Is your feature request related to a problem? Please describe.
Hi! Cyberchef is a very useful tool for contained testing and running regexes locally (running docker on your own laptop for instance). However, when more users in your organization need the same functionality it's better to host it for everyone to use. This creates some challenges when using the default options here -> https://github.com/gchq/CyberChef/blob/master/src/web/index.js#L42-L56
Mainly the updateUrl-option that's turned on (true) by default. This is the "Update the URL when the input or recipe changes" under "Options" in the frontend (see screenshot under "Additional context"). When you're using Cyberchef with sensitive data, that data populates the url and is stored in your browser history. That can lead to some unfortunate situations if you are using Cyberchef in meetings with clients to show them a usecase for instance or just end up being your default suggested auto-completion URL when typing in the address.
Describe the solution you'd like
Here's two possible solutions, either one would do the trick
Make defaultOptions configurable by config file. This will force first time Cyberchef-users to get the default values we set in the config. The options-menu in the frontend should still be available for those who want to override this as the preferences they choose will persist between sessions (according to description in the Options-meny). If we don't set anything in the config then use the current default values. (Defaults -> Config file -> User preference)
Add environment variables to override, maybe something like OVERRIDE_DEFAULT_OPTION_UPDATE_URL=false or other intuitive naming scheme that fits. As with the first solution this should still be possible to override on a user session level for those that want to. If we don't specify any environment variables, then use the default values. (Defaults -> Env -> User preference)
Describe alternatives you've considered
So far the alternatives seem to be either:
Make a fork and change the hardcoded default value either by patching the file or manually changing the value(s) in index.js
Make a fork and run a sed-command in the building stage to change the value
Try to change the compiled values by using Dockerfile to set base image (FROM ghcr.io/gchq/cyberchef:10.18.9) and run sed-commands to change values. I found updateUrl in /usr/share/nginx/html/index.html and under /usr/share/nginx/html/assets/main.js , but since it's the compiled version there's a lot of special characters and stuff from other places in the code bundled in. There might be files I have yet to uncover that needs to be updated as well.
TL;DR -> None of these alternatives are ideal or good solutions in the long run as it's bound to break eventually.
Is your feature request related to a problem? Please describe. Hi! Cyberchef is a very useful tool for contained testing and running regexes locally (running docker on your own laptop for instance). However, when more users in your organization need the same functionality it's better to host it for everyone to use. This creates some challenges when using the default options here -> https://github.com/gchq/CyberChef/blob/master/src/web/index.js#L42-L56
Mainly the
updateUrl-option that's turned on (true) by default. This is the "Update the URL when the input or recipe changes" under "Options" in the frontend (see screenshot under "Additional context"). When you're using Cyberchef with sensitive data, that data populates the url and is stored in your browser history. That can lead to some unfortunate situations if you are using Cyberchef in meetings with clients to show them a usecase for instance or just end up being your default suggested auto-completion URL when typing in the address.Describe the solution you'd like Here's two possible solutions, either one would do the trick
defaultOptionsconfigurable by config file. This will force first time Cyberchef-users to get the default values we set in the config. The options-menu in the frontend should still be available for those who want to override this as the preferences they choose will persist between sessions (according to description in the Options-meny). If we don't set anything in the config then use the current default values. (Defaults -> Config file -> User preference)OVERRIDE_DEFAULT_OPTION_UPDATE_URL=falseor other intuitive naming scheme that fits. As with the first solution this should still be possible to override on a user session level for those that want to. If we don't specify any environment variables, then use the default values. (Defaults -> Env -> User preference)Describe alternatives you've considered So far the alternatives seem to be either:
index.jssed-command in the building stage to change the valueFROM ghcr.io/gchq/cyberchef:10.18.9) and runsed-commands to change values. I foundupdateUrlin/usr/share/nginx/html/index.htmland under/usr/share/nginx/html/assets/main.js, but since it's the compiled version there's a lot of special characters and stuff from other places in the code bundled in. There might be files I have yet to uncover that needs to be updated as well.TL;DR -> None of these alternatives are ideal or good solutions in the long run as it's bound to break eventually.
Additional context The options menu in question.
If anything is unclear then please reach out! 😅