A browser based web app (module) to:
- Display the contents of a CSAF 2.0 document.
- Browse the tree of documents offered by a CSAF Provider or mirror via the ROLIE feed.
Note: As of 2023-12-14 all but one server do not allow web applications to read the CSAF information directly. So you will get failures due to CORS restrictions often. See oasis-tcs/csaf#653 for more details.
The envisoned usage is to be integrated in a larger application.
Therefore it is kept simple and stylable.
A backend can act as a proxy to avoid the problems caused by
CSAF Providers missing Access-Control-Allow-Origin: * headers.
Displaying a single document
Displaying a ROLIE-Feed
The deployment via github pages is a demo and thus may not reflect the current state of the source repository.
git clone https://github.com/csaf-poc/csaf_webview.git
cd csaf_webview
Install current LTS version of NodeJS, e.g. see https://github.com/nodesource/distributions/blob/master/README.md . Upgrade to the latest version of npm if you can. Development has been started with Node v20 and npm 10.2.1
npm install
npx playwright installOptionally add -- --open to directly open a browser.
npm run dev -- --open
npm run test:unit
npm run test:integration
npm run coverage
npm run build:ghpage
npm run deploy
In order to configure a proxy server use vite.config.js.
The default configuration is:
...
server: {
proxy: {
"/proxy/": {
target: "https://wid.cert-bund.de/",
changeOrigin: true,
rewrite: (path) => path.replace(/^\/proxy/, "")
}
}
},
...For more information look here.
Change target to the URL to be proxied.
-
csaf_webview is licensed as Free Software under MIT License.
-
See the specific source files for details, the licenses itself can be found in the directory
LICENSES/. -
The resulting webpage contains third party Free Software components under licenses that to our best knowledge are compatible at time of adding the dependency. See
package.jsonfor details.