🥅 handle ajax errors

ctcpip · ctcpip · commit 5a1c78775ca2 · 2023-12-21T12:22:26.000-06:00
diff --git a/security/1.2.7-sec/main.js b/security/1.2.7-sec/main.js
@@ -4,9 +4,16 @@ function log(txt){
   document.querySelector('#log').append(p);
 }
 
+function error(txt){
+  const p = document.createElement("p");
+  p.append(txt);
+	p.classList.add('error');
+  document.querySelector('#log').append(p);
+}
+
 window.onerror = function(message, source, lineno, colno, error) {
-	log(message);
-	log(error.stack);
+	error(message, true);
+	error(error.stack);
 };
 
 const windowAlert = window.alert;
@@ -16,6 +23,13 @@ window.alert = function(...args) {
   // windowAlert(...args);
 };
 
+$(document).ajaxError(function(...args) {
+	error(`AJAX ERROR! CAN'T TEST FOR CVE! IS SERVER DOWN?`);
+	for (let i = 0; i < args.length; i++) {
+		error(JSON.stringify(args[i]));
+	}
+});
+
 function CVE_2012_6708() {
   log('called CVE_2012_6708');
   $("#yee").html(
@@ -29,8 +43,8 @@ function CVE_2015_9251() {
     // since we are relying on an external resource for this test, guard against regression
     const expectedContentFound = content === "alert(document.domain);";
     if(!expectedContentFound) {
-      log(`unexpected content found: '${content}'`);
-      log('CVE-2015-9251 CANNOT BE VERIFIED!');
+      error(`unexpected content found: '${content}'`);
+      error('CVE-2015-9251 CANNOT BE VERIFIED!');
     }
   });
 	log('CVE-2015-9251 is not reproducible in 1.2.6, so ignore this test');
diff --git a/security/1.2.7-sec/styles.css b/security/1.2.7-sec/styles.css
@@ -21,3 +21,7 @@ button {
 #yee {
   display: none;
 }
+
+.error {
+	color: red;
+}
diff --git a/security/1.6.5-sec/main.js b/security/1.6.5-sec/main.js
@@ -4,9 +4,16 @@ function log(txt){
   document.querySelector('#log').append(p);
 }
 
+function error(txt){
+  const p = document.createElement("p");
+  p.append(txt);
+	p.classList.add('error');
+  document.querySelector('#log').append(p);
+}
+
 window.onerror = function(message, source, lineno, colno, error) {
-	log(message);
-	log(error.stack);
+	error(message, true);
+	error(error.stack);
 };
 
 const windowAlert = window.alert;
@@ -16,6 +23,13 @@ window.alert = function(...args) {
   // windowAlert(...args);
 };
 
+$(document).ajaxError(function(...args) {
+	error(`AJAX ERROR! CAN'T TEST FOR CVE! IS SERVER DOWN?`);
+	for (let i = 0; i < args.length; i++) {
+		error(JSON.stringify(args[i]));
+	}
+});
+
 function CVE_2012_6708() {
   log('called CVE_2012_6708');
   $("#yee").html(
@@ -29,8 +43,8 @@ function CVE_2015_9251() {
     // since we are relying on an external resource for this test, guard against regression
     const expectedContentFound = content === "alert(document.domain);";
     if(!expectedContentFound) {
-      log(`unexpected content found: '${content}'`);
-      log('CVE-2015-9251 CANNOT BE VERIFIED!');
+      error(`unexpected content found: '${content}'`);
+      error('CVE-2015-9251 CANNOT BE VERIFIED!');
     }
   });
 }
diff --git a/security/1.6.5-sec/styles.css b/security/1.6.5-sec/styles.css
@@ -21,3 +21,7 @@ button {
 #yee {
   display: none;
 }
+
+.error {
+	color: red;
+}

Original file line number	Diff line number	Diff line change
`@@ -21,3 +21,7 @@ button {`
`21`	`21`	`#yee {`
`22`	`22`	`display: none;`
`23`	`23`	`}`
	`24`	`+`
	`25`	`+.error {`
	`26`	`+ color: red;`
	`27`	`+}`