litmuschaos / website-litmuschaos Goto Github PK

SUMMARY

The requirement to animate the conveyor belt carrying the test tubes in a way that it stays in motion and new test tubes gets generated on the left after each test tube reaches the end. preferably using physics-based animation/gatsby substitute for physics-based animation package.

SCREENSHOT

COMPONENTS WHICH REQUIRE CHANGE

• ConveryorBelt.tsx [A GraphQL fluid image fetch]

File: ./whylitmus/Features.tsx

Line 94 <ConveryorBelt />

ISSUE TYPE

• Feature Request

CONTACT PERSON

• Sayan Mondal
• Arkajyoti Mukherjee

GUIDELINES

• Sign your commits by doing a git commit -s -m "<commit message>" [Required]
• Add comments based on the logic you've implemented

Please send all Pull Requests to staging branch and not master

Thanks for taking the time to read this issue. In order for Litmus to clarify your doubts effectively, provide us a few hours to reply back.

Related to #118

On mobile Navbar doesn't scroll with menu, and it doesn't close until user scroll backs to top
i think it should either scroll with navbar or should automatically close on scroll

Hamburger menu when clicked in mobile-view it is covering the entire display to show the buttons of the navigation bar.
One option can be that there can be a translucent view of the website in the background or it can shift the website contents a little below so that it does feel as a fluent view.

For #118

In mobile inside "Get started with Litmus" section if we click on any link, it seems like nothing is happening

Suggested behaviour:

to give user better experience, on click of any of these links should scroll up to terminal to display terminal

SUMMARY

Using gatsby-plugin-transition-link to add top to bottom page transition in the Litmus Website. This transition link change should not affect previously passed props or state changes in the pages.

####TRANSITION TYPE

For a more detailed understanding click on 'Go to page 2 that way 👇 and animate in the next page' of this demo. This is the behaviour we are expecting on navigating to different pages on clicking the navbar items. Except Getting Started at Navbar

COMPONENTS WHICH REQUIRE CHANGE

• Nav.tsx

File: ./nav/Nav.tsx

ISSUE TYPE

• Feature Request

CONTACT PERSON

• Sayan Mondal
• Arkajyoti Mukherjee

GUIDELINES

• Sign your commits by doing a git commit -s -m "<commit message>" [Required]
• Add comments based on the logic you've implemented

Please send all Pull Requests to staging branch and not master

Thanks for taking the time to read this issue. In order for Litmus to clarify your doubts effectively, provide us a few hours to reply back.

For #118

Risk description:
Because the X-Frame-Options header is not sent by the server, an attacker could embed this website into an iframe of a third party website. By manipulating the display attributes of the iframe, the attacker could trick the user into performing mouse clicks in the application, thus performing activities without user's consent (ex: delete user, subscribe to newsletter, etc). This is called a Clickjacking attack and it is described in detail here:
https://owasp.org/www-community/attacks/Clickjacking

The X-XSS-Protection HTTP header instructs the browser to stop loading web pages when they detect reflected Cross-Site Scripting (XSS) attacks. Lack of this header exposes application users to XSS attacks in case the web application contains such vulnerability.

The HTTP X-Content-Type-Options header is addressed to Internet Explorer browser and prevents it from reinterpreting the content of a web page (MIME-sniffing) and thus overriding the value of the Content-Type header). Lack of this header could lead to attacks such as Cross-Site Scripting or phishing.

Recommendation:
We recommend you to add the X-Frame-Options HTTP response header to every page that you want to be protected against Clickjacking attacks.
More information about this issue:
https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html

We recommend setting the X-XSS-Protection header to "X-XSS-Protection: 1; mode=block".
More information about this issue:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection

We recommend setting the X-Content-Type-Options header to "X-Content-Type-Options: nosniff".
More information about this issue:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options

Source:
https://pentest-tools.com/website-vulnerability-scanning/website-scanner#

The Get Started links redirecting to: https://docs.litmuschaos.io/docs/getstarted/
instead of https://docs.litmuschaos.io/docs/getting-started/installation/

Find bugs in our website and get Litmus swags!

We'd love to know about any security exploits or vulnerability in our website. Do a thorough scan a tell us if you encounter any bugs on the way.

Website: https://litmuschaos.io/

Exploring bugs on any of the following would suffice

• Checking Responsive issues
• Exploring Security exploits
• Checking Traffic
• UX Behaviour

ISSUE TYPE

• Bug Hunt

CONTACT PERSON

• Sayan Mondal
• Arkajyoti Mukherjee

GUIDELINES

• Sign your commits by doing a git commit -s -m "<commit message>" [Required]
• Add comments based on the logic you've implemented

Thanks for taking the time to read this issue. In order for Litmus to clarify your doubts effectively, provide us a few hours to reply back.

For different views, different images are used in this section and image is used as a hyperlink which is not considered good practice in terms of responsiveness.
This can be solved as already we are using angular so we can re-design the whole section