https://github.com/voku/anti-xss--demo
This is a demo website for anti-xss via PHP. | http://anti-xss-demo.suckup.de/
https://github.com/voku/anti-xss--demo
Last synced: 2 months ago
JSON representation
This is a demo website for anti-xss via PHP. | http://anti-xss-demo.suckup.de/
- Host: GitHub
- URL: https://github.com/voku/anti-xss--demo
- Owner: voku
- License: mit
- Created: 2015-08-21T13:06:17.000Z (about 10 years ago)
- Default Branch: master
- Last Pushed: 2023-12-15T14:38:04.000Z (almost 2 years ago)
- Last Synced: 2024-10-29T22:48:07.655Z (12 months ago)
- Language: JavaScript
- Homepage:
- Size: 3.47 MB
- Stars: 3
- Watchers: 4
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
Anti-XSS (Slim + Twig + AntiXSS for Twig)
======================================================
This is a Demo for the Anti-XSS package.
======================================================
* **Controller/Routing**: Slim ([codeguy/Slim](https://github.com/codeguy/Slim))
* **Model/Persistence/ActiveRecord**: ActiveRecord ([voku/simple-active-record](https://github.com/voku/simple-active-record))
* **View/Template**: Twig ([fabpot/Twig](https://github.com/fabpot/Twig))
* **Security**: Anti-XSS ([voku/anti-xss](https://github.com/voku/anti-xss))
* **UI Toolkit**: Twitter Bootstrap ([twitter/bootstrap](https://github.com/twitter/bootstrap))
## Installation
The instructions below assume you are running a **LAMP** stack in Ubuntu or any other **apt**-based distributions. To allow Slim to route with clean path syntax, you need to enable the url rewrite module.
sudo a2enmod rewrite
sudo service apache2 restart
Suppose your document root is in /var/www, clone the repository as follows:
cd /var/www
git clone https://github.com/voku/anti-xss-demo anti-xss-demo
The required vendor libraries can be installed/updated using [Composer](http://getcomposer.org/). Go to the project root (where you see the file *composer.json*) and run the following command:
cd ./anti-xss-demo
composer install
Then, update your apache config file to set your document root to the **web** subdirectory. This helps to secure your scripts which should normally be put inside the **app/** folder.
DocumentRoot /var/www/anti-xss-demo/web
ServerName anti-xss-demo.example.com
Note that in order to make the *.htaccess* effective, your main apache config file must allow subdirectory to override it.
AllowOverride All
Database Example:
```
CREATE TABLE `xss` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`xss` TEXT NOT NULL,
`desc` TEXT NOT NULL,
`keywords` VARCHAR(50) NULL DEFAULT '',
`author` VARCHAR(50) NULL DEFAULT '',
`date` TIMESTAMP NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
)
COLLATE='utf8mb4_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=1
;
```
##Structure
* **app/** contains all files for your app: `models/`, `controllers/`, `views/` (Twig templates) and your `config/` (configuration). Slim is instantiated in `app/start.php`
* **vendor/** contains the libraries for your application, and you can update them with composer.
* **web/** is for your assets: js/css/img files. It should be the only folder publically available so your domain should point to this folder. `web/index.php` bootstraps the rest of the application.
##Writable Directory
* **app/storage/cache/twig/** contains the twig template cache.
* **app/storage/logs/** contains the error logs.
## License
Software licensed under the [MIT license](http://opensource.org/licenses/MIT)
----------