-
-
Notifications
You must be signed in to change notification settings - Fork 9.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[🐛] Promotion video path is different than files in 13.3.0 release #1793
Comments
Thanks a lot for opening your first issue with us! 🧡 We'll get back to you shortly! ⏳ If it was a Support Request, please consider asking on the community chat next time! 💬 |
The video loads fine and all end-to-end tests pass (which should include testing the Video XSS) - could you please elaborate on what the diff between actual and expected file locations and behavior? Also if you have an error log, that would also help. Thanks! |
if download this release: https://github.com/juice-shop/juice-shop/releases/download/v13.3.0/juice-shop-13.3.0_node16_linux_x64.tgz and look into the frontend folder. You will find that it contains 2 subdirectories. Dist and src. If you look at the master branch and look into the frontend folder, you'll find that it has been updated and only contains src subdirectory. Because of this, it results in this error below when traversing to the localhost:300/video path '''
''' This error is because it's trying to access the owasp promo video from the src directory but in the release I linked above, the video isn't located there, it's located inside the dist sub folder. I hope the point is clear |
The |
Ok, you're right, there is a wrong path in one place: |
Will be fixed with v14.0.0 release. Thanks for catching this! |
This thread has been automatically locked because it has not had recent activity after it was closed. 🔒 Please open a new issue for regressions or related bugs. |
The folder structure inside the frontend file within the release for Linux 13.3.0 is dist / src whereas the path to get the promotion video is src/assets/etc... and the actual video in the release is contained within the dist file not the src.
The file structure for the frontend file is also different in the master branch ( as it only contains one src file ) compared to the actual file release made 19 days ago. ( as the release has dist / src folders inside it )
This causes the video to break and not fetch properly. This is related to the Video XSS 6 star challenge specifically or any other challenge that involves the OWASP promotional video.
The text was updated successfully, but these errors were encountered: