Skip to content

voku/anti-xss--demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits

app

app

 
 

web

web

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

.htaccess

.htaccess

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

composer.json

composer.json

 
 

phpcs.php_cs

phpcs.php_cs

 
 

Repository files navigation

Anti-XSS (Slim + Twig + AntiXSS for Twig)

This is a Demo for the Anti-XSS package.

======================================================

Installation

The instructions below assume you are running a LAMP stack in Ubuntu or any other apt-based distributions. To allow Slim to route with clean path syntax, you need to enable the url rewrite module.

sudo a2enmod rewrite
sudo service apache2 restart

Suppose your document root is in /var/www, clone the repository as follows:

cd /var/www
git clone https://github.com/voku/anti-xss-demo anti-xss-demo

The required vendor libraries can be installed/updated using Composer. Go to the project root (where you see the file composer.json) and run the following command:

cd ./anti-xss-demo
composer install

Then, update your apache config file to set your document root to the web subdirectory. This helps to secure your scripts which should normally be put inside the app/ folder.

<VirtualHost *:80>
	DocumentRoot /var/www/anti-xss-demo/web
	ServerName anti-xss-demo.example.com
</VirtualHost>

Note that in order to make the .htaccess effective, your main apache config file must allow subdirectory to override it.

<Directory "/var/www">
	AllowOverride All
</Directory>

Database Example:

CREATE TABLE `xss` (
	`id` INT(11) NOT NULL AUTO_INCREMENT,
	`xss` TEXT NOT NULL,
	`desc` TEXT NOT NULL,
	`keywords` VARCHAR(50) NULL DEFAULT '',
	`author` VARCHAR(50) NULL DEFAULT '',
	`date` TIMESTAMP NULL DEFAULT CURRENT_TIMESTAMP,
	PRIMARY KEY (`id`)
)
COLLATE='utf8mb4_general_ci'
ENGINE=InnoDB
AUTO_INCREMENT=1
;

##Structure

  • app/ contains all files for your app: models/, controllers/, views/ (Twig templates) and your config/ (configuration). Slim is instantiated in app/start.php
  • vendor/ contains the libraries for your application, and you can update them with composer.
  • web/ is for your assets: js/css/img files. It should be the only folder publically available so your domain should point to this folder. web/index.php bootstraps the rest of the application.

##Writable Directory

  • app/storage/cache/twig/ contains the twig template cache.
  • app/storage/logs/ contains the error logs.

License

Software licensed under the MIT license

About

This is a demo website for anti-xss via PHP. | http://anti-xss-demo.suckup.de/

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages