,r.column),t==1?2:t==0?1:0):t==-1?-2:(t=this.compare(r.row,r.column),t==-1?-1:t==1?42:0)},this.comparePoint=function(e){return this.compare(e.row,e.column)},this.containsRange=function(e){return this.comparePoint(e.start)==0&&this.comparePoint(e.end)==0},this.intersects=function(e){var t=this.compareRange(e);return t==-1||t==0||t==1},this.isEnd=function(e,t){return this.end.row==e&&this.end.column==t},this.isStart=function(e,t){return this.start.row==e&&this.start.column==t},this.setStart=function(e,t){typeof e=="object"?(this.start.column=e.column,this.start.row=e.row):(this.start.row=e,this.start.column=t)},this.setEnd=function(e,t){typeof e=="object"?(this.end.column=e.column,this.end.row=e.row):(this.end.row=e,this.end.column=t)},this.inside=function(e,t){return this.compare(e,t)==0?this.isEnd(e,t)||this.isStart(e,t)?!1:!0:!1},this.insideStart=function(e,t){return this.compare(e,t)==0?this.isEnd(e,t)?!1:!0:!1},this.insideEnd=function(e,t){return this.compare(e,t)==0?this.isStart(e,t)?!1:!0:!1},this.compare=function(e,t){return!this.isMultiLine()&&e===this.start.row?tthis.end.column?1:0:ethis.end.row?1:this.start.row===e?t>=this.start.column?0:-1:this.end.row===e?t<=this.end.column?0:1:0},this.compareStart=function(e,t){return this.start.row==e&&this.start.column==t?-1:this.compare(e,t)},this.compareEnd=function(e,t){return this.end.row==e&&this.end.column==t?1:this.compare(e,t)},this.compareInside=function(e,t){return this.end.row==e&&this.end.column==t?1:this.start.row==e&&this.start.column==t?-1:this.compare(e,t)},this.clipRows=function(e,t){if(this.end.row>t)var n={row:t+1,column:0};else if(this.end.rowt)var r={row:t+1,column:0};else if(this.start.row=0&&t.row=0&&t.column<=e[t.row].length}function s(e,t){t.action!="insert"&&t.action!="remove"&&r(t,"delta.action must be 'insert' or 'remove'"),t.lines instanceof Array||r(t,"delta.lines must be an Array"),(!t.start||!t.end)&&r(t,"delta.start/end must be an present");var n=t.start;i(e,t.start)||r(t,"delta.start must be contained in document");var s=t.end;t.action=="remove"&&!i(e,s)&&r(t,"delta.end must contained in document for 'remove' actions");var o=s.row-n.row,u=s.column-(o==0?n.column:0);(o!=t.lines.length-1||t.lines[o].length!=u)&&r(t,"delta.range must match delta lines")}t.applyDelta=function(e,t,n){var r=t.start.row,i=t.start.column,s=e[r]||"";switch(t.action){case"insert":var o=t.lines;if(o.length===1)e[r]=s.substring(0,i)+t.lines[0]+s.substring(i);else{var u=[r,1].concat(t.lines);e.splice.apply(e,u),e[r]=s.substring(0,i)+e[r],e[r+t.lines.length-1]+=s.substring(i)}break;case"remove":var a=t.end.column,f=t.end.row;r===f?e[r]=s.substring(0,i)+s.substring(a):e.splice(r,f-r+1,s.substring(0,i)+e[f].substring(a))}}}),ace.define("ace/lib/event_emitter",[],function(e,t,n){"use strict";var r={},i=function(){this.propagationStopped=!0},s=function(){this.defaultPrevented=!0};r._emit=r._dispatchEvent=function(e,t){this._eventRegistry||(this._eventRegistry={}),this._defaultHandlers||(this._defaultHandlers={});var n=this._eventRegistry[e]||[],r=this._defaultHandlers[e];if(!n.length&&!r)return;if(typeof t!="object"||!t)t={};t.type||(t.type=e),t.stopPropagation||(t.stopPropagation=i),t.preventDefault||(t.preventDefault=s),n=n.slice();for(var o=0;othis.row)return;var n=t(e,{row:this.row,column:this.column},this.$insertRight);this.setPosition(n.row,n.column,!0)},this.setPosition=function(e,t,n){var r;n?r={row:e,column:t}:r=this.$clipPositionToDocument(e,t);if(this.row==r.row&&this.column==r.column)return;var i={row:this.row,column:this.column};this.row=r.row,this.column=r.column,this._signal("change",{old:i,value:r})},this.detach=function(){this.document.off("change",this.$onChange)},this.attach=function(e){this.document=e||this.document,this.document.on("change",this.$onChange)},this.$clipPositionToDocument=function(e,t){var n={};return e>=this.document.getLength()?(n.row=Math.max(0,this.document.getLength()-1),n.column=this.document.getLine(n.row).length):e<0?(n.row=0,n.column=0):(n.row=e,n.column=Math.min(this.document.getLine(n.row).length,Math.max(0,t))),t<0&&(n.column=0),n}}).call(s.prototype)}),ace.define("ace/document",[],function(e,t,n){"use strict";var r=e("./lib/oop"),i=e("./apply_delta").applyDelta,s=e("./lib/event_emitter").EventEmitter,o=e("./range").Range,u=e("./anchor").Anchor,a=function(e){this.$lines=[""],e.length===0?this.$lines=[""]:Array.isArray(e)?this.insertMergedLines({row:0,column:0},e):this.insert({row:0,column:0},e)};(function(){r.implement(this,s),this.setValue=function(e){var t=this.getLength()-1;this.remove(new o(0,0,t,this.getLine(t).length)),this.insert({row:0,column:0},e)},this.getValue=function(){return this.getAllLines().join(this.getNewLineCharacter())},this.createAnchor=function(e,t){return new u(this,e,t)},"aaa".split(/a/).length===0?this.$split=function(e){return e.replace(/\r\n|\r/g,"\n").split("\n")}:this.$split=function(e){return e.split(/\r\n|\r|\n/)},this.$detectNewLine=function(e){var t=e.match(/^.*?(\r\n|\r|\n)/m);this.$autoNewLine=t?t[1]:"\n",this._signal("changeNewLineMode")},this.getNewLineCharacter=function(){switch(this.$newLineMode){case"windows":return"\r\n";case"unix":return"\n";default:return this.$autoNewLine||"\n"}},this.$autoNewLine="",this.$newLineMode="auto",this.setNewLineMode=function(e){if(this.$newLineMode===e)return;this.$newLineMode=e,this._signal("changeNewLineMode")},this.getNewLineMode=function(){return this.$newLineMode},this.isNewLine=function(e){return e=="\r\n"||e=="\r"||e=="\n"},this.getLine=function(e){return this.$lines[e]||""},this.getLines=function(e,t){return this.$lines.slice(e,t+1)},this.getAllLines=function(){return this.getLines(0,this.getLength())},this.getLength=function(){return this.$lines.length},this.getTextRange=function(e){return this.getLinesForRange(e).join(this.getNewLineCharacter())},this.getLinesForRange=function(e){var t;if(e.start.row===e.end.row)t=[this.getLine(e.start.row).substring(e.start.column,e.end.column)];else{t=this.getLines(e.start.row,e.end.row),t[0]=(t[0]||"").substring(e.start.column);var n=t.length-1;e.end.row-e.start.row==n&&(t[n]=t[n].substring(0,e.end.column))}return t},this.insertLines=function(e,t){return console.warn("Use of document.insertLines is deprecated. Use the insertFullLines method instead."),this.insertFullLines(e,t)},this.removeLines=function(e,t){return console.warn("Use of document.removeLines is deprecated. Use the removeFullLines method instead."),this.removeFullLines(e,t)},this.insertNewLine=function(e){return console.warn("Use of document.insertNewLine is deprecated. Use insertMergedLines(position, ['', '']) instead."),this.insertMergedLines(e,["",""])},this.insert=function(e,t){return this.getLength()<=1&&this.$detectNewLine(t),this.insertMergedLines(e,this.$split(t))},this.insertInLine=function(e,t){var n=this.clippedPos(e.row,e.column),r=this.pos(e.row,e.column+t.length);return this.applyDelta({start:n,end:r,action:"insert",lines:[t]},!0),this.clonePos(r)},this.clippedPos=function(e,t){var n=this.getLength();e===undefined?e=n:e<0?e=0:e>=n&&(e=n-1,t=undefined);var r=this.getLine(e);return t==undefined&&(t=r.length),t=Math.min(Math.max(t,0),r.length),{row:e,column:t}},this.clonePos=function(e){return{row:e.row,column:e.column}},this.pos=function(e,t){return{row:e,column:t}},this.$clipPosition=function(e){var t=this.getLength();return e.row>=t?(e.row=Math.max(0,t-1),e.column=this.getLine(t-1).length):(e.row=Math.max(0,e.row),e.column=Math.min(Math.max(e.column,0),this.getLine(e.row).length)),e},this.insertFullLines=function(e,t){e=Math.min(Math.max(e,0),this.getLength());var n=0;e0,r=t=0&&this.applyDelta({start:this.pos(e,this.getLine(e).length),end:this.pos(e+1,0),action:"remove",lines:["",""]})},this.replace=function(e,t){e instanceof o||(e=o.fromPoints(e.start,e.end));if(t.length===0&&e.isEmpty())return e.start;if(t==this.getTextRange(e))return e.end;this.remove(e);var n;return t?n=this.insert(e.start,t):n=e.start,n},this.applyDeltas=function(e){for(var t=0;t=0;t--)this.revertDelta(e[t])},this.applyDelta=function(e,t){var n=e.action=="insert";if(n?e.lines.length<=1&&!e.lines[0]:!o.comparePoints(e.start,e.end))return;n&&e.lines.length>2e4?this.$splitAndapplyLargeDelta(e,2e4):(i(this.$lines,e,t),this._signal("change",e))},this.$safeApplyDelta=function(e){var t=this.$lines.length;(e.action=="remove"&&e.start.row0){t&1&&(n+=e);if(t>>=1)e+=e}return n};var r=/^\s\s*/,i=/\s\s*$/;t.stringTrimLeft=function(e){return e.replace(r,"")},t.stringTrimRight=function(e){return e.replace(i,"")},t.copyObject=function(e){var t={};for(var n in e)t[n]=e[n];return t},t.copyArray=function(e){var t=[];for(var n=0,r=e.length;n="0"&&i<="9")t+=i,a();if(i==="."){t+=".";while(a()&&i>="0"&&i<="9")t+=i}if(i==="e"||i==="E"){t+=i,a();if(i==="-"||i==="+")t+=i,a();while(i>="0"&&i<="9")t+=i,a()}e=+t;if(!isNaN(e))return e;u("Bad number")},l=function(){var e,t,n="",r;if(i==='"')while(a()){if(i==='"')return a(),n;if(i==="\\"){a();if(i==="u"){r=0;for(t=0;t<4;t+=1){e=parseInt(a(),16);if(!isFinite(e))break;r=r*16+e}n+=String.fromCharCode(r)}else{if(typeof s[i]!="string")break;n+=s[i]}}else{if(i=="\n"||i=="\r")break;n+=i}}u("Bad string")},c=function(){while(i&&i<=" ")a()},h=function(){switch(i){case"t":return a("t"),a("r"),a("u"),a("e"),!0;case"f":return a("f"),a("a"),a("l"),a("s"),a("e"),!1;case"n":return a("n"),a("u"),a("l"),a("l"),null}u("Unexpected '"+i+"'")},p,d=function(){var e=[];if(i==="["){a("["),c();if(i==="]")return a("]"),e;while(i){e.push(p()),c();if(i==="]")return a("]"),e;a(","),c()}}u("Bad array")},v=function(){var e,t={};if(i==="{"){a("{"),c();if(i==="}")return a("}"),t;while(i){e=l(),c(),a(":"),Object.hasOwnProperty.call(t,e)&&u('Duplicate key "'+e+'"'),t[e]=p(),c();if(i==="}")return a("}"),t;a(","),c()}}u("Bad object")};return p=function(){c();switch(i){case"{":return v();case"[":return d();case'"':return l();case"-":return f();default:return i>="0"&&i<="9"?f():h()}},function(e,t){var n;return o=e,r=0,i=" ",n=p(),c(),i&&u("Syntax error"),typeof t=="function"?function s(e,n){var r,i,o=e[n];if(o&&typeof o=="object")for(r in o)Object.hasOwnProperty.call(o,r)&&(i=s(o,r),i!==undefined?o[r]=i:delete o[r]);return t.call(e,n,o)}({"":n},""):n}}),ace.define("ace/mode/json_worker",[],function(e,t,n){"use strict";var r=e("../lib/oop"),i=e("../worker/mirror").Mirror,s=e("./json/json_parse"),o=t.JsonWorker=function(e){i.call(this,e),this.setTimeout(200)};r.inherits(o,i),function(){this.onUpdate=function(){var e=this.doc.getValue(),t=[];try{e&&s(e)}catch(n){var r=this.doc.indexToPosition(n.at-1);t.push({row:r.row,column:r.column,text:n.message,type:"error"})}this.sender.emit("annotate",t)}}.call(o.prototype)})
--------------------------------------------------------------------------------
/api/cve/CVE-9999-0000:
--------------------------------------------------------------------------------
1 | {
2 | "containers": {
3 | "cna": {
4 | "title": "Test CVE Record 0000",
5 | "descriptions": [
6 | {
7 | "lang": "en",
8 | "value": "The CVE-9999-0000 is a Test CVE Record for cveClient Program"
9 | }
10 | ],
11 | "source": {
12 | "discovery": "external"
13 | },
14 | "credits": [
15 | {
16 | "lang": "en",
17 | "type": "finder",
18 | "value": "John Smith"
19 | }
20 | ],
21 | "affected": [
22 | {
23 | "vendor": "ACME Productions",
24 | "product": "Dun Lori",
25 | "versions": [
26 | {
27 | "status": "affected",
28 | "version": "1.9.1"
29 | }
30 | ]
31 | },
32 | {
33 | "vendor": "ACME Productions",
34 | "product": "Virginia Square",
35 | "versions": [
36 | {
37 | "status": "affected",
38 | "version": "1.12.1"
39 | }
40 | ]
41 | },
42 | {
43 | "vendor": "ACME Productions",
44 | "product": "Metro Central",
45 | "versions": [
46 | {
47 | "status": "unaffected",
48 | "version": "2.1.1"
49 | }
50 | ]
51 | }
52 | ],
53 | "problemTypes": [
54 | {
55 | "descriptions": [
56 | {
57 | "lang": "en",
58 | "description": "CWE-125 Out-of-bounds Read"
59 | }
60 | ]
61 | }
62 | ],
63 | "references": [
64 | {
65 | "name": "CERT/CC Advisory",
66 | "url": "https://kb.cert.org/vuls/"
67 | }
68 | ],
69 | "x_generator": {
70 | "engine": "cveClient 1.0.19"
71 | }
72 | }
73 | }
74 | }
75 |
76 |
--------------------------------------------------------------------------------
/api/cve/CVE-9999-9999:
--------------------------------------------------------------------------------
1 | {
2 | "containers": {
3 | "cna": {
4 | "title": "Test CVE Record 9999",
5 | "descriptions": [
6 | {
7 | "lang": "en",
8 | "value": "The CVE-9999-9999 is a Test CVE Record for cveClient Program"
9 | }
10 | ],
11 | "source": {
12 | "discovery": "external"
13 | },
14 | "credits": [
15 | {
16 | "lang": "en",
17 | "type": "finder",
18 | "value": "John Smith"
19 | }
20 | ],
21 | "affected": [
22 | {
23 | "vendor": "ACME Productions",
24 | "product": "Dun Lori",
25 | "versions": [
26 | {
27 | "status": "affected",
28 | "version": "1.9.1"
29 | }
30 | ]
31 | },
32 | {
33 | "vendor": "ACME Productions",
34 | "product": "Virginia Square",
35 | "versions": [
36 | {
37 | "status": "affected",
38 | "version": "1.12.1"
39 | }
40 | ]
41 | },
42 | {
43 | "vendor": "ACME Productions",
44 | "product": "Metro Central",
45 | "versions": [
46 | {
47 | "status": "unaffected",
48 | "version": "2.1.1"
49 | }
50 | ]
51 | }
52 | ],
53 | "problemTypes": [
54 | {
55 | "descriptions": [
56 | {
57 | "lang": "en",
58 | "description": "CWE-125 Out-of-bounds Read"
59 | }
60 | ]
61 | }
62 | ],
63 | "references": [
64 | {
65 | "name": "CERT/CC Advisory",
66 | "url": "https://kb.cert.org/vuls/"
67 | }
68 | ],
69 | "x_generator": {
70 | "engine": "cveClient 1.0.19"
71 | }
72 | }
73 | }
74 | }
75 |
76 |
--------------------------------------------------------------------------------
/autoCompleter.js:
--------------------------------------------------------------------------------
1 | function autoCompleter(inputElement, suggestionsArray, suggestionUrl, selector, search) {
2 | /*
3 | let autoComplete = autocompleter(document.getElementById("searchInput"),null,"https://democert.org/cveClient/cwe-common.json","cwe-common","templet");
4 | autoComplete.hoverColor = "#333";
5 | autoComplete.bgColor = "#000"; // for dark mode
6 | */
7 | "use strict";
8 | if( !(this instanceof autoCompleter) ){
9 | return new autoCompleter(...arguments);
10 | }
11 | this.hoverColor = "#eee";
12 | this.bgColor = "#f9f9f9";
13 | this._version = "1.0.12";
14 | let main = this;
15 | if(!inputElement || (!(inputElement.parentElement))) {
16 | console.error("Error no inputelement found to work with");
17 | return;
18 | }
19 | async function fetch_data(suggestionUrl, searchString) {
20 | const url = new URL(suggestionUrl);
21 | if(search) {
22 | url.searchParams.delete(search);
23 | url.searchParams.append(search, searchString)
24 | }
25 | suggestionUrl = url.href;
26 | const fobj = await fetch(suggestionUrl);
27 | const data = await fobj.json();
28 | if(selector && data[selector])
29 | return data[selector];
30 | return data;
31 | }
32 | inputElement.parentElement.style.display = "inline-block";
33 | inputElement.parentElement.style.position = "relative";
34 | inputElement.addEventListener("click", function(e) {
35 | closeAllLists(e.target);
36 | });
37 | function cleanHTML(content) {
38 | const div = document.createElement("div");
39 | div.textContent = content;
40 | return div.innerHTML;
41 | }
42 | let currentFocus;
43 | inputElement.addEventListener("input", async function() {
44 | let suggestionBox, suggestionItem, val = this.value;
45 | /* Dynamicly update the suggestions array or fetch it once for all*/
46 | if(suggestionUrl) {
47 | if(search) {
48 | suggestionsArray = await fetch_data(suggestionUrl, val);
49 | } else if (!("once" in main)) {
50 | suggestionsArray = await fetch_data(suggestionUrl, "");
51 | main.once = true;
52 | }
53 | }
54 | if((!Array.isArray(suggestionsArray))) {
55 | console.error("Suggestion Array cannot be empty or not array");
56 | return;
57 | }
58 | if(suggestionsArray.length < 1) {
59 | console.error("Input array cannot be empty with no suggestions");
60 | return;
61 | }
62 | closeAllLists();
63 | if (!val) return false;
64 | currentFocus = -1;
65 |
66 | suggestionBox = document.createElement("DIV");
67 | const boxCSS = {"position": "absolute",
68 | "border": "1px solid #ddd",
69 | "border-bottom": "none","border-top": "none",
70 | "z-index": "99","top": "100%","left": "0",
71 | "right": "0", "background-color": main.bgColor};
72 | for(const k in boxCSS) {
73 | suggestionBox.style.setProperty(k,boxCSS[k])
74 | }
75 | this.parentNode.appendChild(suggestionBox);
76 |
77 | suggestionsArray.forEach(function(suggestion) {
78 | if (suggestion.toLowerCase().indexOf(val.toLowerCase()) > -1) {
79 | suggestionItem = document.createElement("DIV");
80 | const itemCSS = {"padding": "10px",
81 | "cursor": "pointer",
82 | "border-bottom": "1px solid #ddd"};
83 | for(const k in itemCSS) {
84 | suggestionItem.style.setProperty(k,itemCSS[k])
85 | }
86 | suggestionItem.onmouseover = function() {
87 | this.style.backgroundColor = main.hoverColor;
88 | }
89 | suggestionItem.onmouseleave = function () {
90 | this.style.backgroundColor = "";
91 | }
92 | const r = new RegExp(cleanHTML(val),"dgi");
93 | let suggestionHTML = cleanHTML(suggestion);
94 | new Set(suggestionHTML.match(r)).forEach(function(m) {
95 | suggestionHTML = suggestionHTML.replaceAll(m,"" + m + "");
96 | });
97 | suggestionItem.innerHTML = suggestionHTML;
98 | let input = document.createElement("input");
99 | input.value = suggestion;
100 | input.type = "hidden";
101 | suggestionItem.appendChild(input);
102 | suggestionItem.addEventListener("click", function() {
103 | inputElement.value = this.getElementsByTagName("input")[0].value;
104 | closeAllLists();
105 | });
106 | suggestionBox.appendChild(suggestionItem);
107 | }
108 | });
109 | });
110 |
111 | inputElement.addEventListener("keydown", function(e) {
112 | const keyCodes = {arrowDown: 40, arrowUp: 38, Enter: 13}
113 | let items = inputElement.parentElement.querySelectorAll("div > div");
114 | if (items) items = Array.from(items);
115 | if (e.keyCode == keyCodes.arrowDown) {
116 | currentFocus++;
117 | if(currentFocus > 0 )
118 | addActive(items);
119 | } else if (e.keyCode == keyCodes.arrowUp) {
120 | currentFocus--;
121 | if(currentFocus > 0 )
122 | addActive(items);
123 | } else if (e.keyCode == keyCodes.Enter) {
124 | e.preventDefault();
125 | if (currentFocus > -1 && items) {
126 | items[currentFocus].click();
127 | }
128 | }
129 | });
130 |
131 | function addActive(items) {
132 | if (!items) return false;
133 | removeActive(items);
134 | if (currentFocus >= items.length) currentFocus = 0;
135 | if (currentFocus < 0) currentFocus = items.length - 1;
136 | if(currentFocus > 0)
137 | items[currentFocus].style.backgroundColor = main.hoverColor;
138 | }
139 |
140 | function removeActive(items) {
141 | items.forEach(function(item) { item.style.backgroundColor= ""});
142 | }
143 |
144 | function closeAllLists(elmnt) {
145 | let items = inputElement.parentElement.querySelectorAll(":scope > div");
146 | items.forEach(function(item) {
147 | if (elmnt != item && elmnt != inputElement) {
148 | item.parentNode.removeChild(item);
149 | }
150 | });
151 | }
152 | return main;
153 | }
154 |
155 |
156 |
--------------------------------------------------------------------------------
/certicon.ico:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 | Internet Security by Zscaler
9 |
10 |
11 |
343 |
344 |
345 |
346 |
347 |
348 |
349 |
350 |
351 |
352 |
353 |
354 |
355 |
356 |
357 |
358 |
D16
359 |
360 |
361 |
362 |
363 | Sorry, company policy prohibits this action.
364 |
365 |
366 |
367 | Website blocked
368 |
369 |
370 | HTTPS is Blocked by Firewall rule Prohibit Internal Relay (Proxy)
371 |