Merge branch 'main' into issue-OWASP-BLT#1315

.devcontainer/devcontainer.json

@@ -3,12 +3,31 @@
   "dockerComposeFile": "../docker-compose.yml",
   "service": "app",
   "workspaceFolder": "/blt",
+  "settings": { 
+      "terminal.integrated.shell.linux": "/bin/bash",
+      "python.pythonPath": "/usr/local/bin/python",
+      "python.linting.enabled": true,
+      "python.linting.pylintEnabled": true,
+      "python.formatting.autopep8Path": "/usr/local/py-utils/bin/autopep8",
+      "python.formatting.blackPath": "/usr/local/py-utils/bin/black",
+      "python.formatting.yapfPath": "/usr/local/py-utils/bin/yapf",
+      "python.linting.banditPath": "/usr/local/py-utils/bin/bandit",
+      "python.linting.flake8Path": "/usr/local/py-utils/bin/flake8",
+      "python.linting.mypyPath": "/usr/local/py-utils/bin/mypy",
+      "python.linting.pycodestylePath": "/usr/local/py-utils/bin/pycodestyle",
+      "python.linting.pydocstylePath": "/usr/local/py-utils/bin/pydocstyle",
+      "python.linting.pylintPath": "/usr/local/py-utils/bin/pylint"
+  },
   "customizations": {
     "vscode": {
       "extensions": [
-        "ms-python.python"
+        "ms-python.python",
+        "ms-python.vscode-pylance",
+        "batisteo.vscode-django"
       ]
     }
   },
-  "forwardPorts": [8000]
+  "forwardPorts": [8000],
+  "postCreateCommand": "python -m pip install --upgrade pip",
+  "remoteUser": "vscode"
 }

pyproject.toml

@@ -28,8 +28,8 @@ selenium = "^4.15.2"
 pylibmc = "^1.6.1"
 psycopg2-binary = "^2.9.9"
 boto = "^2.49.0"
-django-cors-headers = "^4.3.0"
-protobuf = "^4.25.0"
+django-cors-headers = "^4.3.1"
+protobuf = "^4.25.1"
 django-storages = {extras = ["google"], version = "^1.14.2"}
 django-timedeltafield = "^0.7.10"
 EasyProcess = "^1.1"
@@ -53,7 +53,7 @@ django-tz-detect = "^0.4.0"
 django-tellme = "^0.7.3"
 django-bootstrap-datepicker-plus = "^5.0.4"
 django-star-ratings = "^0.9.2"
-stripe = "^7.4.0"
+stripe = "^7.5.0"
 django-environ = "^0.11.2"
 django-humanize = "^0.1.2"
 drf-yasg = "^1.20.0"
@@ -62,7 +62,7 @@ django-filter = "^22.1"
 webdriver-manager = "^4.0.1"
 pillow = "^10.1.0"
 chromedriver-autoinstaller = "^0.6.2"
-sentry-sdk = "^1.34.0"
+sentry-sdk = "^1.35.0"
 
 [tool.poetry.dev-dependencies]
 black = "^22.3.0"

website/templates/includes/navbar.html

@@ -184,7 +184,7 @@
             </li>
             {% else %}
             <!-- Sign up and Log in Buttons -->
-            <div class="hidden lg:!flex h-[80px] justify-center items-center">
+            <div class="lg:!flex h-[80px] justify-center items-center">
                 <a href="/accounts/signup"
                     class="h-[38px] px-[25px] py-[9px] bg-red-500 hover:bg-red-600 hover:no-underline text-white font-bold text-2xl mr-[20px] hover:text-white">
                     {% trans "Signup" %}</a>

website/templates/index.html

@@ -38,7 +38,7 @@ <h1 class="page-sub-header">{% trans "Latest activity" %}</h1>
                 <div class="list-group">
                     {% if leaderboard %}
                     {% for leader in leaderboard %}
-                    <div class="list-group-item activity-strip flex overflow-hidden" style="height: 80px; border: 1px solid #DDDDDD">
+                    <div class="list-group-item activity-strip flex overflow-hidden" style="height: 80px; display:flex; border: 1px solid #DDDDDD">
                         <span class="h-full w-1/3 flex justify-center items-center">
                             {% if leader.socialaccount_set.all.0.get_avatar_url %}
                             <img src="{{ leader.socialaccount_set.all.0.get_avatar_url }}" class="profileimage" width="50"

website/templates/report.html

@@ -103,23 +103,34 @@ <h3 class="text-xl font-bold leading-none text-red-500">Latest Issues</h3>
                 </p>
 
                 <div class="mt-12 grid grid-cols-1 gap-x-6 gap-y-8 sm:grid-cols-6">
-                    <div class="sm:col-span-5">
-                        <label
-                        for="url"
-                        class="block text-2xl font-semibold leading-6 text-gray-900"
-                        >{% trans 'DOMAIN URL' %}</label
-                        >
-                        <div class="mt-2">
-                        <input
-                            type="text"
-                            name="url" 
-                            value="{{ request.GET.url }}"
-                            autocomplete="domain_name"
-                            placeholder="https://bugheist.com/search"
-                            required
-                            data-intro="Enter the website's complete url where you found the bug." data-step="1"
-                            class="block w-full placeholder:text-xl rounded-md border-0 py-5 pl-3 text-gray-900 shadow-sm ring-1 ring-inset ring-gray-300  sm:leading-6"
-                        />
+                    <div class="sm:col-span-5 flex items-center">
+                        <div>
+                            <label for="url" class="block text-2xl font-semibold leading-6 text-gray-900">
+                                {% trans 'DOMAIN URL' %}
+                            </label>
+                            <div class="mt-2">
+                                <input
+                                    id="url"
+                                    type="text"
+                                    name="url" 
+                                    value="{{ request.GET.url }}"
+                                    autocomplete="domain_name"
+                                    placeholder="https://bugheist.com/search"
+                                    required
+                                    data-intro="Enter the website's complete url where you found the bug." data-step="1"
+                                    class="block w-full placeholder:text-xl rounded-md border-0 py-5 pl-3 text-gray-900 shadow-sm ring-1 ring-inset ring-gray-300  sm:leading-6"
+                                />
+                            </div>
+                        </div>
+                        <!-- Top Domains List -->
+                        <div class="flex ml-4">
+                            {% for domain in top_domains %}
+                                <img 
+                                    src="https://www.google.com/s2/favicons?sz=32&domain_url={{ domain.domain__name }}" 
+                                    alt="{{ domain.domain__name }}" 
+                                    class="mr-2 cursor-pointer"
+                                    onclick="fillUrl('{{ domain.domain__name }}')"> <!-- JavaScript function to fill URL -->
+                            {% endfor %}
                         </div>
                     </div>
                     <div class="h-full flex items-end w-full min-w-[150px]">
@@ -129,6 +140,14 @@ <h3 class="text-xl font-bold leading-none text-red-500">Latest Issues</h3>
                         </a>
                     </div>
                 </div>
+
+                <script>
+                    // JavaScript function to fill the URL input field
+                    function fillUrl(url) {
+                        document.getElementById('url').value = url;
+                    }
+                </script>
+
 
                 <div class="mt-12 grid grid-cols-1 gap-x-6 gap-y-8 sm:grid-cols-6">
 

website/views.py

@@ -784,6 +784,7 @@ def get_context_data(self, **kwargs):
             context["hunts"] = Hunt.objects.values("id","name").filter(is_published=True,result_published=False)
             context["report_on_hunt"] = False
 
+        context['top_domains'] = Issue.objects.values("domain__name").annotate(count=Count('domain__name')).order_by("-count")[:30]
 
 
         return context