[🐛] Promotion video path is different than files in 13.3.0 release

[vitaminsofsalem]

The folder structure inside the frontend file within the release for Linux 13.3.0 is dist / src whereas the path to get the promotion video is src/assets/etc... and the actual video in the release is contained within the dist file not the src.

The file structure for the frontend file is also different in the master branch ( as it only contains one src file ) compared to the actual file release made 19 days ago. ( as the release has dist / src folders inside it )

This causes the video to break and not fetch properly. This is related to the Video XSS 6 star challenge specifically or any other challenge that involves the OWASP promotional video.

[github-actions]

Thanks a lot for opening your first issue with us! 🧡 We'll get back to you shortly! ⏳ If it was a Support Request, please consider asking on the community chat next time! 💬

[bkimminich]

The video loads fine and all end-to-end tests pass (which should include testing the Video XSS) - could you please elaborate on what the diff between actual and expected file locations and behavior? Also if you have an error log, that would also help. Thanks!

[vitaminsofsalem]

if download this release: https://github.com/juice-shop/juice-shop/releases/download/v13.3.0/juice-shop-13.3.0_node16_linux_x64.tgz

and look into the frontend folder. You will find that it contains 2 subdirectories. Dist and src.

If you look at the master branch and look into the frontend folder, you'll find that it has been updated and only contains src subdirectory.

Because of this, it results in this error below when traversing to the localhost:300/video path

'''
OWASP Juice Shop (Express ^4.17.1)
500 Error: ENOENT: no such file or directory, stat 'frontend/src/assets/public/videos/owasp_promo.mp4'

   at Object.statSync (node:fs:1538:3)
   at Object.statSync (/home/kali/Downloads/juice-shop_13.3.0/node_modules/graceful-fs/polyfills.js:312:16)
   at /home/kali/Downloads/juice-shop_13.3.0/build/routes/videoHandler.js:18:25
   at Layer.handle [as handle_request] (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/layer.js:95:5)
   at next (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/route.js:137:13)
   at Route.dispatch (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/route.js:112:3)
   at Layer.handle [as handle_request] (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/layer.js:95:5)
   at /home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:281:22
   at Function.process_params (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:341:12)
   at next (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:275:10)
   at /home/kali/Downloads/juice-shop_13.3.0/build/routes/verify.js:133:5
   at Layer.handle [as handle_request] (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/layer.js:95:5)
   at trim_prefix (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:323:13)
   at /home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:284:7
   at Function.process_params (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:341:12)
   at next (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:275:10)
   at /home/kali/Downloads/juice-shop_13.3.0/build/routes/verify.js:69:5
   at Layer.handle [as handle_request] (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/layer.js:95:5)
   at trim_prefix (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:323:13)
   at /home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:284:7
   at Function.process_params (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:341:12)
   at next (/home/kali/Downloads/juice-shop_13.3.0/node_modules/express/lib/router/index.js:275:10)

'''

This error is because it's trying to access the owasp promo video from the src directory but in the release I linked above, the video isn't located there, it's located inside the dist sub folder. I hope the point is clear

[bkimminich]

The dist folder is generated during npm install and everything should be copied to where it needs to be. The folder is not committed to Git.

[bkimminich]

Ok, you're right, there is a wrong path in one place: videoHandler.ts uses frontend/src/assets/public/videos, and this isn't caught by the end-to-end tests b/c the src folder exists as well when running those. When you download a pre-packaged archive you only have the dist folder, as this is meant to be used.

[bkimminich]

Will be fixed with v14.0.0 release. Thanks for catching this!

[github-actions]

This thread has been automatically locked because it has not had recent activity after it was closed. 🔒 Please open a new issue for regressions or related bugs.