Skip to content

Web app (module) to display a CSAF 2 document and to browse CSAF 2 ROLIE feeds. ⚠️ The web demo is often not allowed to access servers:

Notifications You must be signed in to change notification settings

csaf-poc/csaf_webview

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CSAF Webview

A browser based web app (module) to:

  • Display the contents of a CSAF 2.0 document.
  • Browse the tree of documents offered by a CSAF Provider or mirror via the ROLIE feed.

Note: As of 2023-12-14 all but one server do not allow web applications to read the CSAF information directly. So you will get failures due to CORS restrictions often. See oasis-tcs/csaf#653 for more details.

The envisoned usage is to be integrated in a larger application. Therefore it is kept simple and stylable. A backend can act as a proxy to avoid the problems caused by CSAF Providers missing Access-Control-Allow-Origin: * headers.

Displaying a single document

Displaying a ROLIE-Feed

The deployment via github pages is a demo and thus may not reflect the current state of the source repository.

Development

Clone the repo

git clone https://github.com/csaf-poc/csaf_webview.git

cd into app directory

cd csaf_webview

Install dependencies

Install current LTS version of NodeJS, e.g. see https://github.com/nodesource/distributions/blob/master/README.md . Upgrade to the latest version of npm if you can. Development has been started with Node v20 and npm 10.2.1

npm install
npx playwright install

Run development server

Optionally add -- --open to directly open a browser.

npm run dev -- --open

Drag a valid csaf-file over the dropzone.

Run unit tests

npm run test:unit

Run integration tests

npm run test:integration

Run unit tests coverage

npm run coverage

Deploy new version of GH page

npm run build:ghpage npm run deploy

Configure a local proxysetup

In order to configure a proxy server use vite.config.js. The default configuration is:

...
server: {
    proxy: {
      "/proxy/": {
        target: "https://wid.cert-bund.de/",
        changeOrigin: true,
        rewrite: (path) => path.replace(/^\/proxy/, "")
      }
    }
  },
...

For more information look here.

Change target to the URL to be proxied.

License

  • csaf_webview is licensed as Free Software under MIT License.

  • See the specific source files for details, the licenses itself can be found in the directory LICENSES/.

  • The resulting webpage contains third party Free Software components under licenses that to our best knowledge are compatible at time of adding the dependency. See package.json for details.

About

Web app (module) to display a CSAF 2 document and to browse CSAF 2 ROLIE feeds. ⚠️ The web demo is often not allowed to access servers:

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published