AcraCensor (SQL firewall) example project: see how to configure AcraCensor to prevent SQL injections in vulnerable OWASP web application.
Home Page: https://www.cossacklabs.com/acra/
Following instructions and calling:
docker-compose -f docker-compose.acra-censor-demo.yml upcauses an error
acra-keymaker_server uses an image, skipping
acra-keymaker_connector uses an image, skipping
acra-server uses an image, skipping
acra-connector uses an image, skipping
Building edoz90_mutillidae
[+] Building 2.8s (18/27)
=> CACHED [internal] load git source https://github.com/storojs72/docker-mutillidae.git 0.0s
=> [internal] load metadata for docker.io/library/alpine:latest 2.4s
=> [ 1/25] FROM docker.io/library/alpine:latest@sha256:21a3deaa0d32a8057914f36584b5288d2e5ecc984380bc0118285c70fa8c9300 0.0s
=> CACHED [ 2/25] RUN sed -i -e 's/v[[:digit:]]\.[[:digit:]]\+/edge/g' /etc/apk/repositories 0.0s
=> CACHED [ 3/25] RUN apk update && apk upgrade 0.0s
=> CACHED [ 4/25] RUN apk add logrotate rsyslog supervisor goaccess nginx php mariadb mariadb-client pwgen php-fpm vim b 0.0s
=> CACHED [ 5/25] RUN apk add php-mysqli php-mbstring php-session php-simplexml php-curl php-json 0.0s
=> CACHED [ 6/25] RUN adduser -H -D -g http http 0.0s
=> CACHED [ 7/25] RUN mkdir -p /usr/share/nginx/html 0.0s
=> CACHED [ 8/25] RUN mkdir -p /run/nginx 0.0s
=> CACHED [ 9/25] RUN chown -R http:http /usr/share/nginx/html 0.0s
=> CACHED [10/25] RUN chown -R mysql:mysql /var/lib/mysql 0.0s
=> CACHED [11/25] RUN mkdir -p /run/mysqld 0.0s
=> CACHED [12/25] RUN chown -R mysql:mysql /run/mysqld 0.0s
=> CACHED [13/25] RUN chmod 777 /var/tmp/ 0.0s
=> CACHED [14/25] ADD dist/install_db.sh /tmp/install_db.sh 0.0s
=> CACHED [15/25] RUN wget -q https://sourceforge.net/projects/mutillidae/files/latest/download -O mutillidae.zip 0.0s
=> ERROR [16/25] RUN unzip -q mutillidae.zip -d /usr/share/nginx/html/ 0.3s
------
> [16/25] RUN unzip -q mutillidae.zip -d /usr/share/nginx/html/:
#18 0.283 [mutillidae.zip]
#18 0.283 End-of-central-directory signature not found. Either this file is not
#18 0.283 a zipfile, or it constitutes one disk of a multi-part archive. In the
#18 0.283 latter case the central directory and zipfile comment will be found on
#18 0.283 the last disk(s) of this archive.
#18 0.283 unzip: cannot find zipfile directory in one of mutillidae.zip or
#18 0.283 mutillidae.zip.zip, and cannot find mutillidae.zip.ZIP, period.
------
executor failed running [/bin/sh -c unzip -q mutillidae.zip -d /usr/share/nginx/html/]: exit code: 9
ERROR: Service 'edoz90_mutillidae' failed to build : Build failed
The problem is due to an outdated url https://sourceforge.net/projects/mutillidae/files/latest/download in the Dockerfile in the project https://github.com/storojs72/docker-mutillidae.git which is given as the build context in docker-compose.acra-censor-demo.yml
I tried changing the context to a newer project: https://github.com/notdodo/docker-mutillidae which avoids the missing zip file error, but causes a new error:
[+] Building 0.4s (7/8)
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 32B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/storojs72/edoz90_mutillidae:latest 0.0s
=> [1/4] FROM docker.io/storojs72/edoz90_mutillidae:latest 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 37B 0.0s
=> CACHED [2/4] ADD ./configure_db.sh /tmp/configure_db.sh 0.0s
=> ERROR [3/4] RUN /bin/bash /tmp/configure_db.sh 0.3s
------
> [3/4] RUN /bin/bash /tmp/configure_db.sh:
#7 0.305 /bin/sh: /bin/bash: not found
------
executor failed running [/bin/sh -c /bin/bash /tmp/configure_db.sh]: exit code: 127
ERROR: Service 'mutillidae' failed to build : Build failed
related to https://github.com/cossacklabs/acra-censor-demo/blob/master/mutillidae/Dockerfile file, but I don't know how to solve it, or if changing the context is a good solution in the first place.
I would like to use the demo from this repository, so if you can, fix the bugs to make the instruction executable, please.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.