admin_user.rank = UserRank.ADMIN
session.add(admin_user)
+ session.add(MinetestRelease("None", 0))
+ session.add(MinetestRelease("0.4.16/17", 32))
+ session.add(MinetestRelease("5.0", 37))
+ session.add(MinetestRelease("5.1", 38))
+
tags = {}
for tag in ["Inventory", "Mapgen", "Building", \
"Mobs and NPCs", "Tools", "Player effects", \
session.add(row)
-def populate_test_data(session, licenses, tags, admin_user):
+def populate_test_data(session):
+ licenses = { x.name : x for x in License.query.all() }
+ tags = { x.name : x for x in Tag.query.all() }
+ admin_user = User.query.filter_by(rank=UserRank.ADMIN).first()
+ v4 = MinetestRelease.query.filter_by(protocol=32).first()
+ v50 = MinetestRelease.query.filter_by(protocol=37).first()
+ v51 = MinetestRelease.query.filter_by(protocol=38).first()
+
ez = User("Shara")
ez.github_username = "Ezhh"
ez.forums_username = "Shara"
rel = PackageRelease()
rel.package = mod1
+ rel.min_rel = v51
rel.title = "v1.0.0"
rel.url = "https://github.com/rubenwardy/awards/archive/master.zip"
rel.approved = True
rel = PackageRelease()
rel.package = mod
rel.title = "v1.0.0"
+ rel.max_rel = v4
rel.url = "https://github.com/ezhh/handholds/archive/master.zip"
rel.approved = True
session.add(rel)
game1.desc = """
As seen on the Capture the Flag server (minetest.rubenwardy.com:30000)
+` `[`javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/`](javascript:/*--%3E%3C/title%3E%3C/style%3E%3C/textarea%3E%3C/script%3E%3C/xmp%3E%3Csvg/onload='+/%22/+/onmouseover=1/+/)`[*/[]/+alert(1)//'>`
+
+<IMG SRC="javascript:alert('XSS');">
+
+<IMG SRC=javascript:alert(&quot;XSS&quot;)>
+
+``<IMG SRC=`javascript:alert("RSnake says, 'XSS'")`>``
+
+\<a onmouseover="alert(document.cookie)"\>xxs link\</a\>
+
+\<a onmouseover=alert(document.cookie)\>xxs link\</a\>
+
+<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>
+
+<script>alert("hello");</script>
+
+<SCRIPT SRC=`[`http://xss.rocks/xss.js></SCRIPT>`](http://xss.rocks/xss.js%3E%3C/SCRIPT%3E)`;`
+
+`<IMG \"\"\">`
+
+<SCRIPT>
+
+alert("XSS")
+
+</SCRIPT>
+
+<IMG SRC= onmouseover="alert('xxs')">
+
+<img src=x onerror="javascript:alert('XSS')">
+
+"\>
+
Uses the CTF PvP Engine.
"""