Skip to content

Commit

Permalink
tabs vs spaces: the eternal battle
Browse files Browse the repository at this point in the history
  • Loading branch information
@jkcso
jkcso committed Jan 5, 2024
1 parent 5622371 commit 287c15d
Show file tree
Hide file tree
Showing 9 changed files with 65 additions and 65 deletions.
18 changes: 9 additions & 9 deletions Season-2/Level-2/code.go
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
///////////////////////////////////////////////////////////////////
/// ///
/// 0. code_test.go is passing but the code is vulnerable ///
/// 1. Review the code. Can you spot the bugs(s)? ///
/// 2. Fix the code.go, but ensure that code_test.go passes ///
/// 3. Run hack_test.go and if passing then CONGRATS! ///
/// 4. If stuck then read the hint ///
/// 5. Compare your solution with solution/solution.go ///
/// ///
/// ///
/// 0. code_test.go is passing but the code is vulnerable ///
/// 1. Review the code. Can you spot the bugs(s)? ///
/// 2. Fix the code.go, but ensure that code_test.go passes ///
/// 3. Run hack_test.go and if passing then CONGRATS! ///
/// 4. If stuck then read the hint ///
/// 5. Compare your solution with solution/solution.go ///
/// ///
///////////////////////////////////////////////////////////////////

package main
Expand Down Expand Up @@ -88,4 +88,4 @@ func main() {
if err != nil {
log.Fatalf("HTTP server ListenAndServe: %q", err)
}
}
}
22 changes: 11 additions & 11 deletions Season-2/Level-2/code_test.go
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
/////////////////////////////////////////////////////////////////////////////
/// RUN TESTS ///
/// RUN TESTS ///
/// _____________________________________________________________________ ///
/// ///
/// This file contains passing tests. ///
/// ///
/// Run them by opening a terminal and running the following: ///
/// $ go test -v Season-2/Level-2/code.go Season-2/Level-2/code_test.go ///
/// ///
/// If 'go' is not found when running the above, install it from: ///
/// https://go.dev/dl/ ///
/// ///
/// ///
/// This file contains passing tests. ///
/// ///
/// Run them by opening a terminal and running the following: ///
/// $ go test -v Season-2/Level-2/code.go Season-2/Level-2/code_test.go ///
/// ///
/// If 'go' is not found when running the above, install it from: ///
/// https://go.dev/dl/ ///
/// ///
/////////////////////////////////////////////////////////////////////////////

package main
Expand Down Expand Up @@ -135,4 +135,4 @@ func TestMain(m *testing.M) {

exitCode := m.Run()
os.Exit(exitCode)
}
}
28 changes: 14 additions & 14 deletions Season-2/Level-2/solution/solution.go
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
////////////////////////////////////////////////////////////////////////////////////////////////////
/// FIX ///
/// FIX ///
/// ____________________________________________________________________________________________ ///
/// ///
/// 1) Remove the email being logged here: ///
/// log.Printf("Invalid email format: %q", email) ///
/// log.Printf("Invalid email format") ///
/// ///
/// 2) Fix the error message to prevent user enumeration here: ///
/// http.Error(w, "invalid email or password", http.StatusUnauthorized) ///
/// http.Error(w, "Invalid Email or Password", http.StatusUnauthorized) ///
/// ///
/// 3) Remove the email and password being logged here: ///
/// log.Printf("User %q logged in successfully with a valid password %q", email, password) ///
/// log.Printf("Successful login request") ///
/// ///
/// ///
/// 1) Remove the email being logged here: ///
/// log.Printf("Invalid email format: %q", email) ///
/// log.Printf("Invalid email format") ///
/// ///
/// 2) Fix the error message to prevent user enumeration here: ///
/// http.Error(w, "invalid email or password", http.StatusUnauthorized) ///
/// http.Error(w, "Invalid Email or Password", http.StatusUnauthorized) ///
/// ///
/// 3) Remove the email and password being logged here: ///
/// log.Printf("User %q logged in successfully with a valid password %q", email, password) ///
/// log.Printf("Successful login request") ///
/// ///
////////////////////////////////////////////////////////////////////////////////////////////////////

package main
Expand Down
28 changes: 14 additions & 14 deletions Season-2/Level-2/solution/solution_test.go
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,21 @@
///////////////////////////////////////////////////////////////////////////////////////////////////////
/// RUN TESTS ///
/// _______________________________________________________________________________________________ ///
/// ///
/// This file is a copy of code_test.go and hack_test.go ///
/// It tests the solution for failing and passing payloads ///
/// ///
/// Run them by opening a terminal and running the following: ///
/// $ go test -v Season-2/Level-2/solution/solution.go Season-2/Level-2/solution/solution_test.go ///
/// ///
/// If 'go' is not found when running the above, install it from: ///
/// https://go.dev/dl/ ///
/// ///
/// RUN TESTS ///
/// _______________________________________________________________________________________________ ///
/// ///
/// This file is a copy of code_test.go and hack_test.go ///
/// It tests the solution for failing and passing payloads ///
/// ///
/// Run them by opening a terminal and running the following: ///
/// $ go test -v Season-2/Level-2/solution/solution.go Season-2/Level-2/solution/solution_test.go ///
/// ///
/// If 'go' is not found when running the above, install it from: ///
/// https://go.dev/dl/ ///
/// ///
///////////////////////////////////////////////////////////////////////////////////////////////////////

package main

import (
import (
"bytes"
"log"
"net/http"
Expand Down Expand Up @@ -215,4 +215,4 @@ func TestMain(m *testing.M) {
}

// Contribute new levels to the game in 3 simple steps!
// Read our Contribution Guideline at github.com/skills/secure-code-game/blob/main/CONTRIBUTING.md
// Read our Contribution Guideline at github.com/skills/secure-code-game/blob/main/CONTRIBUTING.md
14 changes: 7 additions & 7 deletions Season-2/Level-3/code.py
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,21 @@
# //////////////////////////////////////////////////////////////////////
# /// ///
# /// ///
# /// 0. tests.py file is passing but the code here is vulnerable ///
# /// 1. Review the code in this file. Can you spot the bugs(s)? ///
# /// 2. Fix the bug(s) in code.py. Ensure that tests.py passes ///
# /// 3. Run hack.py and if passing then CONGRATS! ///
# /// 4. If stuck then read the hint ///
# /// 5. Compare your solution with solution.txt ///
# /// ///
# /// 3. Run hack.py and if passing then CONGRATS! ///
# /// 4. If stuck then read the hint ///
# /// 5. Compare your solution with solution.txt ///
# /// ///
# //////////////////////////////////////////////////////////////////////

# //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
# /// RUN CODE (RECOMMENDED TO PASS THIS LEVEL) ///
# /// __________________________________________________________________________________________________________________ ///
# /// ///
# /// ///
# /// Run by opening a terminal and running the following: ///
# /// $ export FLASK_APP=Season-2/Level-3/code.py && export FLASK_ENV=development && export FLASK_DEBUG=0 && flask run ///
# /// ///
# /// ///
# //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

import os
Expand Down
2 changes: 1 addition & 1 deletion Season-2/Level-3/hack.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# ///////////////////////////////////////////////////////////////////////
# /// RUN HACK ///
# /// RUN HACK ///
# /// _______________________________________________________________ ///
# /// ///
# /// This file exploits the vulnerabilities in code.py ///
Expand Down
10 changes: 5 additions & 5 deletions Season-2/Level-3/tests.py
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
# /////////////////////////////////////////////////////////////////////////
# /// RUN TESTS ///
# /// RUN TESTS ///
# /// _________________________________________________________________ ///
# /// ///
# /// This file contains passing tests. ///
# /// ///
# /// ///
# /// This file contains passing tests. ///
# /// ///
# /// Run them by opening a terminal and running the following: ///
# /// $ python3 Season-2/Level-3/tests.py ///
# /// ///
# /// Note: first you have to run code.py following the instructions ///
# /// on top of the file so that the environment variables align but ///
# /// it's not necessary to run both files in parallel as the tests ///
# /// initialize a new environment, similar to code.py ///
# /// ///
# /// ///
# /////////////////////////////////////////////////////////////////////////

from code import app, get_planet_info
Expand Down
6 changes: 3 additions & 3 deletions Season-2/Level-4/hack.js
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
///////////////////////////////////////////////////////////////////////
/// RUN HACK ///
/// RUN HACK ///
/// _______________________________________________________________ ///
/// ///
/// ///
/// Run file by opening a terminal and running the following: ///
/// ///
/// $ mocha Season-2/Level-4/hack.js ///
/// ///
/// ///
/// If you're inside a Codespace, the above should be running ///
/// smoothly. In case you're running this locally, please run ///
/// the following command first, and then run the hack file: ///
Expand Down
2 changes: 1 addition & 1 deletion Season-2/Level-5/hint-1.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ Do you want to visualize the above? Follow these instructions:
1. Double click index.html to open it in any browser. Are you using GitHub Codespaces?

// Please note that if you are inside a codespace, it is not possible to perform step 1. For
// this reason, please create a local copy for the file 'index.html'. You can do so by copying
// this reason, please create a local copy for the file 'index.html'. You can do so by copying
// and pasting the contents of 'index.html' in a local file so that you can open it in a browser.
// Then, follow the remaining steps.

Expand Down

0 comments on commit 287c15d

Please sign in to comment.