Revert "backend runs on 5001 (OWASP#495)" (OWASP#498)

This reverts commit e5929f5.
robvanderveer · Apr 16, 2024 · 70e37ad · 70e37ad
1 parent e5929f5
commit 70e37ad
Show file tree

Hide file tree

Showing 7 changed files with 33 additions and 25 deletions.
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
@@ -27,6 +27,10 @@ jobs:
       - name: Run app and e2e tests
         run: |
           yarn build
-          make dev-flask&
+          [ -d "./venv" ] && . ./venv/bin/activate
+          export FLASK_APP=./cre.py
+          export FLASK_CONFIG=development
+          export INSECURE_REQUESTS=1
+          FLASK_CONFIG=development flask run &
           sleep 20s
           yarn test:e2e
diff --git a/Dockerfile-dev b/Dockerfile-dev
@@ -10,7 +10,9 @@ FROM python:3.11.0 as run
 COPY --from=build /code /code
 WORKDIR /code
 RUN apt update &&\
-    apt install -y python3-numpy  python3-virtualenv python3-pip &&\
+    apt install -y python3-numpy &&\
+    pip install virtualenv &&\
+    make install-deps-python &&\
     make install-python
 
 ENTRYPOINT make dev-flask
diff --git a/Makefile b/Makefile
@@ -12,16 +12,18 @@ docker-redis:
 start-containers: docker-neo4j docker-redis
 
 start-worker:
-	. ./venv/bin/activate &&\
-	FLASK_APP=`pwd`/cre.py python cre.py --start_worker
+	. ./venv/bin/activate && FLASK_APP=`pwd`/cre.py python cre.py --start_worker
 
 dev-flask:
-	. ./venv/bin/activate &&\
-	FLASK_RUN_PORT="5002" INSECURE_REQUESTS=1 FLASK_APP=`pwd`/cre.py  FLASK_CONFIG=development flask run
+	. ./venv/bin/activate && INSECURE_REQUESTS=1 FLASK_APP=`pwd`/cre.py  FLASK_CONFIG=development flask run
 
 e2e:
 	yarn build
-	make dev-flask&
+	[ -d "./venv" ] && . ./venv/bin/activate &&\
+	export FLASK_APP=$(CURDIR)/cre.py &&\
+	export FLASK_CONFIG=development &&\
+	export INSECURE_REQUESTS=1 &&\
+	flask run &
 	sleep 5
 	yarn test:e2e
 	sleep 20
@@ -64,10 +66,10 @@ docker-prod:
 	docker build -f Dockerfile -t opencre:$(shell git rev-parse HEAD) .
 
 docker-dev-run:
-	 docker run -it -p 5002:5002 opencre-dev:$(shell git rev-parse HEAD)
+	 docker run -it -p 5000:5000 opencre-dev:$(shell git rev-parse HEAD)
 
 docker-prod-run:
-	 docker run -it -p 5002:5002 opencre:$(shell git rev-parse HEAD)
+	 docker run -it -p 5000:5000 opencre:$(shell git rev-parse HEAD)
 
 lint:
 	[ -d "./venv" ] && . ./venv/bin/activate && black . && yarn lint
@@ -128,6 +130,6 @@ preload-map-analysis:
 	sleep 5
 	[ -d "./venv" ] && . ./venv/bin/activate &&\
 	export FLASK_APP=$(CURDIR)/cre.py 
-	python cre.py --preload_map_analysis_target_url 'http://127.0.0.1:5002'	
+	python cre.py --preload_map_analysis_target_url 'http://127.0.0.1:5000'	
 	killall python flask
 all: clean lint test dev dev-run
diff --git a/Procfile b/Procfile
@@ -1,2 +1,2 @@
-web: gunicorn cre:app -b 0.0.0.0:5002 --log-file=-g
-worker:  FLASK_RUN_PORT="5002" FLASK_APP=`pwd`/cre.py python cre.py --start_worker
+web: gunicorn cre:app --log-file=-g
+worker: FLASK_APP=`pwd`/cre.py python cre.py --start_worker
diff --git a/application/frontend/src/hooks/useEnvironment.ts b/application/frontend/src/hooks/useEnvironment.ts
@@ -10,7 +10,7 @@ const prodEnvironment: Environment = {
 
 const devEnvironment: Environment = {
   name: 'dev',
-  apiUrl: 'http://127.0.0.1:5002/rest/v1',
+  apiUrl: 'http://127.0.0.1:5000/rest/v1',
 };
 
 export const useEnvironment = (): Environment =>

diff --git a/application/frontend/src/test/basic-e2e.test.ts b/application/frontend/src/test/basic-e2e.test.ts
@@ -14,18 +14,18 @@ describe('App.js', () => {
     jest.setTimeout(1000000);
     browser = await puppeteer.launch(debug);
     page = await browser.newPage();
-    page.setDefaultTimeout(15001);
+    page.setDefaultTimeout(15000);
   });
 
   it('contains the welcome text', async () => {
-    await page.goto('http://localhost:5002');
+    await page.goto('http://localhost:5000');
     await page.waitForSelector('#SearchBar');
     const text = await page.$eval('#SearchBar', (e) => e.textContent);
     expect(text).toContain('Search');
   });
 
   it('can search for random strs', async () => {
-    await page.goto('http://127.0.0.1:5002');
+    await page.goto('http://127.0.0.1:5000');
     await page.waitForSelector('#SearchBar');
     await page.type('#SearchBar > div > input', 'asdf');
     await page.click('#SearchBar > div > button');
@@ -35,7 +35,7 @@ describe('App.js', () => {
   });
 
   it('can search for cryptography using the free text method and it returns both Nodes and CRES', async () => {
-    await page.goto('http://127.0.0.1:5002');
+    await page.goto('http://127.0.0.1:5000');
     await page.waitForSelector('#SearchBar');
     await page.type('#SearchBar > div > input', 'crypto');
     await page.click('#SearchBar > div > button');
@@ -55,7 +55,7 @@ describe('App.js', () => {
   });
 
   it('can search for a standard by name, section and the standard page works as expected', async () => {
-    await page.goto('http://127.0.0.1:5002/node/standard/ASVS');
+    await page.goto('http://127.0.0.1:5000/node/standard/ASVS');
     await page.waitForSelector('.content');
     const text = await page.$$('.content', (e) => e.textContent);
     expect(text).not.toContain('No results match your search term');
@@ -102,7 +102,7 @@ describe('App.js', () => {
   });
 
   it('can search for a cre', async () => {
-    await page.goto('http://127.0.0.1:5002');
+    await page.goto('http://127.0.0.1:5000');
     await page.waitForSelector('#SearchBar');
     await page.type('#SearchBar > div > input', '558-807');
     await page.click('#SearchBar > div > button');
@@ -133,7 +133,7 @@ describe('App.js', () => {
   });
 
   it('can filter', async () => {
-    await page.goto('http://127.0.0.1:5002/cre/558-807?applyFilters=true&filters=asvs');
+    await page.goto('http://127.0.0.1:5000/cre/558-807?applyFilters=true&filters=asvs');
     await page.waitForSelector('.cre-page__links-container');
     // Get inner text
     const innerText = await page.evaluate(
@@ -144,7 +144,7 @@ describe('App.js', () => {
     expect(innerText).not.toContain('NIST');
 
     // ensure case insensitive filtering
-    await page.goto('http://127.0.0.1:5002/cre/558-807?applyFilters=true&filters=ASVS');
+    await page.goto('http://127.0.0.1:5000/cre/558-807?applyFilters=true&filters=ASVS');
     await page.waitForSelector('.cre-page__links-container');
     const intxt = await page.evaluate(
       () => (document.querySelector('.cre-page__links-container') as HTMLElement)?.innerText
@@ -160,10 +160,10 @@ describe('App.js', () => {
   });
 
   it('can smartlink', async () => {
-    const response = await page.goto('http://127.0.0.1:5002/smartlink/standard/CWE/1002');
-    expect(response.url()).toBe('http://127.0.0.1:5002/node/standard/CWE/sectionid/1002');
+    const response = await page.goto('http://127.0.0.1:5000/smartlink/standard/CWE/1002');
+    expect(response.url()).toBe('http://127.0.0.1:5000/node/standard/CWE/sectionid/1002');
 
-    const redirectResponse = await page.goto('http://127.0.0.1:5002/smartlink/standard/CWE/404');
+    const redirectResponse = await page.goto('http://127.0.0.1:5000/smartlink/standard/CWE/404');
     expect(redirectResponse.url()).toBe('https://cwe.mitre.org/data/definitions/404.html');
   });
 

diff --git a/application/web/web_main.py b/application/web/web_main.py
@@ -745,4 +745,4 @@ def all_cres() -> Any:
 
 
 if __name__ == "__main__":
-    app.run(use_reloader=False, debug=True, port=5002)
+    app.run(use_reloader=False, debug=True)
Original file line number	Diff line number	Diff line change
Expand Up		@@ -745,4 +745,4 @@ def all_cres() -> Any:


		if __name__ == "__main__":
		app.run(use_reloader=False, debug=True, port=5002)
		app.run(use_reloader=False, debug=True)