lib/ui/web/server/views/instance.erb in arachni-0.2.2.2 vs lib/ui/web/server/views/instance.erb in arachni-0.2.3

@@ -1,32 +1,32 @@
 
         <div id="page-intro">
-            <h2 id="page_header">Attached to instance on port <%=params['port']%></h2>
+            <h2 id="page_header">Attached to instance @<%=sanitize_url( params['url'] )%></h2>
             <p id="page_description">
                 This page allows you to see what's going on at the other end of the wire (i.e. get status messages directly from the remote scanner).
                 <br/>
                 <br/>
             </p>
 
             <div id="control_buttons">
                 <%if !shutdown %>
 
                 <%if !paused %>
-                    <form action="/instance/<%=params['port']%>/pause" method="post">
+                    <form action="/instance/<%=sanitize_url( params['url'] )%>/pause" method="post">
                         <%= csrf_tag %>
                         <input type="submit" value="Pause" />
                     </form>
                 <%end%>
 
                 <%if paused %>
-                <form action="/instance/<%=params['port']%>/resume" method="post">
+                <form action="/instance/<%=sanitize_url( params['url'] )%>/resume" method="post">
                     <%= csrf_tag %>
                     <input type="submit" value="Resume" />
                 </form>
                 <%end%>
 
-                <form action="/instance/<%=params['port']%>/shutdown" method="post" target="_blank">
+                <form action="/instance/<%=sanitize_url( params['url'] )%>/shutdown" method="post">
                     <%= csrf_tag %>
                     <input type="submit" value="Shutdown" />
                 </form>
 
                 <% end %>
@@ -128,11 +128,11 @@
                     percentage = (stats.auditmap_size / stats.sitemap_size) * 100
                     document.getElementById( 'percentage' ).innerHTML = parseInt( percentage );
                 }
 
                 function updateProgressBar(){
-                    var stats_url = "/instance/<%= params['port'].to_i.to_s %>/stats.json";
+                    var stats_url = "/instance/<%= escape( params['url'].to_s ) %>/stats.json";
                     $.getJSON( stats_url, function(data) {
                         if( data.stats == undefined ){ return }
                         setStats( data.stats );
                         percentage = (data.stats.auditmap_size / data.stats.sitemap_size) * 100
                         setProgressBar( percentage );
@@ -140,11 +140,11 @@
                 }
 
                 function updateOutput() {
                     if( !document.getElementById( 'output' ) ) return;
 
-                    var output_url = "/instance/<%= params['port'].to_i.to_s %>/output.json";
+                    var output_url = "/instance/<%= escape( params['url'].to_s ) %>/output.json";
                     $.getJSON( output_url, function(data) {
 
                         if( data.status == 'finished' ){
                             showShutdownDialog( );
                         } else {
@@ -161,10 +161,10 @@
                 }
 
                 function updateResults() {
                     if( !document.getElementById( 'output_results' ) ) return;
 
-                    var output_results_url = "/instance/<%= params['port'].to_i.to_s %>/output_results.json";
+                    var output_results_url = "/instance/<%= escape( params['url'].to_s ) %>/output_results.json";
                     $.getJSON( output_results_url, function(data) {
                         document.getElementById( 'output_results' ).innerHTML = data.data;
                     });
                 }