| Age | Commit message (Collapse) | Author |
|---|
|
This release only have chores, it should not break anything.
* go.mod: update all dependencies
This changes set minimum Go version to version 1.20.
The vegeta module finally has some update to v12.11.1.
* gitmodules: use https instead of git scheme
Using git scheme require private key to clone the remote repository.
* _www: update wui module
* _www: setup eslint for linting TypeScript files
This changes also apply all eslint recommendations.
* Makefile: replace the Go linter and apply all their recommendations
Previously, we use golangci-lint as linter. This linter does not
provides any useful recommendation lately and the development is quite
a mess, sometimes its break when using Go tip.
In this changes we replace it with revive, fieldalignment, and shadow;
and fix all of their recommendations.
|
|
Previously, we use golangci-lint as linter.
This linter does not provides any useful recommendation lately and the
development is quite a mess, sometimes its break when using Go tip.
In this changes we replace it with revive, fieldalignment, and shadow;
and fix all of their recommendations.
|
|
|
|
|
|
While at it reformat all files using default prettier.
|
|
Using git scheme require private key to clone to remote repository.
|
|
This changes set minimum Go version to version 1.20.
|
|
=== Bug fixes
* all: fix panic when attacking HTTP due to nil Attack handler
=== Enhancements
* _www: replace WebSocket handlers with HTTP endpoints
* all: add boolean Kind for FormInput, FormInputKindBoolean
* all: check and call ConvertParams when running HttpTarget
=== Chores
* all: move the _doc directory under _www
* all: convert the README from asciidoc to markdown
* all: remove WebSocket server
* go.mod: set Go version to 1.19 and update all dependencies
|
|
This is to minimize symlinks in the repository.
|
|
I use two remote repositories: GitHub and SourceHut.
GitHub support rendering README using asciidoc while SourceHut not.
This cause the repository that use README.adoc rendered as text in
SourceHut which make the repository page less readable.
Also, the pkg.go.dev now render README but only support Markdown.
Since we cannot control the SourceHut and go.dev, the only option is
to support converting Markdown in ciigo so I can write README using
Markdown and the rest of documentation using Asciidoc.
|
|
Using WebSocket for communication in client require additional
setup, especially if its behind proxy.
For example, if we server the trunks server under domain testing.local
behind proxy, we need to setup route for the WebSocket too.
|
|
The Attack and attack Cancel now call the HTTP endpoints.
|
|
This endpoints similar that we have in the WebSocket.
The idea is to replace the WebSocket endpoints with this one.
|
|
|
|
In attack endpoint, check if the Attack is nil before we push the request
to attack queue.
|
|
The FormInputKindBoolean only used for convertion, for example
ToJsonObject.
In the WUI, it still rendered as string, not as checkbox.
FormInput with this Kind will be converted to true in ToJsonObject if
the Value is either "true", "yes", or "1".
|
|
The req, RunRequest instance, is from request so the
HttpTarget.ConvertParams need to be set from the original HttpTarget.
This fix the conditional rr.HttpTarget.ConvertParams == nil always true
when calling runHttpTarget.
|
|
|
|
If the ConvertParams field is set, use it to convert the parameters into
desired type.
|
|
This release set the minimum Go version to 1.18 and update all modules.
== Chores
* all: group all documentations under directory _doc
* example: fix the HTTP POST handler
* all: remove unused field Locker in RunRequest
* all: fix all linter warnings
|
|
The _doc directory provides an entry point for all documentation.
While at it we reformat the README to use AsciiDoc markup.
|
|
Remove call to ParseMultipartform since the request type is
x-www-form-urlencoded not multipart/form-data.
|
|
The mlog functions automatically add new line to each format, so we
did not need to add it manually.
|
|
|
|
Some linter, govet, warns about possible copied Mutex on HttpRequest.
To fix this we implement method clone and Stringer on HttpRequest.
|
|
|
|
This changes replace any usage of ioutil with os and io package.
|
|
If the address is using "https:" protocol, the WebSocket address will
use the "wss://" schema.
This changes require latest update on wui repository.
|
|
Release trunks under GPL 3.0 or later license.
See https://kilabit.info/journal/2022/gpl for more information.
|
|
See https://kilabit.info/journal/2022/gpl for more information.
|
|
|
|
Module trunks is a library and HTTP service that provide web user interface
to test HTTP service, similar to Postman, and for load testing.
For the load testing we use vegeta [1] as the backend.
|
|
|
|
In case user set CGO_ENABLED=0, the task for "all" will fail.
This commit fix this by setting CGO_ENABLED to 1 when running test
with -race option.
|
|
|
|
The NavLink struct now has field OpenInIFrame. If its true, the Href
will be opened inside an iframe in the same window, otherwise it
will opened in new tab.
|
|
Using Trunks.RegisterNavLink, one can register custom link into
left navigation menu.
|
|
|
|
Changes,
* AttackResult storage size decreased -24 bytes
* Environment storage size decreased -32 bytes
* HttpTarget storage size decreased -24 bytes
* RunRequest storage size decreased -32 bytes
* RunResponse storage size decreased -8 bytes
* Target storage size decreased -16 bytes
* WebSocketTarget storage size decreased -8 bytes
|
|
The returned value from WebSocketTarget's onClickRun() is already decoded
as object, so we did not need to convert and run JSON.parse with it.
|
|
This changes update on how memfs initialized and GoEmbed called.
|
|
When the worker build received an update to .js or .html files, we run
the Node.Update method on affected node to fetch their latest content.
This is to allow the task to embed files, generate the latest content.
|
|
In the commit edff37e3 and 264cb988, we store the user modified input
into local storage. This including Target options and variables,
HttpTarget headers and parameters, and WebSocket headers and parameters.
When the user interface refreshed, the stored variables is loaded into
input form but not saved into current Target/HttpTarget/WebSocketTarget
variables.
This changes fix this issue by loading the stored variables into
into current instance of Target/HttpTarget/WebSocketTarget variables.
|
|
The internal/cmd/trunks-example is not run and provide an example only
now, its include the workers to build, recompile, re-embeded files.
|
|
Previously, we have a workers to recompile TypeScript and regenerate
HTML files from adoc inside the Trunks type. The workers will run
if the environment variable TRUNKS_DEV set to non-zero.
This changes move those workers to the internal/cmd/trunks-example,
because those workers are related for development only not for running
Trunks server.
|
|
The BaseURL should be only set once by server and read-only to client.
This is to prevent a malicious client attempt to attack non-predefined
target.
|
|
The "cmd" directory on module should be reserved for installable
program that can be executed outside of this repository.
The trunks-example is development server should be run on root of this
repository only, not installable to $GOBIN.
|
|
This changes split the Save function into several functions, in order
to help review and minimize wrong storage key on load and save.
|
|
Changes,
* share: fix the HTTP caching using ETag on the server
* share: rename the terminology to generate Go source code to "embed"
* ciigo: check markup modification time before converting to HTML
|
|
Once the Attack button is clicked, the Target's attack options will
be stored to local storage. On the next refresh or opening the Trunks
web interface, the stored values will be loaded again.
|
