Skip to content

Commit 6e70cec

Browse files
author
jay7958
committed
Added is_template=False to finding filters to better capture true metrics and reports. Added the api url to the exempt list, otherwise api calls would get redirected to loging page.
1 parent d21db12 commit 6e70cec

File tree

4 files changed

+22
-427
lines changed

4 files changed

+22
-427
lines changed

dojo/models.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,8 @@ class Product_Type(models.Model):
5252

5353
def findings_count(self):
5454
findings = Finding.objects.filter(active=True, mitigated__isnull=True,
55-
false_p=False, verified=True)
55+
false_p=False, verified=True,
56+
is_template=False)
5657
findings = findings.filter(Q(severity="Critical") |
5758
Q(severity="High") |
5859
Q(severity="Medium") |

dojo/settings.dist.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -153,6 +153,7 @@
153153
r'^metrics$',
154154
r'^metrics/product/type/(?P<mtype>\d+)$',
155155
r'^metrics/simple$',
156+
r'^api/v1/',
156157
)
157158

158159
# Python dotted path to the WSGI application used by Django's runserver.

dojo/templates/dojo/api_key.html

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,10 +29,10 @@ <h2> {{ name }}</h2>
2929
<pre>
3030
import requests
3131

32-
url = 'https://10.23.245.200:8000/api/v1/users'
32+
url = '{% if request.is_secure %}https{% else %}http{% endif %}://{{ request.META.HTTP_HOST }}/api/v1/users'
3333
headers = {'content-type': 'application/json',
3434
'Authorization': 'ApiKey {{ user.username }}:{{ key.key }}'}
35-
r = requests.get(url, headers=headers, verify=False) # don't verify ssl cert since it is self-signed
35+
r = requests.get(url, headers=headers, verify=True) # set verify to False if ssl cert is self-signed
3636

3737
for key, value in r.__dict__.iteritems():
3838
print key

0 commit comments

Comments
 (0)