diff --git a/CHANGELOG.md b/CHANGELOG.md index 1c60d7d..5b376bd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,34 @@ +1.1.3 / 2018-03-26 +================== + +**General** + +* [SECURITY] Fixed XSS in team name field on team deletion. (#592) +* Fixed an issue where MariaDB defaults in Docker Compose caused difficult to debug 500 errors. (#566) +* Improved Docker usage: + * Redis cache + * Configurable amount of workers + * Easier to access logs + * Plugin requirements are installed on image build. + * Switched from the default gunicorn synchronous worker to gevent +* Fixed an issue where ties would be broken incorrectly if there are challenges that are worth 0 points. (#577) +* Fixed update checks not happening on CTFd start. (#595) +* Removed the static_html handler to access raw HTML files. (#561) + * Pages is now the only supported means of accessing/creating a page. +* Removed uwsgi specific configuration files. +* Fixed issue with Docker image having a hard coded database host name. (#587) + +**Themes** + +* Fixed scrollbar showing on pages that are smaller than the screen size (#589) +* Fixed displaying the team rank while in workshop mode. (#590) +* Fixed flag modal not clearing when creating multiple new flags. (#594) + +**Plugins** + +* Add a utility decorator to allow routes to forego CSRF protection. (#596) + + 1.1.2 / 2018-01-23 ================== @@ -21,12 +52,12 @@ * Fixed regression where users could not be promoted to admins or verified. * Fixed two icons in the Media Library which were not updated to Font Awesome 5. -* Challenge previews now include tags, hints, and files. +* Challenge previews now include tags, hints, and files. * Fixed an issue where a page could not be published immediately after being saved. **Themes** -* Upgraded to Bootstrap 4 Beta v3. No major changes needed by themes. +* Upgraded to Bootstrap 4 Beta v3. No major changes needed by themes. * Fixed issue where the frozen message was not centered in the team page. * The JavaScript `update()` function now has a callback instead of being hardcoded. * `chalboard.js` now passes `script_root` into the Nunjucks templates so that file downloads work properly under subdirectories. diff --git a/CTFd/__init__.py b/CTFd/__init__.py index 0e959d0..1f25654 100644 --- a/CTFd/__init__.py +++ b/CTFd/__init__.py @@ -17,7 +17,7 @@ if sys.version_info[0] < 3: reload(sys) sys.setdefaultencoding("utf-8") -__version__ = '1.1.2' +__version__ = '1.1.3' class CTFdFlask(Flask): diff --git a/README.md b/README.md index f3a1b2d..ac78ec7 100644 --- a/README.md +++ b/README.md @@ -35,8 +35,13 @@ CTFd is a Capture The Flag framework focusing on ease of use and customizability 1. Run `./prepare.sh` to install dependencies using apt. 2. Modify [CTFd/config.py](https://github.com/CTFd/CTFd/blob/master/CTFd/config.py) to your liking. 3. Use `python serve.py` in a terminal to drop into debug mode. - 4. [Here](https://github.com/CTFd/CTFd/wiki/Deployment) are some deployment options - 5. You can check out the [Getting Started](https://github.com/CTFd/CTFd/wiki/Getting-Started) guide for a breakdown of some of the features you need to get started. + +Or you can use Docker with the following command: + +`docker run -p 8000:8000 -it ctfd/ctfd` + + * [Here](https://github.com/CTFd/CTFd/wiki/Basic-Deployment) are some deployment options + * You can check out the [Getting Started](https://github.com/CTFd/CTFd/wiki/Getting-Started) guide for a breakdown of some of the features you need to get started. ## Live Demo https://demo.ctfd.io/ @@ -47,10 +52,10 @@ To get basic support, you can join the [CTFd Slack Community](https://slack.ctfd If you prefer commercial support or have a special project, send us an email: [support@ctfd.io](mailto:support@ctfd.io). ## Managed Hosting -Looking to use CTFd but don't want to deal with managing infrastructure? Check out [the CTFd website](https://ctfd.io/) for managed CTFd deployments. +Looking to use CTFd but don't want to deal with managing infrastructure? Check out [the CTFd website](https://ctfd.io/) for managed CTFd deployments. ## HackerFire -Looking for CTF challenges to work on? [HackerFire](https://hackerfire.com/) is a learning focused CTF built using CTFd. It features a wide variety of challenges and is updated with new content frequently. It also contains custom knowledge resources to teach newcomers about the techniques used to solve a challenge. +Looking for CTF challenges to work on? [HackerFire](https://hackerfire.com/) is a learning focused CTF built using CTFd. It features a wide variety of challenges and is updated with new content frequently. It also contains custom knowledge resources to teach newcomers about the techniques used to solve a challenge. ## Credits * Logo by [Laura Barbera](http://www.laurabb.com/) diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 8cc99f8..4b1db4c 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -25,6 +25,10 @@ if [ -n "$DATABASE_URL" ] sleep 1; fi +if [ -z "$WORKERS" ]; then + WORKERS=1 +fi + # Start CTFd echo "Starting CTFd" gunicorn 'CTFd:create_app()' \