commit d19c3d9cd0ac86cba7ed341402c4c2b56a956208 Author: Nik Mitev Date: Sun Jul 20 10:05:53 2025 +0000 init diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..f288702 --- /dev/null +++ b/LICENSE @@ -0,0 +1,674 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + Copyright (C) + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +. diff --git a/README.md b/README.md new file mode 100644 index 0000000..3a88fc7 --- /dev/null +++ b/README.md @@ -0,0 +1,39 @@ +License: GNU GPLv3 + +This is an open source project I have been working on in my free time. +At present, it can import nessus and pingcastle reports, review, merge and delete issues (amend descriptions DIEs etc) and create a report in the standard format as output by Dradis - except a good bit better and faster. + +There is lots to be done on it still, and the ONLY focus so far has been getting it to the point where it can be used for reporting. I have built my last to reports with it and it saved me a lot of time, but it is insecure, not very user friendly and more than likely buggy. Run on localhost only, don't expose externally. Work in (slow) progress. + + +## To Run the App: + + - source the virtual environment + ```bash + $ source venv/bin/activate + ``` + - start postgresql + - Native: + TODO + - Docker: + ```bash + $ cd postgres-docker + postgres-docker $ docker-compose up -d + Starting my_postgres ... done + postgres-docker $ docker exec -it my_postgres psql -U flask -d xhq -f /schema.sql + ... + ... + postgres-docker $ docker exec -it my_postgres psql -U flask -d xhq -f /library.sql + ``` + - start the app + ```bash + $ ./start-app + * Serving Flask app "app.py" (lazy loading) + * Environment: development + * Debug mode: on + * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit) + * Restarting with stat + * Debugger is active! + * Debugger PIN: 123-123-123 + ``` + diff --git a/assets/favicon.svg b/assets/favicon.svg new file mode 100644 index 0000000..bb30a70 --- /dev/null +++ b/assets/favicon.svg @@ -0,0 +1,242 @@ + + + +image/svg+xml \ No newline at end of file diff --git a/assets/logo.svg b/assets/logo.svg new file mode 100644 index 0000000..1ffab2f --- /dev/null +++ b/assets/logo.svg @@ -0,0 +1,184 @@ + + + +image/svg+xml \ No newline at end of file diff --git a/assets/xhq.dia b/assets/xhq.dia new file mode 100644 index 0000000..ece880d Binary files /dev/null and b/assets/xhq.dia differ diff --git a/certauth.sh b/certauth.sh new file mode 100755 index 0000000..9a34846 --- /dev/null +++ b/certauth.sh @@ -0,0 +1,35 @@ +#!/usr/bin/env bash +if [ "$(id -u)" -ne "0" ]; then + echo "This script must be run as root" >&2 + exit 1 +fi + +if [ "$1" = 'enable' ]; then + if [ -f /srv/easyrsa/pki/ca.crt ]; then + cp /srv/easyrsa/pki/ca.crt /etc/nginx/client_certs_ca.crt + else + echo 'Error: No client CA certificate at /srv/easyrsa/pki/ca.crt' + fi + + if [ -f /srv/haxfarm/xhq-certauth.nginx.site.conf ]; then + cp /srv/haxfarm/xhq-certauth.nginx.site.conf /etc/nginx/sites-available/xhq-certauth + rm /etc/nginx/sites-enabled/xhq + ln -s /etc/nginx/sites-available/xhq-certauth /etc/nginx/sites-enabled/xhq + else + echo 'Error: Config file missing (/srv/haxfarm/xhq-certauth.nginx.site.conf)' + fi + + if /usr/sbin/nginx -t; then + systemctl restart nginx + fi +elif [ "$1" = 'disable' ]; then + rm /etc/nginx/sites-enabled/xhq + ln -s /etc/nginx/sites-available/xhq /etc/nginx/sites-enabled/xhq + + if /usr/sbin/nginx -t; then + systemctl restart nginx + fi +else + echo "Usage: $0 enable | disable" +fi + diff --git a/haxhq/docx_templates/audit_report_template.docx b/haxhq/docx_templates/audit_report_template.docx new file mode 100644 index 0000000..2e78b35 Binary files /dev/null and b/haxhq/docx_templates/audit_report_template.docx differ diff --git a/haxhq/docx_templates/pentest_report_template.docx b/haxhq/docx_templates/pentest_report_template.docx new file mode 100644 index 0000000..b37025b Binary files /dev/null and b/haxhq/docx_templates/pentest_report_template.docx differ diff --git a/haxhq/docx_templates/report_template_audit.docx b/haxhq/docx_templates/report_template_audit.docx new file mode 100644 index 0000000..0e6c85d Binary files /dev/null and b/haxhq/docx_templates/report_template_audit.docx differ diff --git a/haxhq/docx_templates/vulnscan_report_template.docx b/haxhq/docx_templates/vulnscan_report_template.docx new file mode 100644 index 0000000..dcd40e3 Binary files /dev/null and b/haxhq/docx_templates/vulnscan_report_template.docx differ diff --git a/haxhq/haxhq/app.py b/haxhq/haxhq/app.py new file mode 100644 index 0000000..def61d4 --- /dev/null +++ b/haxhq/haxhq/app.py @@ -0,0 +1,1369 @@ +import psycopg2 +import logging +import pylibmc +import json +import re +import click +from os import path +from flask_session import Session +from datetime import date, datetime, timedelta +from flask import Flask, session, request, render_template, url_for, flash, redirect, jsonify, abort, send_from_directory, send_file, make_response +from flask_wtf.csrf import CSRFProtect +from urllib.parse import unquote_plus +from werkzeug.utils import secure_filename +from collections import namedtuple +from inspect import currentframe, getframeinfo +import xhq.engagement +import xhq.hacking +import xhq.library +import xhq.reporting +import xhq.forms +import xhq.mkdoc +import xhq.auth +import xhq.stats +import xhq.reports +import xhq.admin +from xhq.config import TEMPLATE_FOLDER +from xhq.authorise_config import engagement_types, get_default_route +from xhq.auth import login_required +from xhq.util import get_db, logerror, mc, send_email, email_enabled + +app = Flask(__name__) +app.config.from_object('def_settings') + +app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=8) +sess = Session() +sess.init_app(app) + +csrf = CSRFProtect() +csrf.init_app(app) + +#stripe.api_key = app.config['STRIPE_DEV_KEY'] + +#mc = pylibmc.Client(["127.0.0.1"], binary=True, behaviors={"tcp_nodelay": True, "ketama": True}) +logging.basicConfig(filename='../logs/haxhq.log',format='%(asctime)s %(filename)s [%(lineno)d] %(levelname)s:%(message)s') +logger = logging.getLogger(__name__) +logger.setLevel('INFO') +logger.setLevel('DEBUG') + +def allowed_file(filename): + logger.debug('checking file extension') + return '.' in filename and filename.rsplit('.', 1)[1].lower() in app.config['ALLOWED_EXTENSIONS'] + +@app.cli.command('initdb') +def initdb_command(): + """Initializes the database.""" + conn = get_db() + curs = conn.cursor() + with app.open_resource('schema.sql') as f: + curs.execute(f.read()) + conn.commit() + conn.close() + print('Initialized the database.') + +@app.cli.command('check_connectivity') +def check_connectivity_command(): + '''Checks if network settings allow python updates and sending email''' + if xhq.admin.check_env(): + print('Checks completed successuly') + +@app.cli.command('init_ca') +def init_ca_command(): + '''Initialise the integrated Certificate Authority''' + status = xhq.admin.init_ca() + if status['success']: + print('HaxHQ Root CA initialised') + else: + print(status['error']) + +@app.cli.command('enable_client_cert_auth') +def enable_client_cert_auth_command(): + '''Update nginx config to require and verify client certificates and reload it''' + status = xhq.admin.enable_cert_auth() + if status['success']: + print('Client certificate authentication enabled') + else: + print(status['error']) + +@app.cli.command('disable_client_cert_auth') +def disable_client_cert_auth_command(): + '''Update nginx config to stop requiring client certificates and reload it''' + status = xhq.admin.disable_cert_auth() + if status['success']: + print('Client certificate authentication disabled') + else: + print(status['error']) + +@app.cli.command('get_client_cert') +@click.option('--password', prompt='Please enter password: ', help='The password to encrypt the certificate with') +@click.argument('email') +def get_client_cert_command(email, password): + '''Generate or renew (if required) client certificate and print path ot .p12 file''' + status = xhq.admin.get_client_cert(email, password) + if status['success']: + print('Client certificate is at: ' + status['data'][0]) + else: + print(status['error']) + +@app.cli.command('issue_server_cert') +def issue_server_cert_command(): + '''Generate or renew (if required) a server certificate and private key''' + status = xhq.admin.app_cert_issue() + if status['success']: + print('Server certificate issued') + else: + print(status['error']) + +@app.cli.command('updatepass') +@click.option('--password', prompt='Please enter the new password', help='The password to set for the account') +@click.argument('email') +def updatepass_command(email, password): + '''Updates an existing user's password''' + if xhq.admin.update_pass(password, email=email): + print('Password updated') + +@app.route('/checktoken') +def checktoken(): + if 'logged_in' in session and session['logged_in']: + logger.debug('session present') + if 'email' in session and 'user_id' in session and 'user_groups' in session: + redirect_to = get_default_route() + logger.debug('user group is ' + session['user_groups'][0] + ' redirecting to ' + redirect_to) + return redirect(url_for(redirect_to)) + else: + logerror(__name__, getframeinfo(currentframe()).lineno, 'partial session: ' + repr(session)) + + # if the user is not fully logged in, reset/create a session on accessing the login or root page + logger.debug('not logged in, adding empty session') + xhq.auth.add_session() + + token = request.args.get('token') + if token: + logger.debug('attempting token auth') + if xhq.auth.authenticate(token): + data = {'subtitle': 'Token authenticated', 'user_groups': session['user_groups'], 'user': session['nickname']} + return render_template('usetoken.j2', **data) + elif session['tokenverified']: + if session['otp_secret']: + logger.debug('otp secret exists') + return redirect(url_for('check_2fa')) + elif session['mfa_required']: + logger.debug('no otp secret stored but mfa is required: ' + repr(session['mfa_required'])) + return redirect(url_for('setup_mfa')) + else: + logger.debug('token auth failed') + return redirect(url_for('login')) + else: + logger.debug('no token in request, redirecting to login') + return redirect(url_for('login')) + +@app.route('/') +@app.route('/login', methods=['GET', 'POST']) +def login(): + if request.method == 'GET': + if xhq.auth.check_session(): + logger.debug('session present') + redirect_to = get_default_route() + logger.debug('user group is {} redirecting to {}'.format(session['user_groups'][0], redirect_to)) + return redirect(url_for(redirect_to)) + else: + # if the user is not fully logged in, reset/create a session on accessing the login or root page + #flask.Response.delete_cookie('haxhq_session') + xhq.auth.add_session() + + form = xhq.forms.get_form('login') + data = {'subtitle': 'Login', 'page': 'login', 'user_groups': []} + if 'SENDER_DOMAIN' in app.config and app.config['SENDER_DOMAIN'] == 'haxhq.com': + data['demo'] = True + else: + data['demo'] = False + + logo_dict = xhq.admin.get_login_logo() + for k in logo_dict['data'].keys(): + data[k] = logo_dict['data'][k] + + return render_template('login.j2', **data, form=form) + else: + form = xhq.forms.get_form('login') + if form.validate_on_submit(): + xhq.auth.authenticate() + if session['logged_in']: + logger.debug('successful authentication, user logged in: ' + repr(session['logged_in'])) + redirect_to = get_default_route() + logger.debug('user group is ' + session['user_groups'][0] + ' redirecting to ' + redirect_to) + return redirect(url_for(redirect_to)) + elif 'otp_secret' in session and session['otp_secret']: + logger.debug('otp secret exists') + return redirect(url_for('check_2fa')) + elif 'mfa_required' in session and session['mfa_required']: + logger.debug('no otp secret stored but mfa is required: ' + repr(session['mfa_required'])) + return redirect(url_for('setup_mfa')) + else: + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + flash('Authentication failed', 'error') + return render_template('login.j2', form=form) + +@app.route('/check_2fa', methods=['GET', 'POST']) +def check_2fa(): + if not (session['pass_checked'] or session['tokenverified']): + logger.debug('2fa check without prior auth, rejecting') + abort(401) + + data = {'subtitle': 'Login', 'user_groups': []} + form = xhq.forms.get_form('2fa_check') + if request.method == 'GET': + return render_template('check_2fa.j2', **data, form=form) + else: + if form.validate_on_submit(): + user = xhq.auth.check_2fa() + if user: + logger.info('2fa check successful: ' + session['email']) + xhq.auth.login(user) + redirect_to = 'usersettings' if session['tokenverified'] else get_default_route() + logger.debug('user group is ' + session['user_groups'][0] + ' redirecting to ' + redirect_to) + return redirect(url_for(redirect_to)) + else: + flash('Bad OTP code, please try again', 'error') + logging.warn('2fa check failed for user ' + session['email']) + else: + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + return render_template('check_2fa.j2', **data, form=form) + +@app.route('/disable_2fa', methods=['POST']) +@login_required +def disable_2fa(): + form = xhq.forms.get_form('2fa_check') + if form.validate_on_submit(): + logger.debug('otp form data is valid') + if xhq.auth.check_2fa(): + logger.debug('2FA otp_code verified, disabling 2fa') + if xhq.admin.disable_2fa(): + flash('2FA disabled', 'info') + return redirect(url_for('usersettings')) + else: + logger.debug('incorrect 2fa code submitted') + flash('Incorrect 2FA code, please try again', 'error') + else: + logger.debug('invalid otp code, form validation failed') + flash('Invalid OTP code, 6 digits expected', 'error') + + return redirect(url_for('usersettings')) + +@app.route('/setup_mfa', methods=['GET', 'POST']) +def setup_mfa(): + if not (session['pass_checked'] or session['tokenverified'] or session['logged_in']): + logger.debug('unauthenticated access to setup_mfa route') + abort(401) + + if 'qr_img' in session and session['qr_img'] and 'otp_secret' in session and session['otp_secret']: + logger.debug('using stored mfa setup data') + data = {'subtitle': 'Enable two-factor authentication', 'user_groups': [], 'img': session['qr_img'], + 'secret': session['otp_secret'], 'email_enabled': email_enabled()} + else: + logger.debug(repr(session)) + logger.debug('creating new opt secret and qr image') + data = xhq.auth.setup_mfa() + if not data: + # for resetting MFA, the dedicated route should be used as that verifies access to the existing one + logger.warn('setup_mfa route used when mfa already enabled') + abort(401) + + form = xhq.forms.get_form('2fa_check') + if request.method == 'POST': + logger.debug('otp_code submitted') + if form.validate_on_submit(): + logger.debug('otp form data is valid') + if xhq.auth.check_2fa(): + logger.debug('2FA otp_code verified, saving new otp_secret') + flash('MFA successfully set up', 'info') + user = xhq.auth.setup_mfa(save=True) + if user: + logger.debug('secret saved, logging the user in') + xhq.auth.login(user) + logger.debug('user group is ' + session['user_groups'][0]) + redirect_to = 'usersettings' if session['tokenverified'] else get_default_route() + logger.debug('redirecting to ' + redirect_to) + return redirect(url_for(redirect_to)) + else: + flash('wrong code, please try again', 'error') + logging.info('wrong otp code submitted') + else: + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + return render_template('setup_mfa.j2', **data, form=form) + +@app.route('/enable_2fa') +@login_required +def enable_2fa(): + form = xhq.forms.get_form('2fa_check') + data = xhq.auth.setup_mfa() + data = data | {'subtitle': 'Enable 2FA', 'user': session['nickname'], + 'user_groups': session['user_groups'], 'has_stats': session['has_stats']} + if not data: + # for resetting MFA, the dedicated route should be used as that verifies access to the existing one + logger.warn('setup_mfa route used when mfa already enabled') + abort(401) + + return render_template('setup_mfa.j2', **data, form=form) + +@app.route('/logout') +def logout(): + if xhq.auth.logout(): + data = {'subtitle': 'Login', 'page': 'login', 'user_groups': []} + if 'SENDER_DOMAIN' in app.config and app.config['SENDER_DOMAIN'] == 'haxhq.com': + data['demo'] = True + else: + data['demo'] = False + + logo_dict = xhq.admin.get_login_logo() + for k in logo_dict['data'].keys(): + data[k] = logo_dict['data'][k] + + form = xhq.forms.get_form('login') + + resp = make_response(render_template('login.j2', **data, form=form)) + resp.set_cookie('sessionID', '', expires=0) + return resp + else: + logerror(__name__, getframeinfo(currentframe()).lineno, 'Logout fail') + return redirect(request.referrer) + +@app.route('/reset_pass', methods=['GET', 'POST']) +def reset_pass(): + if 'SENDER_DOMAIN' in app.config and app.config['SENDER_DOMAIN'] == 'haxhq.com': + demo = True + else: + demo = False + + data = {'subtitle': 'Reset password', 'page': 'reset_pass', 'user_groups': [], 'email_enabled': email_enabled(), 'demo': demo} + form = xhq.forms.get_form('reset_pass') + if request.method == 'GET': + return render_template('reset_pass.j2', **data, form=form) + else: + if form.validate_on_submit(): + user = request.form['user'] + status = xhq.auth.reset_pass(user) + if status['success']: + flash('If the user exists, a password reset email has been sent', 'info') + else: + logger.warn('failed to send reset email: ' + status['error']) + flash(status['error'], 'error') + else: + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + return render_template('reset_pass.j2', **data, form=form) + +@app.route('/engagement', methods=['GET', 'POST']) +@login_required +def engagement(): + form = xhq.forms.get_form('new_engagement') + user_groups = session['user_groups'] + #for group in user_groups: + # for choice in engagement_types[group]: + # form.test_type.choices.append(choice) + + #if len(form.test_type.choices) == 1: + # _test_type = form.test_type.choices[0][0] + # form.test_type.render_kw = {'class': 'form_right hidden'} + + if 'hackers' not in user_groups: + del form.test_type + + data = xhq.engagement.get_vars() + if 'error' in data: + flash('error determining active engagement, please activate one to resolve', 'error') + return render_template('engagement.j2', **data, form=form) + + if request.method == 'POST': + if form.validate_on_submit(): + logger.debug('engagement form validated') + if xhq.engagement.save_form(): + flash('Engagement created', 'info') + data = xhq.engagement.get_vars() + return redirect(url_for('engagement')) + else: + flash('Error creating engagement', 'error') + else: + logger.debug('engagement form failed to validate') + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + return render_template('engagement.j2', **data, form=form) + +@app.route('/dummy_eng') +@login_required +def dummy_eng(): + logger.debug('creating a dummy engagement') + eng_type = request.args.get('eng_type') + if not xhq.engagement.create_dummy(eng_type): + flash('Error creating dummy engagement', 'error') + + return redirect(url_for('engagement')) + +@app.route('/hacking/', methods=['GET', 'POST']) +@login_required +def hacking(hid): + if request.method == 'POST': + if hid == 'filter': + filterform = xhq.forms.get_form('hostfilter') + form = xhq.forms.get_form('upload_file') + # preserve the content of the filter form, even if it doesn't validate + obj = None + params = { param:value for (param, value) in request.form.items() if value } + del params['csrf_token'] + if params: + fdata = tuple(params.values()) + FormData = namedtuple('FormData', ', '.join(params.keys())) + obj = FormData._make(fdata) + + if filterform.validate_on_submit(): + res = xhq.hacking.get_vars({'view': 'filter'}) + logger.debug('got filtered data: ' + str(len(res['data']))) + filterform = xhq.forms.get_form('hostfilter', obj=obj) + return render_template('hacking.j2', **res, form=form, filterform=filterform) + else: + logger.debug('host filter form failed to validate') + if filterform.errors: + for field, errors in filterform.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + filterform = xhq.forms.get_form('hostfilter', obj=obj) + res = xhq.hacking.get_vars({'view': 'main'}) + return render_template('hacking.j2', **res, form=form, filterform=filterform) + else: + logger.info('unexpected post request') + return redirect(url_for('hacking', hid='main')) + else: + if re.match('^\d+$', hid): + data = xhq.hacking.get_vars({ 'view': 'host', 'hid': hid }) + if not data['host']: + return redirect(url_for('hacking', hid='main')) + + return render_template('showhost.j2', **data) + elif hid == 'main': + data = xhq.hacking.get_vars({'view': 'main'}) + form = xhq.forms.get_form('upload_file') + filterform = xhq.forms.get_form('hostfilter') + + msgkey = 'messages_' + str(session['user_id']) + if msgkey in mc: + logger.debug(msgkey + ' present in mc') + messages = mc[msgkey].strip('##').split('##') + if messages: + for msg in messages: + if msg: + logger.debug('flashing: ' + msg) + flash(msg, 'error') + mc[msgkey] = '' + + prockey = 'processing_' + str(session['user_id']) + if prockey in mc: + logger.info('clearing stale processing flag: ' + repr(mc[prockey])) + mc[prockey] = False + + + return render_template('hacking.j2', **data, form=form, filterform=filterform) + else: + logger.info('bad host id: {}'.format(hid)) + abort(404) + +@app.route('/reporting/', methods=['GET', 'POST']) +@login_required +def reporting(iid): + if not (iid == 'all' or re.match('^\d+$', iid)): + logger.info('bad issue id: {}'.format(iid)) + abort(404) + + if request.method == 'GET': + data = xhq.reporting.get_vars(iid) + if iid == 'all': + form = xhq.forms.get_form('dummy') + return render_template('reporting.j2', **data, form=form) + else: + if not data['success']: + logger.error('failed to get vars for reporting page') + return redirect(url_for('reporting', iid='all')) + + reloadlib = request.args.get('reloadlib') + issue, metadata = xhq.reporting.get_issue(iid, reloadlib=reloadlib) + #logger.debug(repr(issue)) + data = data | metadata + hform = xhq.forms.get_form('add_host') + if data['eng_type'] == 'audit': + form = xhq.forms.get_form('edit_csa_issue', obj=issue) + else: + form = xhq.forms.get_form('edit_issue', obj=issue) + + return render_template('editissue.j2', **data, form=form, hform=hform) + + elif request.method == 'POST': + logger.debug(repr(request.form)) + if 'rationale' in request.form: + form = xhq.forms.get_form('edit_csa_issue') + else: + form = xhq.forms.get_form('edit_issue') + + if ('cmd' in request.form and request.form['cmd'] == 'delrep'): + if re.match('^\d{1,6}$', request.form['iid']): + result = xhq.reporting.save_issue() + else: + logger.debug('invalid issue id: ' + str(request.form['iid'])) + result['error'] = 'Invalid issue id' + + elif form.validate_on_submit(): + logger.debug('issue form validated') + result = xhq.reporting.save_issue() + else: + if form.errors: + logger.debug('failed to validate form') + for field, errors in form.errors.items(): + for error in errors: + msg = 'validation error in ' + field + ': ' + error + logger.debug(msg) + flash(msg, 'error') + + return redirect(url_for('reporting', iid=iid)) + + if result['error']: + flash(result['error'], 'error') + else: + logger.debug('redirecting to ' + result['url']) + return redirect(result['url']) + + + return redirect(url_for('reporting', iid=iid)) + +@app.route('/get_merges/') +@login_required +def get_merges(iid): + if re.match('^\d+$', iid): + form = xhq.forms.get_form('dummy') + data = xhq.reporting.suggest_merge_delete(iid) + if data: + return render_template('check_merge_suggestions.j2', **data, form=form) + else: + flash('no merge suggestions', 'error') + else: + logger.debug('bad issue id {}'.format(iid)) + return abort(404) + + +@app.route('/merge_issues/', methods=['POST']) +@login_required +def merge_issues(iid): + if re.match('^\d+$', iid): + if xhq.reporting.merge_issues(iid): + return redirect(url_for('reporting', iid='all')) + else: + return redirect(url_for('reporting', iid='all')) + else: + logger.debug('bad issue id {}'.format(iid)) + return abort(404) + +@app.route('/add_host/', methods=['POST']) +@login_required +def add_host(iid): + if not re.match('^\d+$', iid): + logger.debug('bad issue id {}'.format(iid)) + return abort(404) + + logger.debug('adding host to issue {}'.format(iid)) + form = xhq.forms.get_form('add_host') + if form.validate_on_submit(): + logger.debug('engagement form validated') + status = xhq.reporting.add_issue_host(iid) + if status['errors']: + for error in status['errors']: + flash(error, 'error') + else: + logger.debug('engagement form failed to validate') + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + + return redirect(url_for('reporting', iid=iid)) + +@app.route('/add_issue', methods=['GET', 'POST']) +@login_required +def add_issue(): + data = {'page': 'reporting', 'hidden_fields': ['CSRF Token'], 'user_groups': session['user_groups'], 'user': session['nickname'], + 'subtitle': 'Add finding', 'isadmin': session['isadmin'], 'has_stats': xhq.auth.authorise_access('stats')} + + form = xhq.forms.get_form('add_issue') + hform = xhq.forms.get_form('add_host') + + if request.method == 'POST': + if hform.validate_on_submit(): + logger.debug('hform validated') + if form.validate_on_submit(): + logger.debug('form validated') + + result = xhq.reporting.add_issue() + if result['success']: + if result['status'] == 'saved2library': + flash('Issue saved to library', 'info') + #TODO load saved issue from lib, need to add host data too + elif result['status'] == 'saved2report': + return redirect(url_for('reporting', iid='all')) + else: + for error in result['errors']: + flash(error, 'error') + else: + logger.debug('form failed validation') + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + else: + logger.debug('hform failed validation') + if hform.errors: + for field, errors in hform.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + return render_template('add-issue.j2', form=form, hform=hform, **data) + +@app.route('/autoupdate_issues') +@login_required +def autoupdate_issues(): + if xhq.reporting.autoupdate_issues(): + return redirect(url_for('reporting', iid='all')) + else: + flash('Error importing library data', 'error') + +@app.route('/generate_report') +@login_required +def generate_report(): + user_id = session['user_id'] + reportby = request.args.get('reportby') + result = xhq.mkdoc.create_report(user_id, reportby) + if result['success']: + return send_from_directory(app.config['REPORT_FOLDER'], result['filename'], as_attachment=True) + else: + flash(result['error']) + return redirect(url_for('reporting', iid='all')) + +@app.route('/export_xlsx') +@login_required +def export_xlsx(): + filename = xhq.mkdoc.create_xlsx() + return send_from_directory(app.config['REPORT_FOLDER'], filename, as_attachment=True) + +@app.route('/export_iplist') +@login_required +def export_iplist(): + txtfile = xhq.hacking.get_iplist_txt(request.args) + return send_file(txtfile, as_attachment=True, download_name='iplist.txt', mimetype='text/plain') + +@app.route('/activate/') +@login_required +def activate(eid): + if not re.match('^\d+$', eid): + logger.debug('bad engagement id {}'.format(eid)) + return abort(404) + + result = {'success': False} + result = xhq.engagement.activate(eid) + logger.debug(repr(result)) + + if result['success']: + return redirect(url_for('engagement')) + else: + flash('Error activating engagement', 'error') + +@app.route('/summarise_findings') +@login_required +def summarise_findings(): + drop_existing = request.args.get('drop_existing') + if drop_existing: + xhq.reporting.clear_summary() + + if xhq.reporting.summarise_findings(): + return redirect(url_for('reporting', iid='all')) + else: + return 'failed to summarise findings' + +@app.route('/get/', methods=['GET', 'POST']) +@login_required +def get(what): + result = {} + if what == 'vulnserv_details': + # pass service_id, vuln_id and return plugin_output, proof etc + pass + elif what == 'titlelist': + # returns titles of issues in library which contain term + term = unquote_plus(request.args.get('term')) + _type = unquote_plus(request.args.get('type')) if 'type' in request.args else None + result = xhq.library.get_titlelist(term, _type) + + elif what == 'lib_issue': + lid = request.args.get('lid') + title = request.args.get('title') + if title: + title = unquote_plus(title) + exposure = request.args.get('exposure') + + result = xhq.library.get_lib_issue(title=title, lid=lid, exposure=exposure) + + elif what == 'suggestion': + # pass vuln title, report field (e.g. impact) and return stored texts for it + # title itself may need to be modified + # in issues table name is the original title, 'title' is the edited one to go into report + name = unquote_plus(request.args.get('name')) if request.method == 'GET' else request.args.get('name') + result = xhq.reporting.get_suggestions(name) + + elif what == 'hostlist': + args = { arg: unquote_plus(request.args.get(arg)) for arg in request.args } + args['main'] = 'host' + result = xhq.hacking.get_hostlist(args) + + elif what == 'portlist': + args = { arg: unquote_plus(request.args.get(arg)) for arg in request.args } + args['main'] = 'port' + result = xhq.hacking.get_portlist(args) + + elif what == 'servicelist': + args = { arg: unquote_plus(request.args.get(arg)) for arg in request.args } + args['main'] = 'service' + result = xhq.hacking.get_servicelist(args) + + elif what == 'softwarelist': + args = { arg: unquote_plus(request.args.get(arg)) for arg in request.args } + args['main'] = 'software' + result = xhq.hacking.get_softwarelist(args) + + elif what == 'vulnlist': + args = { arg: unquote_plus(request.args.get(arg)) for arg in request.args } + args['main'] = 'findings' + result = xhq.hacking.get_vulnlist(args) + + elif what == 'stat_titlelist': + term = unquote_plus(request.args.get('term')) + result = xhq.stats.get_titlelist(term) + elif what == 'exploitabilitylist': + term = unquote_plus(request.args.get('term')) + result = xhq.reporting.get_exploitabilitylist(term) + elif what == 'discoverabilitylist': + term = unquote_plus(request.args.get('term')) + result = xhq.reporting.get_discoverabilitylist(term) + else: + logger.debug('bad parameter: {}'.format(what)) + return abort(404) + + return json.dumps(result) + +@app.route('/del_issue_host') +@login_required +def del_issue_host(): + iid = request.args.get('issue_id') + sid = request.args.get('sid') + if not re.match('^\d+$', iid): + logger.debug('bad issue id {}'.format(iid)) + return abort(404) + + if not re.match('^\d+$', sid): + logger.debug('bad sid {}'.format(sid)) + return abort(404) + + if xhq.reporting.del_issue_host(iid, sid=sid): + return redirect(url_for('reporting', iid = iid)) + else: + flash('Error deleting host', 'error') + return redirect(url_for('reporting', iid = iid)) + +@app.route('/delete_engagement') +@login_required +def delete_engagement(): + eid = request.args.get('eid') + + if not re.match('^\d+$', eid): + logger.debug('bad id {}'.format(eid)) + return abort(404) + + if xhq.engagement.delete(eid): + return redirect(url_for('engagement')) + else: + flash('Error deleting engagement', 'error') + form = xhq.forms.get_form('new_engagement') + data = xhq.engagement.get_vars() + return render_template('engagement.j2', **data, form=form) + +@app.route('/upload_file', methods=['POST']) +@login_required +def upload_file(): + if 'scanfile' not in request.files: + flash('No file sent', 'error') + logger.debug(repr(request.files)) + return redirect(url_for('hacking', hid='main')) + + prockey = 'processing_' + str(session['user_id']) + msgkey = 'messages_' + str(session['user_id']) + scanfiles = request.files.getlist('scanfile') + #logger.debug(repr(request.form)) + for scanfile in scanfiles: + if scanfile.filename == '': + flash('No file selected', 'error') + return redirect(url_for('hacking', hid='main')) + + if allowed_file(scanfile.filename): + logger.info('importing ' + scanfile.filename + ': filename extension ok') + filename = secure_filename(scanfile.filename) + logger.debug('filename passed secure_filename check') + filepath = path.join(app.config['UPLOAD_FOLDER'], filename) + scanfile.save(filepath) + logger.info('file saved') + + result = xhq.hacking.queue_import(filename, filepath, request.form['filecount'], mc) + logger.debug(json.dumps(result)) + else: + logger.info('ignoring upload request for unsupported file type: ' + scanfile.filename) + result = {'error': 'Bad file extension. Acceptable extensions are: .xml, .nessus, .html, .txt'} + flash('Ignored unsupported file type (' + scanfile.filename + ')', 'error') + #return redirect(url_for('hacking', hid='main')) + + return json.dumps(result) + +@app.route('/delete_scan') +@login_required +def delete_scan(): + scan_id = request.args.get('scan_id') + # sanitised in hacking.delete_scan + + if xhq.hacking.delete_scan(scan_id): + logger.debug('scan deleted: ' + str(scan_id)) + return redirect(url_for('hacking', hid='main')) + else: + flash('Error deleting scan', 'error') + return redirect(url_for('hacking', hid='main')) + +#@app.route('/stats') +#@login_required +#def stats(): +# if request.args: +# fdata = tuple([ request.args[k] for k in ['title', 'exposure', 'stat_from', 'stat_to', 'results', 'orderby'] ]) +# +# FormData = namedtuple('FormData', 'title, exposure, stat_from, stat_to, results, orderby') +# obj = FormData._make(fdata) +# form = xhq.forms.get_form('stats', obj=obj) +# else: +# form = xhq.forms.get_form('stats') +# +# status, data = xhq.stats.get_vulnstats() +# if status['error']: +# flash('Failed to retrieve stats', 'error') +# return render_template('stats.j2', form=form) +# +# return render_template('stats.j2', **data, form=form) + +#@app.route('/reports', methods=['GET', 'POST']) +#@login_required +#def reports(): +# if request.method == 'POST': +# filename = xhq.reports.generate_internal_report(request.form['rep_from'], request.form['rep_to']) +# if filename: +# logger.debug('file generated, sending ' + filename + ' from ' + app.config['REPORT_FOLDER']) +# return send_from_directory(app.config['REPORT_FOLDER'], filename, as_attachment=True) +# else: +# flash('No matching engagements were found in the selected period', 'info') +# +# today = date.today() +# lastweek = today + timedelta(-7) +# fdata = (lastweek.strftime("%d/%m/%Y"), today.strftime("%d/%m/%Y")) +# +# FormData = namedtuple('FormData', 'rep_from, rep_to') +# obj = FormData._make(fdata) +# form = xhq.forms.get_form('reports', obj=obj) +# +# status, data = xhq.reports.get_vars() +# if status['error']: +# flash('Failed to load reports page data', 'error') +# return render_template('reports.j2', form=form) +# else: +# return render_template('reports.j2', **data, form=form) + +@app.route('/library', methods=['GET', 'POST']) +@login_required +def library(): + if request.method == 'GET': + data = xhq.library.get_data(args=request.args) + + if request.args: + fdata = tuple([ request.args[k] for k in ['libsearchtype', 'libsearchstr'] ]) + FormData = namedtuple('FormData', 'libsearchtype, libsearchstr') + obj = FormData._make(fdata) + searchform = xhq.forms.get_form('libsearch', obj=obj) + else: + searchform = xhq.forms.get_form('libsearch') + + form = xhq.forms.get_form('add_issue') + del form['details'] + logger.debug(repr(data)) + return render_template('library.j2', **data, form=form, searchform=searchform) + else: + editissueform = xhq.forms.get_form('add_issue') + if editissueform.validate_on_submit(): + logger.debug('form validated') + cmd = request.form['cmd'] if 'cmd' in request.form else None + logger.debug(repr(request.form)) + status = xhq.library.save(request.form) + if status['error']: + flash(status['error'], 'error') + else: + if cmd == 'dellib': + flash('Library entry deleted', 'info') + else: + flash('Library entry saved', 'info') + + if 'repiid' in request.form and cmd == 'savereplib': + logger.debug('saved to library, redirecting to issue ' + str(request.form['repiid'])) + redirectto = url_for('reporting', iid=request.form['repiid'], reloadlib=True) + else: + logger.debug('no repiid ' + repr(request.form)) + redirectto = request.referrer + + else: + logger.debug('edit issue form failed validation') + if editissueform.errors: + for field, errors in editissueform.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + redirectto = url_for('library') + + return redirect(redirectto) + +@app.route('/usersettings', methods=['GET', 'POST']) +@login_required +def usersettings(): + if request.method == 'GET': + data = xhq.admin.get_vars('usersettings') + + data['tokenverified'] = session['tokenverified'] + passwdform = xhq.forms.get_form('set_pass') if session['tokenverified'] else xhq.forms.get_form('update_pass') + + FormData = namedtuple('FormData', 'nickname') + obj = FormData._make(tuple([session['nickname']])) + nickform = xhq.forms.get_form('update_nickname', obj=obj) + + check_2fa_form = xhq.forms.get_form('2fa_check') if session['mfa_enabled'] and not session['mfa_required'] else None + + certpassform = xhq.forms.get_form('set_pass') + return render_template('usersettings.j2', **data, passwdform=passwdform, nickform=nickform, + check_2fa_form=check_2fa_form, certpassform=certpassform) + else: + if xhq.admin.updateuser(): + logger.debug('Settings updated') + else: + logger.debug('Error updating settings. Please try again.') + + return redirect(url_for('usersettings')) + +@app.route('/admin') +@login_required +def admin(): + logger.debug('Checking certificate related headers') + cert_rem_data = request.headers.getlist("X-SSL-Client-Remain") + if cert_rem_data: + session['cert_remaining'] = cert_rem_data[0].strip('\\') + logger.debug('Client certificate valid for another ' + str(session['cert_remaining']) + ' days') + else: + logger.debug('No X-SSL-Client-Remain header found') + + data = xhq.admin.get_vars('admin') + adduserform = xhq.forms.get_form('adduser') + settemplateform = xhq.forms.get_form('set_template') + gettemplateform = xhq.forms.get_form('get_template') + updatelogoform = xhq.forms.get_form('update_logo') + + return render_template('administration.j2', **data, adduserform=adduserform, + updatelogoform=updatelogoform, + settemplateform=settemplateform, + gettemplateform=gettemplateform) + +@app.route('/manage_users', methods=['GET', 'POST']) +@login_required +def manage_users(): + if request.method == 'GET': + #TODO hiding labels probably best done with a custom parameter in forms.py + hidden_labels = ['CSRF Token', 'Save'] + if 'user_id' in request.args: + # editing user, get user details and return populated form + user_id = request.args.get('user_id') + data = xhq.admin.getuser(user_id) + if data: + logger.debug('returning user data for uid ' + str(data['user_id'])) + FormData = namedtuple('FormData', tuple(data.keys())) + obj = FormData._make(tuple(data.values())) + form = xhq.forms.get_form('adduser', obj=obj) + return render_template('userform.j2', hidden_labels=hidden_labels, form=form) + else: + # error or uid modified and user not found + logerror(__name__, getframeinfo(currentframe()).lineno, 'user not found for user_id ' + str(user_id)) + flash('User not found. This is probably an error, please contact support', 'error') + else: + # adding user + form = xhq.forms.get_form('adduser') + del form.user_id + return render_template('userform.j2', form=form, hidden_labels=hidden_labels) + else: + form = xhq.forms.get_form('adduser') + if form.validate_on_submit(): + result = xhq.admin.saveuser(request.form) + logger.debug(repr(result)) + if result['errors']: + for error in result['errors']: + flash(error, 'error') + else: + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + logger.debug(request.form[field]) + flash(message, 'error') + + return redirect(url_for('admin')) + +@app.route('/set_subscriber_mfa') +@login_required +def set_subscriber_mfa(): + if not xhq.admin.toggle_subscriber_mfa(session['customer_id']): + flash('Failed to update MFA requirements, please contact support', 'error') + + return redirect(url_for('admin')) + +@app.route('/get_template') +@login_required +def get_template(): + _args = request.args + if 'template_type' in _args and 'template_version' in _args: + customer_id = session['customer_id'] if 'customer_id' in session else None + if not customer_id: + flash('Bad session, please log in again', 'error') + xhq.auth.logout() + return redirect(url_for('login')) + + logger.debug('getting template filename') + fullpath = xhq.admin.get_template(_args['template_type'], _args['template_version'], customer_id) + if fullpath: + template_file = path.basename(fullpath) + logger.debug('template found, returning ' + template_file) + return send_from_directory(TEMPLATE_FOLDER, template_file, as_attachment=True) + else: + logerror(__name__, getframeinfo(currentframe()).lineno, + 'Failed to get template file: ' + repr((_args['template_type'], _args['template_version'], customer_id))) + flash('Error retrieving template file - please contact support.') + + else: + logger.warn('incomplete arg set: ' + repr(_args)) + flash('Bad request - template type and/or version not specified', 'error') + + return redirect(url_for('admin')) + +@app.route('/set_template', methods=['POST']) +@login_required +def set_template(): + customer_id = session['customer_id'] if 'customer_id' in session else None + if not customer_id: + flash('Bad session, please log in again', 'error') + xhq.auth.logout() + return redirect(url_for('login')) + + form = xhq.forms.get_form('set_template') + if form.validate_on_submit(): + if 'template_file' not in request.files: + flash('No file sent', 'error') + logger.debug(repr(request.files)) + return redirect(url_for('admin')) + + # check template extension and save it to disk + template_file = request.files['template_file'] + now = datetime.now().strftime('%H-%M-%S_%d-%m-%Y') + filepath = '' + if template_file.filename.endswith('.docx'): + logger.info('importing ' + template_file.filename + ': filename extension ok') + filename = secure_filename(template_file.filename) + logger.debug('filename passed secure_filename check') + m = re.search('(.*)__\d\d-\d\d-\d\d_\d\d-\d\d-\d\d\d\d.docx$', filename) + filename = m[1] if m else filename[:-5] + filename += '__' + now + '.docx' + filepath = path.join(TEMPLATE_FOLDER, filename) + template_file.save(filepath) + logger.info('file saved: ' + filename) + else: + logger.info('ignoring upload request for unsupported file type: ' + template_file.filename) + flash('Bad file extension, only .docx templates are currently supported', 'error') + return redirect(url_for('admin')) + + # install template for the engagement type and customer + if 'template_type' in request.form: + template_type = request.form['template_type'] + success = xhq.admin.set_template(filepath,template_type,customer_id) + if success: + flash(request.form['template_type'] + ' template updated', 'info') + else: + flash('Template update failed: ' + result['error'], 'error') + else: + logging.info('template type not specified in form data: ' + repr(request.form)) + flash('Request failed - bad form data', 'error') + + return redirect(url_for('admin')) + else: + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + return redirect(url_for('admin')) + +@app.route('/contact', methods=['POST']) +@login_required +def contact(): + subject = 'Support request from ' + session['email'] + message = request.form['message'] + '\n\n===session details===\n\n`' + repr(session) + success = send_email('support@haxhq.com', subject, message, fromaddr = session['email']) + if success: + flash('Thank you for your email!', 'info') + + if request.referrer.startswith(request.base_url): + redirectto = request.referrer + else: + logger.warn('unexpected referrer header: ' + request.referrer) + redirectto = url_for('engagement') + + return redirect(redirectto) + +@app.route('/colour_mode', methods=['GET']) +@login_required +def colour_mode(): + xhq.admin.toggle_colour_mode() + return redirect(url_for('usersettings')) + +@app.route('/favicon.ico') +def favicon(): + return send_from_directory(app.config['FAVICON_FOLDER'], 'favicon.ico') + +@app.route('/qrcode') +def qrcode(): + if session['logged_in'] or session['pass_checked'] or session['tokenverified']: + filename = 'qr_' + str(session['user_id']) + '.png' + folder = app.config['QRCODE_FOLDER'] + '/' + logger.debug('serving ' + folder + filename) + if not path.isfile(folder + filename): + logger.error('qrcode file doesnt exist') + + return send_from_directory(app.config['QRCODE_FOLDER'], filename) + else: + logging.debug('refusing access to qrcode without pass, token or full session') + abort(401) + +@app.route('/register', methods=['POST']) +@csrf.exempt +def register(): + logger.info('regisering new demo user') + result = xhq.admin.register() + return json.dumps(result) + +@app.route('/get_updates/') +@login_required +def get_updates(x): + if x in ['HaxHQ', 'Python', 'OS']: + logger.debug('Checking for any available ' + x + ' updates') + result = xhq.admin.get_updates(x) + if result['success']: + if result['data']: + data = {'update_type': x, 'data': result['data']} + return render_template('updates.j2', **data) + else: + msg = x if x == 'HaxHQ' else x + ' packages' + msg += ' up to date.' + return '

' + msg + '

' + else: + msg = x if x == 'HaxHQ' else x + ' package' + return '

Failed to retrieve ' + msg + ' updates

' + else: + logger.warn('bad updates target: {}'.format(x)) + return abort(404) + +@app.route('/update/') +@login_required +def update(x): + logger.info('Installing ' + x + ' updates') + if x == 'HaxHQ': + result = xhq.admin.update_hahxq() + elif x == 'Python': + result = xhq.admin.update_python() + else: + logger.warn('Unrecognised update request: ' + x) + result = {'success': False, 'error': 'Unrecognised command'} + + return jsonify(result) + +@app.route('/getlogs') +@login_required +def getlogs(): + # for SaaS instances this is not required + if app.config['SHOWLOGS']: + res = xhq.admin.collect_logs() + if res['success']: + if res['data']: + result = jsonify(res['data']) + else: + result = jsonify(['No error or warning level logs found']) + else: + result = jsonify(['Error retrieving logs: ' + res['error']]) + else: + result = jsonify(['To enable retrieving logs please set SHOWLOGS to True']) + + return result + +@app.route('/get_cert', methods=['POST']) +@login_required +def get_cert(): + '''Return a valid .p12 file for the current user. + If the current user doesn't have a certificate, generate one. If the user has a certificate, renew it. + If the user has renewed before but not yet used the new certificate, generate the p12 from the current user's client certificate.''' + email = session['email'] + logger.info('Retrieving client certificate for ' + email) + form = xhq.forms.get_form('set_pass') + if form.validate_on_submit(): + password = request.form['password1'] + if password == request.form['password2']: + result = xhq.admin.get_client_cert(email, password) + if result['success']: + certfile = result['data'][0] + logger.debug('returning ' + certfile) + + return send_from_directory(path.dirname(certfile), path.basename(certfile), as_attachment=True) + else: + logger.debug(repr(result)) + flash('Failed to get certificate: ' + result['error'], 'error') + else: + flash("The passwords didn't match, please try again", 'error') + else: + if form.errors: + for field, errors in form.errors.items(): + for error in errors: + message = 'validation error in ' + field + ': ' + error + logger.info(message) + flash(message, 'error') + + return redirect(url_for('usersettings')) + +@app.route('/disable_cert_auth') +@login_required +def disable_cert_auth(): + '''Disable client certificate authentication for this HaxHQ instance''' + status = xhq.admin.disable_cert_auth() + if status['success']: + flash('Client certificate authentication disabled', 'info') + else: + flash(status['error'], 'error') + + return redirect(url_for('admin', reloadcertinfo=True)) + +@app.route('/enable_cert_auth') +@login_required +def enable_cert_auth(): + '''Enable client certificate authentication for this HaxHQ instance''' + status = xhq.admin.enable_cert_auth() + if status['success']: + flash('Client certificate authentication enabled', 'info') + else: + flash(status['error'], 'error') + + return redirect(url_for('admin')) + +@app.route('/update_login_logo', methods=['POST']) +@login_required +def update_login_logo(): + '''Update logo image on the login page''' + + form = xhq.forms.get_form('update_logo') + if form.validate_on_submit(): + if 'logo_file' in request.files: + logo_file = request.files['logo_file'] + else: + flash('No file sent', 'error') + logger.debug(repr(request.files)) + return redirect(url_for('admin')) + + if re.search('.jpg$|.jpeg$|.gif$|.png$|.webp$', logo_file.filename): + logger.info('importing {}: filename extension ok'.format(logo_file.filename)) + filename = secure_filename(logo_file.filename) + logger.debug('filename passed secure_filename check') + filepath = path.join('static/img/', filename) + logo_file.save(filepath) + logger.info('file saved') + else: + flash('Accepted image extensions are .jpg, .jpeg, .gif, .png, .webp', 'error') + logger.debug('bad logo image extension, rejecting') + + if 'SENDER_DOMAIN' in app.config and app.config['SENDER_DOMAIN'] == 'haxhq.com': + logo_dict = xhq.admin.get_login_logo() + if logo_dict['data']['login_logo_src'] == 'static/img/logo_white.png': + status = xhq.admin.update_login_logo('static/img/hackercat_giphy.webp') + else: + status = xhq.admin.update_login_logo('static/img/logo_white.png') + + flash('This feature is restricted to static image change for this instance', 'info') + else: + status = xhq.admin.update_login_logo(filepath) + + if status['error']: + flash('Logo update failed: {}'.format(status['error']), 'error') + logger.error('failed to update login logo') + else: + flash('Login page logo updated', 'info') + logger.debug('Logo updated successfully') + + return redirect(url_for('admin')) + +#def err(): + #try: + # division_by_zero = 1 / 0 + #except Exception as e: + # logerror(__name__, getframeinfo(currentframe()).lineno, e) +# return '

Issue fixed 🎉

' + diff --git a/haxhq/haxhq/haxhqcli.py b/haxhq/haxhq/haxhqcli.py new file mode 100755 index 0000000..d8b41ff --- /dev/null +++ b/haxhq/haxhq/haxhqcli.py @@ -0,0 +1,113 @@ +import os +import sys +from flask import url_for +import xhq.admin + +def main(): + usage = '''HaxHQ CLI - Limited CLI management interface to HaxHQ report automation tool + +Usage: + +haxhqcli check_connectivity - Verify the local host connectivity. Checks DNS resolution and + HTTPS connectivity to deb.debian.org, pypi.org and updates.haxhq.com. + Checks SMTP connectivity to smtp.haxhq.com + update_pass - Set or update a user's password. Will propmt for the password. + Example: haxhqcli update_pass user@email.com + enable_client_cert_auth - Enable client certificate authentication and reload Nginx + disable_client_cert_auth - Disable client certificate authentication and reload Nginx + get_client_cert - Issue a client certificate for the specified user and return the path to it + in the local filesystem. Will prompt for the encryption password. + Example: haxhqcli get_client_cert user@emal.com + issue_server_cert - Issue a server certificate for the local HaxHQ instance + using the integrated certificate authority. Uses SENDER_DOMAIN from + /opt/haxhq.com/haxhq/haxhq/def_settings.py to compile CN as haxhq.SENDER_DOMAIN. + renew_server_cert - Renew the server certificate for the local HaxHQ instance and install it. + Issues a new CRL and reloads nginx. + init_ca - Initialise the local Certificate Authority. You should only need to do this for + the initial setup or or if the CA has been compromised. + Deletes and invalidates all issued certificates!!! + +This tool is intended as a fallback only, please use the web interface when possible.''' + + if len(sys.argv) == 2: + command = sys.argv[1] + email = None + elif len(sys.argv) == 3: + command = sys.argv[1] + email = sys.argv[2] + else: + print(usage) + sys.exit() + + if command: + if command == 'check_connectivity': + xhq.admin.check_env() + + elif command == 'update_pass': + if email: + print('Please enter the passphrase you want to use for HaxHQ:') + password = input() + status = xhq.admin.update_pass(password, email=email) + if status['success']: + print('Password updated') + else: + print(status['error']) + else: + print('Usage: update_pass e.g. haxhqcli update_pass user@email.com') + + elif command == 'enable_client_cert_auth': + result = xhq.admin.enable_cert_auth() + if result['success']: + print('Client certificate authentication enabled.') + else: + print(result['error']) + + elif command == 'disable_client_cert_auth': + result = xhq.admin.disable_cert_auth() + if result['success']: + print('Client certificate authentication disabled.') + else: + print(result['error']) + + elif command == 'get_client_cert': + if email: + print('Please enter passphrase:') + password = input() + result = xhq.admin.get_client_cert(email, password) + if result['success']: + print('Client certificate for '+ email +' issued: ' + result['data'][0]) + else: + print(result['error']) + else: + print('Usage: get_client_cert e.g. haxhqcli get_client_cert user@email.com') + + elif command == 'issue_server_cert': + result = xhq.admin.app_cert_issue() + if result['success']: + print('Server certificate issued and installed.') + + elif command == 'renew_server_cert': + result = xhq.admin.app_cert_renew() + if result['success']: + print('Server certificate renewed and installed.') + + elif command == 'init_ca': + print('You should only need to initialise the CA on initial installation. Proceeding will delete all issued certificates.') + print("Please type 'yes' to continue or anything else to cancel:") + yes = input() + if yes == 'yes': + result = xhq.admin.init_ca() + if result['success']: + print('\nIntegrated Certificate Authority was rebuilt successfully.') + else: + print(result['error']) + else: + print('Cancelled.') + + else: + print(usage) + else: + print(usage) + +if __name__ == "__main__": + main() diff --git a/haxhq/haxhq/schema.sql b/haxhq/haxhq/schema.sql new file mode 100644 index 0000000..d6bcb19 --- /dev/null +++ b/haxhq/haxhq/schema.sql @@ -0,0 +1,597 @@ +drop table if exists haxhq_settings; +drop table if exists avoid_source; +drop table if exists prefer_source; +drop table if exists service_stats; +drop table if exists vuln_stats; +drop table if exists eng_stats; +drop table if exists host_notes; +drop table if exists engagement_notes; +drop table if exists http_virthost; +drop table if exists nessus_errors; +drop table if exists servicevulns; +drop table if exists csa_servicevulns; +drop table if exists findings; +drop table if exists csa_findings; +drop table if exists issues_seen; +drop table if exists services; +drop table if exists csa_reporting; +drop table if exists reporting; +drop table if exists hosts; +drop table if exists burp_scans; +drop table if exists zap_scans; +drop table if exists nessus_scans; +drop table if exists netsparker_scans; +drop table if exists scnr_scans; +drop table if exists acunetix_scans; +drop table if exists pingcastle_scans; +drop table if exists nmap_scans; +drop table if exists sitemap; +drop table if exists web; +drop table if exists user_sessions; +drop table if exists engagements; +drop table if exists users; +drop table if exists customers; +drop table if exists updates; + +create table customers ( + id serial primary key, + business_name varchar(128) unique not null, + contact_name varchar(128), + contact_email varchar(128), + contact_phone varchar(32), + pentest_template varchar(255), + vulnscan_template varchar(255), + audit_template varchar(255), + licenses integer, + mfa_required boolean default false, + unique (business_name, contact_email) +); +create index customers_name_ind on customers(business_name); +create index customers_email_ind on customers(contact_email); + +create table users ( + id serial primary key, + nickname varchar(32) not null, + name varchar(32), + surname varchar(32), + pass varchar(255), + email varchar(128) unique not null, + phone varchar(13), + token char(68), + token_time timestamp, + user_type varchar(32) not null, + user_group varchar(32) not null, + admin boolean not null default false, + customer_id smallint not null references customers on delete cascade, + otp_secret char(32), + colour_mode varchar(6) default 'light', + disabled boolean default false, + certexp date, + certfp char(40), + oldcertfp char(40), + unique (nickname, customer_id) +); +create index users_group on users (user_group); +create index users_customer_id on users (customer_id); +create index users_email on users (email); + +create table issues_seen ( + id serial primary key, + title text not null, + severity smallint, + description text not null, + remediation text not null, + impact text, + cvss real, + cvss3 real, + cve text, + scanner varchar(16) not null, + fingerprint char(64) not null, + exploit_available boolean default false, + exploitability_ease text, + see_also text, + cvss3_temporal_vector varchar(32), + cvss_temporal_vector varchar(24), + cvss3_vector varchar(58), + cvss_vector char(32), + patch_publication_date date, + plugin_id varchar(16), + unique (title, scanner) +); +create index issues_seen_title on issues_seen (title); +create index issues_seen_scanner on issues_seen (scanner); +create index issues_seen_severity on issues_seen (severity); + +create table csa_issues_seen ( + id serial primary key, + title text not null, + description text not null, + rationale text, + impact text, + remediation text not null, + reference text, + see_also text, + policy_value text, + scanner varchar(16), + unique(title) +); +create index csa_issues_seen_title on csa_issues_seen (title); +create index csa_issues_seen_scanner on csa_issues_seen (scanner); + +create table eng_stats ( + id serial primary key, + engagement_hash char(64) not null, + org_county varchar(64), + org_type varchar(16), + date date not null default now(), + total_hosts integer not null, + total_services integer not null, + unique (engagement_hash) +); +create index eng_stats_date on eng_stats (date); +create index eng_stats_engagement_hash on eng_stats (engagement_hash); + +create table vuln_stats ( + id serial primary key, + eng_id integer references eng_stats(id) on delete cascade, + issue_id integer references issues_seen(id) on delete cascade, + exposure char(8) not null, + host_count smallint not null, + service_count smallint not null +); +create index vuln_stats_eng_id on vuln_stats (eng_id); +create index vuln_stats_issue_id on vuln_stats (issue_id); +create index vuln_stats_exposure on vuln_stats (exposure); +create index vuln_stats_host_count on vuln_stats (host_count); +create index vuln_stats_service_count on vuln_stats (service_count); + +create table service_stats ( + id serial primary key, + vuln_id integer references vuln_stats(id) on delete cascade, + host_hash char(64) not null, + protocol varchar(12) not null, + port integer not null, + service varchar(64) +); +create index service_stats_host_hash on service_stats (host_hash); +create index service_stats_vuln_id on service_stats (vuln_id); + +create table library ( + id serial primary key, + user_id integer not null references users, + customer_id integer not null references customers, + source varchar(16), + title text not null check (title <> ''), + name varchar(255), + severity smallint, + orig_severity smallint, + description text not null check (title <> ''), + orig_description text, + discoverability text, + exploitability text, + impact text, + orig_impact text, + remediation text not null check (title <> ''), + orig_remediation text, + rationale text, + orig_rationale text, + reference text, + orig_reference text, + see_also text, + orig_see_also text, + scanner varchar(16), + exposure char(8) default 'external', + cvss real, + cvss_vector char(32), + cvss3 real, + cvss3_vector varchar(58), + unique (title, exposure, user_id) +); +create index library_user_id on library (user_id); +create index library_customer_id on library (customer_id); +create index library_source on library (source); +create index library_title on library (title); +create index library_name on library (name); + +create table user_sessions ( + id serial primary key, + user_id smallint references users on delete cascade, + ip inet not null, + useragent text, + start timestamp not null default now(), + finish timestamp, + expired boolean default false, + authfail boolean default false +); +create index user_sessions_uid on user_sessions (user_id); +create index user_sessions_authfail on user_sessions (authfail); +create index user_sessions_expired on user_sessions (expired); + +create table engagements ( + eid serial primary key, + user_id smallint references users, + org_name varchar(64) not null, + target_subnets text, + target_urls text, + eng_start timestamp without time zone, + eng_end timestamp without time zone, + contact1_name varchar(64) not null, + contact1_email varchar(64) not null, + contact1_phone varchar(16), + contact1_role varchar(64), + contact2_name varchar(64), + contact2_email varchar(64), + contact2_phone varchar(16), + contact2_role varchar(64), + test_type varchar(8), + target_type varchar(5), + active boolean default false, + report_done boolean default false, + stats_exported boolean default false, + isdummy boolean default false, + summarised boolean default false, + notes text +); +create index engagements_active on engagements (active); +create index engagements_uid on engagements (user_id); +create index engagements_isdummy on engagements (isdummy); + +create table web ( + id serial primary key, + engagement_id integer references engagements(eid) on delete cascade, + url varchar(255), + status smallint, + redirect varchar(255), + title varchar(255), + cn varchar(255), + ipv4 inet, + ipv6 inet, + unique (engagement_id, url) +); +create index web_eng_id on web (engagement_id); + +create table nmap_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + filename varchar(64) not null, + arg_string text not null, + scan_type char(8) not null, + unique (filename, engagement_id) +); +create index nmap_scans_eid on nmap_scans (engagement_id); +create index nmap_scans_type on nmap_scans (scan_type); + +create table pingcastle_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + filename varchar(64) not null, + scan_type char(8) default 'internal', + unique (filename, engagement_id) +); +create index pingcastle_scans_ind on pingcastle_scans (engagement_id); + +create table qualys_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + filename varchar(64) not null, + scan_type char(8) not null, + unique (filename, engagement_id) +); +create index qualys_scans_ind on qualys_scans (engagement_id); + +create table nessus_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + filename varchar(128) not null, + scan_type char(8) not null, + policy varchar(128), + target text, + tcp_port_range varchar(128), + udp_port_range varchar(128), + unscanned_closed boolean default false, + throttle_on_congestion boolean, + unique (filename, engagement_id) +); +create index nessus_scans_eid on nessus_scans (engagement_id); +create index nessus_scans_type on nessus_scans (scan_type); + +create table netsparker_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + target varchar(128), + date date, + filename varchar(128) not null, + scan_type char(8) not null, + unique (filename, engagement_id) +); +create index netsparker_scans_eid on netsparker_scans (engagement_id); + +create table scnr_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + target varchar(128), + date date, + filename varchar(128) not null, + scan_type char(8) not null, + unique (filename, engagement_id) +); +create index scnr_scans_eid on scnr_scans (engagement_id); + +create table acunetix_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + target varchar(128), + date date, + filename varchar(128) not null, + scan_type char(8) not null, + unique (filename, engagement_id) +); +create index acunetix_scans_eid on acunetix_scans (engagement_id); + +create table burp_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + filename varchar(64) not null, + scan_type char(8) not null, + unique (filename, engagement_id) +); +create index burp_scans_eid on burp_scans (engagement_id); + +create table zap_scans ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + filename varchar(64) not null, + scan_type char(8) not null, + unique (filename, engagement_id) +); +create index zap_scans_eid on zap_scans (engagement_id); + +create table hosts ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + ipv4 inet, + ipv6 inet, + os text, + fqdn varchar(128), + rdns varchar(128), + notes text, + unique (ipv4, engagement_id), + unique (ipv6, engagement_id), + check (ipv4 is not null or ipv6 is not null) +); +create index hosts_eid on hosts (engagement_id); +create index hosts_ipv4 on hosts (ipv4); +create index hosts_os on hosts (os); +create index hosts_fqdn on hosts (fqdn); + +create table reporting ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + title text not null, + name text, + severity smallint not null, + description text, + discoverability text, + exploitability text, + impact text, + remediation text, + picture1 varchar(64), + picture2 varchar(64), + ready boolean not null default false, + cvss real, + cvss3 real, + cvss_vector char(32), + cvss3_vector varchar(58), + cve text, + exposure char(8) not null, + ce_impact varchar(6), + proof text, + deleted boolean default false, + merged_with integer references reporting(id), + autoupdated boolean not null default false, + scanner varchar(16), + details text, + unique (engagement_id, title, exposure) +); +create index reporting_eid on reporting (engagement_id); +create index reporting_title on reporting (title); +create index reporting_severity on reporting (severity); +create index reporting_ready on reporting (ready); +create index reporting_merged_with on reporting (merged_with); +create index reporting_deleted on reporting (deleted); + +create table csa_reporting ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + title text not null, + name text, + compliance varchar(16) not null, + description text, + rationale text, + impact text, + remediation text, + reference text, + ready boolean not null default false, + deleted boolean default false, + merged_with integer references csa_reporting(id) on delete set null, + audit_level char(2), + control_set char(2), + benchmark varchar(128), + audit_file varchar(128), + service_name varchar(128), + autoupdated varchar(16), + unique (engagement_id, title) +); +create index csa_reporting_eid on csa_reporting (engagement_id); +create index csa_reporting_title on csa_reporting (title); +create index csa_reporting_compl on csa_reporting (compliance); +create index csa_reporting_ready on csa_reporting (ready); +create index csa_reporting_merged_with on csa_reporting (merged_with); + +create table services ( + id serial primary key, + host_id integer not null references hosts(id) on delete cascade, + protocol varchar(12), + port integer, + service varchar(64), + software text, + cert_cn text, + sitemap text, + web_dir_enum text, + no404sent boolean default false, + cgi_enum text, + robots_txt text, + injectable_param text, + sensitive_param text, + php_version varchar(256), + phpmyadmin text, + drupal_detected text, + wordpress_detected text, + python_detected text, + dotnet_handlers text, + embedded_server boolean default false, + software_favicon varchar(256), + external boolean not null default false, + webappurl varchar(255), + scan_uri_list varchar(255) not null, + unique (host_id, protocol, port, webappurl) +); +create index services_host_id on services (host_id); +create index services_protocol on services (protocol); +create index services_port on services (port); + +create table findings ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + service_id integer not null references services(id) on delete cascade, + issue_id integer not null references issues_seen, + external boolean, + proof text, + request text, + plugin_output text, + notes text, + vhost varchar(255), + scan_uri_list varchar(255) not null +); +create index findings_eid on findings (engagement_id); +create index findings_sid on findings (service_id); +create index findings_issue_id on findings (issue_id); + + +create table csa_findings ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + service_id integer not null references services(id) on delete cascade, + issue_id integer not null references issues_seen, + plugin_output text, + compliance varchar(16), + audit_level varchar(32), + control_set varchar(32), + benchmark varchar(128) not null, + audit_file varchar(128), + service_name varchar(128), + actual_value text, + nessus_id integer references nessus_scans(id) on delete cascade, + pingcastle_id integer references pingcastle_scans(id) on delete cascade +); +create index csa_findings_eid on csa_findings (engagement_id); +create index csa_findings_sid on csa_findings (service_id); +create index csa_findings_issue_id on csa_findings (issue_id); +create index csa_findings_compl on csa_findings (compliance); +create index csa_findings_nessus on csa_findings (nessus_id); +create index csa_findings_pingcastle on csa_findings (pingcastle_id); + +create table nessus_errors ( + id serial primary key, + service_id integer not null references services(id) on delete cascade, + error_text text not null +); +create index nessus_errors_ind on nessus_errors (service_id); + +create table servicevulns ( + id serial primary key, + service_id integer not null references services(id) on delete cascade, + report_vuln_id integer not null references reporting(id) on delete cascade, + finding_id integer references findings on delete cascade +); +create index servicevulns_sid on servicevulns (service_id); +create index servicevulns_vuln_id on servicevulns (report_vuln_id); +create index servicevulns_fid on servicevulns (finding_id); + +create table csa_servicevulns ( + id serial primary key, + service_id integer not null references services on delete cascade, + report_vuln_id integer not null references csa_reporting on delete cascade, + finding_id integer not null references csa_findings on delete cascade +); +create index csa_servicevulns_sid on csa_servicevulns (service_id); +create index csa_servicevulns_vuln_id on csa_servicevulns (report_vuln_id); +create index csa_servicevulns_fid on csa_servicevulns (finding_id); + +create table http_virthost ( + id serial primary key, + host_id integer not null references hosts(id) on delete cascade, + virthost text not null, + unique (host_id, virthost) +); +create index http_virthost_host_id on http_virthost (host_id); + +create table pingcastle_config ( + id serial primary key, + title varchar(255), + var_name varchar(32), + var_label varchar(128) +); +create index pingcastle_config_ind on pingcastle_config (title); + +--unused +create table sitemap ( + id serial primary key, + web_id integer references web(id) on delete cascade, + page varchar(255) not null, + unique (web_id, page) +); + +create table engagement_notes ( + id serial primary key, + engagement_id integer not null references engagements(eid) on delete cascade, + note text not null +); +create index engagement_notes_ind on engagement_notes (engagement_id); + +create table host_notes ( + id serial primary key, + host_id integer not null references hosts(id) on delete cascade, + note text not null +); + +create table prefer_source ( + id serial primary key, + title varchar(255) unique not null, + source varchar(16) not null +); + +create table avoid_source ( + id serial primary key, + title varchar(255) unique not null, + source varchar(16) not null, + override1 smallint references prefer_source, + override2 smallint references prefer_source +); +create index avoid_source_ind on avoid_source (title, source); + +create table updates ( + id serial primary key, + update_type varchar(16), + time_checked timestamp not null default now(), + upgradable text not null, + installed boolean default false +); +create index updates_ind on updates(time_checked, installed); + +create table haxhq_settings ( + login_logo_src varchar(255), + login_logo_width int, + login_logo_height int +); +insert into haxhq_settings (login_logo_src, login_logo_width, login_logo_height) values ('/static/img/logo_white.png', 160, 65); diff --git a/haxhq/haxhq/static/ca.crt b/haxhq/haxhq/static/ca.crt new file mode 100644 index 0000000..cfca219 --- /dev/null +++ b/haxhq/haxhq/static/ca.crt @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICRDCCAcqgAwIBAgIUJhKXDUOLUA05U0PU61zCKar4Kp4wCgYIKoZIzj0EAwMw +KzEpMCcGA1UEAwwgTWl0ZXYgQ29uc3VsdGluZyBMVEQgRUNDIFJvb3QgQ0EwHhcN +MjQwNDAyMDYxMDE2WhcNMzQwMzMxMDYxMDE2WjArMSkwJwYDVQQDDCBNaXRldiBD +b25zdWx0aW5nIExURCBFQ0MgUm9vdCBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IA +BO+EjOv2EbM65GoAiP84le8pNQayZPg/rq08n3TRxenOrkCC+HZQ7zR9M7NZczdQ +1ohBqtWojDWtkb9lr1SpmIMFwAbdoJl3pQo7AowEKVdMNd3JEQW87DyaLvJjqM5N +iqOBrjCBqzASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBS2mTJyB6+Cdc0q +U/V/lcd4zGTiyzBmBgNVHSMEXzBdgBS2mTJyB6+Cdc0qU/V/lcd4zGTiy6EvpC0w +KzEpMCcGA1UEAwwgTWl0ZXYgQ29uc3VsdGluZyBMVEQgRUNDIFJvb3QgQ0GCFCYS +lw1Di1ANOVND1Otcwimq+CqeMA4GA1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNo +ADBlAjARaM6B9JEBDX0sKVVf2oOtkwdgAcSGUNzwfIFCyKV6Wz18jmM82+xjKUi0 +PveXXgwCMQCVM7ayFCZatpY7RQUGgiTHVSA34YY5k6AJEkI9Mgg6FNWFDOuTYszs +0c0SyrtVoOs= +-----END CERTIFICATE----- diff --git a/haxhq/haxhq/static/cvssjs/cvss.css b/haxhq/haxhq/static/cvssjs/cvss.css new file mode 100644 index 0000000..458fedf --- /dev/null +++ b/haxhq/haxhq/static/cvssjs/cvss.css @@ -0,0 +1,300 @@ +/* Copyright (c) 2015-2019, Chandan B.N + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the + * following conditions are met: + * 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following + * disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the + * following disclaimer in the documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote + * products derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +.cvssjs i { + width: 1em; + height: 1em; + display: inline-block; + background: url("cvssicons.png") 0 0 no-repeat; + vertical-align: middle; + background-size: cover; + margin-right: 4px; + margin: 2px; + font-size: 40px; +} + +.cvssjs i.AVN { + background-position: -3em 0; +} + +.cvssjs i.AVA { + background-position: -2em 0; +} + +.cvssjs i.AVL { + background-position: -1em 0; +} + +.cvssjs i.AVP { + background-position: 0 0; +} + +.cvssjs i.ACL { + background-position: -4em 0; +} + +.cvssjs i.ACH { + background-position: -5em 0; +} + +.cvssjs i.PRN { + background-position: -6em 0; +} + +.cvssjs i.PRL { + background-position: -7em 0; +} + +.cvssjs i.PRH { + background-position: -8em 0; +} + +.cvssjs i.UIN { + background-position: -10em 0; +} + +.cvssjs i.UIR { + background-position: -9em 0; +} + +.cvssjs i.SC { + background-position: -11em 0; +} + +.cvssjs i.SU { + background-position: -10em 0; +} + +.cvssjs i.CH { + background-position: -14em 0; +} + +.cvssjs i.CL { + background-position: -13em 0; +} + +.cvssjs i.CN { + background-position: -12em 0; +} + +.cvssjs i.IH { + background-position: -16em 0; +} + +.cvssjs i.IL { + background-position: -17em 0; +} + +.cvssjs i.IN { + background-position: -15em 0; +} + +.cvssjs i.AH { + background-position: -20em 0; +} + +.cvssjs i.AL { + background-position: -19em 0; +} + +.cvssjs i.AN { + background-position: -18em 0; +} + +.cvssjs a { + color: #489; + text-decoration: none; +} + +.cvssjs dl { + display: inline-block; + vertical-align: top; + background-color: #424a40; + margin-top: 2px; + margin-bottom: 2px; + margin: 2px; + border-radius: 4px; + box-shadow: 0px 0px 5px #bbb; + transition: background-color 0.3s ease-in-out; +} +.cvssjs dt { + color: #EEEEEE; + padding: 5px; + font-size: 60%; + overflow-x: hidden; + text-transform: uppercase; + letter-spacing: .5px; +} +.cvssjs dl:hover, .cvssjs dl:focus { + background-color: #676a60; + box-shadow: 0px 0px 5px #aaa; +} +.cvssjs dl:hover dt, .cvssjs dl:focus dt { + color: #ffffff; +} +.cvssjs dd { + margin: 0px; + padding: 0px; + text-align: left; +} + +.cvssjs dd label, +#predef span { + min-width: 7.5em; + padding: 0px 2px 0px 2px; + display: block; + margin: 1px; + margin-top: 0px; + background-color: #f7f7f4; + vertical-align: middle; + transition: background-color 0.3s ease-in-out; +} + +.cvssjs dd:last-child label, +#predef span:last-child { + border-bottom-left-radius: 3px; + border-bottom-right-radius: 3px; +} + +.cvssjs dd small { + display: none; +} + +.cvssjs dd:hover small { + position: absolute; + max-width: 220px; + border: solid 1px #333; + display: block; + color: black; + background-color: #FFFFC1; + border-radius: 5px; + padding: 5px; + margin-top: .7em; + margin-left: 5em; + box-shadow: 2px 2px 5px #333; + z-index: 1; +} + +#predef span:hover:before { + content: "<"; + display: block; + position: absolute; + margin-top: 0px; + margin-left: -2px; + color: #424a40; +} + +.cvssjs dd > input { + border: 0; + clip: rect(0 0 0 0); + height: 1px; + margin: -1px; + overflow: hidden; + padding: 0; + position: absolute; + width: 1px; +} + +.cvssjs dd:nth-child(2) input:checked + label, +.cvssjs .Critical { + background-color: rgb(240, 130, 120); +} + +.cvssjs dd input:checked + label, +.cvssjs .High { + background-color: rgb(240, 170, 83); + transition: background-color 0.1s ease-in-out; +} + +.cvssjs dd:last-child input:checked + label, +.cvssjs dl.AV dd:nth-child(4) input:checked + label, +.cvssjs .Medium { + background-color: rgb(250, 230, 120); +} + +.cvssjs .Low { + background-color: rgb(208, 212, 134) +} + +.cvssjs dl.C dd:last-child input:checked + label, +.cvssjs dl.I dd:last-child input:checked + label, +.cvssjs dl.A dd:last-child input:checked + label, +.cvssjs .None { + background-color: rgb(162, 213, 114); +} + +.cvssjs dd:nth-child(2) label:hover { + background-color: rgb(250, 140, 130); +} + +.cvssjs dd label:hover { + background-color: rgb(250, 180, 93); + transition: background-color 0.1s ease-in-out; +} + +.cvssjs dl.PR dd:last-child label:hover, +.cvssjs dd:last-child label:hover, +.cvssjs dl.AV dd:nth-child(4) label:hover { + background-color: rgb(255, 240, 130); +} + +.cvssjs dl.C dd:last-child label:hover, +.cvssjs dl.I dd:last-child label:hover, +.cvssjs dl.A dd:last-child label:hover { + background-color: rgb(172, 223, 124); +} + +.cvssjs hr { + border-style: dashed; + color: #949ca0; +} + +.cvssjs .score, +.cvssjs .vector, +.cvssjs .severity { + margin: 2px; + display: inline-block; +} + +.cvssjs .score { + width: 1.5em; +} + +.cvssjs .severity { + width: 5em; + border-radius: 4px; + padding: 5px; + text-align: center; + transition: background-color 0.1s ease-out; +} + +.cvssjs .results { + padding: 7px; +} + +.cvssjs dl dd label.results:hover { + background-color: white; +} + +.cvssjs .results sub { + display: none; + font-size: x-small; +} \ No newline at end of file diff --git a/haxhq/haxhq/static/cvssjs/cvss.js b/haxhq/haxhq/static/cvssjs/cvss.js new file mode 100644 index 0000000..0089153 --- /dev/null +++ b/haxhq/haxhq/static/cvssjs/cvss.js @@ -0,0 +1,439 @@ +/* Copyright (c) 2015-2019, Chandan B.N. + * + * Copyright (c) 2019, FIRST.ORG, INC + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, are permitted provided that the + * following conditions are met: + * 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following + * disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the + * following disclaimer in the documentation and/or other materials provided with the distribution. + * 3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote + * products derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +var CVSS = function (id, options) { + this.options = options; + this.wId = id; + var e = function (tag) { + return document.createElement(tag); + }; + + // Base Group + this.bg = { + AV: 'Attack Vector', + AC: 'Attack Complexity', + PR: 'Privileges Required', + UI: 'User Interaction', + S: 'Scope', + C: 'Confidentiality', + I: 'Integrity', + A: 'Availability' + }; + + // Base Metrics + this.bm = { + AV: { + N: { + l: 'Network', + d: "Worst: The vulnerable component is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. Such a vulnerability is often termed “remotely exploitable” and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers)." + }, + A: { + l: 'Adjacent', + d: "Worse: The vulnerable component is bound to the network stack, but the attack is limited at the protocol level to a logically adjacent topology. This can mean an attack must be launched from the same shared physical (e.g., Bluetooth or IEEE 802.11) or logical (e.g., local IP subnet) network, or from within a secure or otherwise limited administrative domain (e.g., MPLS, secure VPN to an administrative network zone). One example of an Adjacent attack would be an ARP (IPv4) or neighbor discovery (IPv6) flood leading to a denial of service on the local LAN segment." + }, + L: { + l: 'Local', + d: "Bad: The vulnerable component is not bound to the network stack and the attacker’s path is via read/write/execute capabilities. Either:
  • the attacker exploits the vulnerability by accessing the target system locally (e.g., keyboard, console), or remotely (e.g., SSH);
  • or the attacker relies on User Interaction by another person to perform actions required to exploit the vulnerability (e.g., using social engineering techniques to trick a legitimate user into opening a malicious document).
" + }, + P: { + l: 'Physical', + d: "Bad: The attack requires the attacker to physically touch or manipulate the vulnerable component. Physical interaction may be brief (e.g., evil maid attack) or persistent. An example of such an attack is a cold boot attack in which an attacker gains access to disk encryption keys after physically accessing the target system. Other examples include peripheral attacks via FireWire/USB Direct Memory Access (DMA)." + } + }, + AC: { + L: { + l: 'Low', + d: "Worst: Specialized access conditions or extenuating circumstances do not exist. An attacker can expect repeatable success when attacking the vulnerable component." + }, + H: { + l: 'High', + d: "Bad: A successful attack depends on conditions beyond the attacker's control. That is, a successful attack cannot be accomplished at will, but requires the attacker to invest in some measurable amount of effort in preparation or execution against the vulnerable component before a successful attack can be expected." + } + }, + PR: { + N: { + l: 'None', + d: "Worst: The attacker is unauthorized prior to attack, and therefore does not require any access to settings or files of the the vulnerable system to carry out an attack." + }, + L: { + l: 'Low', + d: "Worse The attacker requires privileges that provide basic user capabilities that could normally affect only settings and files owned by a user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources." + }, + H: { + l: 'High', + d: "Bad: The attacker requires privileges that provide significant (e.g., administrative) control over the vulnerable component allowing access to component-wide settings and files." + } + }, + UI: { + N: { + l: 'None', + d: "Worst: The vulnerable system can be exploited without interaction from any user." + }, + R: { + l: 'Required', + d: "Bad: Successful exploitation of this vulnerability requires a user to take some action before the vulnerability can be exploited. For example, a successful exploit may only be possible during the installation of an application by a system administrator." + } + }, + + S: { + C: { + l: 'Changed', + d: "Worst: An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities." + }, + U: { + l: 'Unchanged', + d: "Bad: An exploited vulnerability can only affect resources managed by the same security authority. In this case, the vulnerable component and the impacted component are either the same, or both are managed by the same security authority." + } + }, + C: { + H: { + l: 'High', + d: "Worst: There is a total loss of confidentiality, resulting in all resources within the impacted component being divulged to the attacker. Alternatively, access to only some restricted information is obtained, but the disclosed information presents a direct, serious impact. For example, an attacker steals the administrator's password, or private encryption keys of a web server." + }, + L: { + l: 'Low', + d: "Bad: There is some loss of confidentiality. Access to some restricted information is obtained, but the attacker does not have control over what information is obtained, or the amount or kind of loss is limited. The information disclosure does not cause a direct, serious loss to the impacted component." + }, + N: { + l: 'None', + d: "Good: There is no loss of confidentiality within the impacted component." + } + }, + I: { + H: { + l: 'High', + d: "Worst: There is a total loss of integrity, or a complete loss of protection. For example, the attacker is able to modify any/all files protected by the impacted component. Alternatively, only some files can be modified, but malicious modification would present a direct, serious consequence to the impacted component." + }, + L: { + l: 'Low', + d: "Bad: Modification of data is possible, but the attacker does not have control over the consequence of a modification, or the amount of modification is limited. The data modification does not have a direct, serious impact on the impacted component." + }, + N: { + l: 'None', + d: "Good: There is no loss of integrity within the impacted component." + } + }, + A: { + H: { + l: 'High', + d: "Worst: There is a total loss of availability, resulting in the attacker being able to fully deny access to resources in the impacted component; this loss is either sustained (while the attacker continues to deliver the attack) or persistent (the condition persists even after the attack has completed). Alternatively, the attacker has the ability to deny some availability, but the loss of availability presents a direct, serious consequence to the impacted component (e.g., the attacker cannot disrupt existing connections, but can prevent new connections; the attacker can repeatedly exploit a vulnerability that, in each instance of a successful attack, leaks a only small amount of memory, but after repeated exploitation causes a service to become completely unavailable)." + }, + L: { + l: 'Low', + d: "Bad: Performance is reduced or there are interruptions in resource availability. Even if repeated exploitation of the vulnerability is possible, the attacker does not have the ability to completely deny service to legitimate users. The resources in the impacted component are either partially available all of the time, or fully available only some of the time, but overall there is no direct, serious consequence to the impacted component." + }, + N: { + l: 'None', + d: "Good: There is no impact to availability within the impacted component." + } + } + }; + + this.bme = {}; + this.bmgReg = { + AV: 'NALP', + AC: 'LH', + PR: 'NLH', + UI: 'NR', + S: 'CU', + C: 'HLN', + I: 'HLN', + A: 'HLN' + }; + this.bmoReg = { + AV: 'NALP', + AC: 'LH', + C: 'C', + I: 'C', + A: 'C' + }; + var s, f, dl, g, dd, l; + this.el = document.getElementById(id); + this.el.appendChild(s = e('style')); + s.innerHTML = ''; + this.el.appendChild(f = e('form')); + f.className = 'cvssjs'; + this.calc = f; + for (g in this.bg) { + f.appendChild(dl = e('dl')); + dl.setAttribute('class', g); + var dt = e('dt'); + dt.innerHTML = this.bg[g]; + dl.appendChild(dt); + for (s in this.bm[g]) { + dd = e('dd'); + dl.appendChild(dd); + var inp = e('input'); + inp.setAttribute('name', g); + inp.setAttribute('value', s); + inp.setAttribute('id', id + g + s); + inp.setAttribute('class', g + s); + //inp.setAttribute('ontouchstart', ''); + inp.setAttribute('type', 'radio'); + this.bme[g + s] = inp; + var me = this; + inp.onchange = function () { + me.setMetric(this); + }; + dd.appendChild(inp); + l = e('label'); + dd.appendChild(l); + l.setAttribute('for', id + g + s); + l.appendChild(e('i')).setAttribute('class', g + s); + l.appendChild(document.createTextNode(this.bm[g][s].l + ' ')); + dd.appendChild(e('small')).innerHTML = this.bm[g][s].d; + } + } + //f.appendChild(e('hr')); + f.appendChild(dl = e('dl')); + dl.innerHTML = '
Severity⋅Score⋅Vector
'; + dd = e('dd'); + dl.appendChild(dd); + l = dd.appendChild(e('label')); + l.className = 'results'; + l.appendChild(this.severity = e('span')); + this.severity.className = 'severity'; + l.appendChild(this.score = e('span')); + this.score.className = 'score'; + l.appendChild(document.createTextNode(' ')); + l.appendChild(this.vector = e('a')); + this.vector.className = 'vector'; + this.vector.innerHTML = 'CVSS:3.1/AV:_/AC:_/PR:_/UI:_/S:_/C:_/I:_/A:_'; + + if (options.onsubmit) { + f.appendChild(e('hr')); + this.submitButton = f.appendChild(e('input')); + this.submitButton.setAttribute('type', 'submit'); + this.submitButton.setAttribute('value', 'Cancel'); + this.submitButton.onclick = options.onsubmit; + } +}; + +CVSS.prototype.severityRatings = [{ + name: "None", + bottom: 0.0, + top: 0.0 +}, { + name: "Low", + bottom: 0.1, + top: 3.9 +}, { + name: "Medium", + bottom: 4.0, + top: 6.9 +}, { + name: "High", + bottom: 7.0, + top: 8.9 +}, { + name: "Critical", + bottom: 9.0, + top: 10.0 +}]; + +CVSS.prototype.severityRating = function (score) { + var i; + var severityRatingLength = this.severityRatings.length; + for (i = 0; i < severityRatingLength; i++) { + if (score >= this.severityRatings[i].bottom && score <= this.severityRatings[i].top) { + return this.severityRatings[i]; + } + } + return { + name: "?", + bottom: 'Not', + top: 'defined' + }; +}; + +CVSS.prototype.valueofradio = function(e) { + for(var i = 0; i < e.length; i++) { + if (e[i].checked) { + return e[i].value; + } + } + return null; +}; + +CVSS.prototype.calculate = function () { + var cvssVersion = "3.1"; + var exploitabilityCoefficient = 8.22; + var scopeCoefficient = 1.08; + + // Define associative arrays mapping each metric value to the constant used in the CVSS scoring formula. + var Weight = { + AV: { + N: 0.85, + A: 0.62, + L: 0.55, + P: 0.2 + }, + AC: { + H: 0.44, + L: 0.77 + }, + PR: { + U: { + N: 0.85, + L: 0.62, + H: 0.27 + }, + // These values are used if Scope is Unchanged + C: { + N: 0.85, + L: 0.68, + H: 0.5 + } + }, + // These values are used if Scope is Changed + UI: { + N: 0.85, + R: 0.62 + }, + S: { + U: 6.42, + C: 7.52 + }, + C: { + N: 0, + L: 0.22, + H: 0.56 + }, + I: { + N: 0, + L: 0.22, + H: 0.56 + }, + A: { + N: 0, + L: 0.22, + H: 0.56 + } + // C, I and A have the same weights + + }; + + var p; + var val = {}, metricWeight = {}; + try { + for (p in this.bg) { + val[p] = this.valueofradio(this.calc.elements[p]); + if (typeof val[p] === "undefined" || val[p] === null) { + return "?"; + } + metricWeight[p] = Weight[p][val[p]]; + } + } catch (err) { + return err; // TODO: need to catch and return sensible error value & do a better job of specifying *which* parm is at fault. + } + metricWeight.PR = Weight.PR[val.S][val.PR]; + // + // CALCULATE THE CVSS BASE SCORE + // + var roundUp1 = function Roundup(input) { + var int_input = Math.round(input * 100000); + if (int_input % 10000 === 0) { + return int_input / 100000 + } else { + return (Math.floor(int_input / 10000) + 1) / 10 + } + }; + try { + var baseScore, impactSubScore, impact, exploitability; + var impactSubScoreMultiplier = (1 - ((1 - metricWeight.C) * (1 - metricWeight.I) * (1 - metricWeight.A))); + if (val.S === 'U') { + impactSubScore = metricWeight.S * impactSubScoreMultiplier; + } else { + impactSubScore = metricWeight.S * (impactSubScoreMultiplier - 0.029) - 3.25 * Math.pow(impactSubScoreMultiplier - 0.02, 15); + } + var exploitabalitySubScore = exploitabilityCoefficient * metricWeight.AV * metricWeight.AC * metricWeight.PR * metricWeight.UI; + if (impactSubScore <= 0) { + baseScore = 0; + } else { + if (val.S === 'U') { + baseScore = roundUp1(Math.min((exploitabalitySubScore + impactSubScore), 10)); + } else { + baseScore = roundUp1(Math.min((exploitabalitySubScore + impactSubScore) * scopeCoefficient, 10)); + } + } + + return baseScore.toFixed(1); + } catch (err) { + return err; + } +}; + +CVSS.prototype.get = function() { + return { + score: this.score.innerHTML, + vector: this.vector.innerHTML + }; +}; + +CVSS.prototype.setMetric = function(a) { + var vectorString = this.vector.innerHTML; + if (/AV:.\/AC:.\/PR:.\/UI:.\/S:.\/C:.\/I:.\/A:./.test(vectorString)) {} else { + vectorString = 'AV:_/AC:_/PR:_/UI:_/S:_/C:_/I:_/A:_'; + } + //e("E" + a.id).checked = true; + var newVec = vectorString.replace(new RegExp('\\b' + a.name + ':.'), a.name + ':' + a.value); + this.set(newVec); +}; + +CVSS.prototype.set = function(vec) { + var newVec = 'CVSS:3.1/'; + var sep = ''; + for (var m in this.bm) { + var match = (new RegExp('\\b(' + m + ':[' + this.bmgReg[m] + '])')).exec(vec); + if (match !== null) { + var check = match[0].replace(':', ''); + this.bme[check].checked = true; + newVec = newVec + sep + match[0]; + } else if ((m in {C:'', I:'', A:''}) && (match = (new RegExp('\\b(' + m + ':C)')).exec(vec)) !== null) { + // compatibility with v2 only for CIA:C + this.bme[m + 'H'].checked = true; + newVec = newVec + sep + m + ':H'; + } else { + newVec = newVec + sep + m + ':_'; + for (var j in this.bm[m]) { + this.bme[m + j].checked = false; + } + } + sep = '/'; + } + this.update(newVec); +}; + +CVSS.prototype.update = function(newVec) { + this.vector.innerHTML = newVec; + var s = this.calculate(); + this.score.innerHTML = s; + var rating = this.severityRating(s); + this.severity.className = rating.name + ' severity'; + this.severity.innerHTML = rating.name + '' + rating.bottom + ' - ' + rating.top + ''; + this.severity.title = rating.bottom + ' - ' + rating.top; + if (this.options !== undefined && this.options.onchange !== undefined) { + this.options.onchange(); + } +}; diff --git a/haxhq/haxhq/static/cvssjs/cvssicons.png b/haxhq/haxhq/static/cvssjs/cvssicons.png new file mode 100644 index 0000000..3d434cd Binary files /dev/null and b/haxhq/haxhq/static/cvssjs/cvssicons.png differ diff --git a/haxhq/haxhq/static/dark.css b/haxhq/haxhq/static/dark.css new file mode 100644 index 0000000..2e723bd --- /dev/null +++ b/haxhq/haxhq/static/dark.css @@ -0,0 +1,208 @@ +:root { --page-bg-color: #121212; + --header-bg-color: black; + --header-color: #369fc3; + --card-bg-color: #262626; + --darker-card: #1d1d1d; + --text-color: #8f8f8f; + --hover-color: #b4b4b4; + --bg-hover-color: #373737; + --red: #dd3a3a; + --blue: #2e77dd; + --blue-bg: #19437e; + --green: #044c04; + --white-text: #b2b2b2; + --dark-red: #3d0c11; + --hover-bg-red: #3d0c11; + --light-red: #542020; + --internal-bg-color: #545f54; + --internal-bg-color-light: #669966; + --external-bg-color: #645c45; + --external-bg-color-light: #887744; + --crit-bg-color: #65192b; + --high-bg-color: #9b3438; + --medium-bg-color: #a9622f; + --low-bg-color: #ae8c39; + --info-bg-color: #48789d; + } + +::-webkit-scrollbar-track { background: var(--card-bg-color); } +::-webkit-scrollbar-thumb { background: var(--page-bg-color); } +body { scrollbar-color: var(--card-bg-color) var(--page-bg-color); } + +h1, h3, h4, h5 { color: var(--text-color); } + +select, input, +textarea { background-color: var(--card-bg-color); border-color: grey; } +input:focus, +textarea:focus { outline: none !important; border-bottom: 2px solid var(--text-color); } + +p, span, td, th, a, li, +select, input, label, +textarea, legend { color: var(--text-color); } + +#page { background: var(--page-bg-color); } +.logo { width: 160px; height: 65px; margin: 0 auto; background-image: url('/static/img/logo.png'); } +#logo, .logo, +#user-menu img { filter: brightness(70%); } + +#header { background-color: var(--header-bg-color); } +#menu-overlay { background-color: var(--header-bg-color); } +#footer { background-color: var(--header-bg-color); } +.dropdown { background-color: var(--header-bg-color); } +#burgerimg { opacity: 0.5; } +#crossimg { opacity: 0.5; } +.user img { opacity: 0.6; } +#greeting { color: var(--header-color); opacity: 0.6; } +.dropdown li a:link, +.dropdown li a:visited, +.dropdown li a { color: var(--text-color); } +.dropdown li a:hover{ color: var(--hover-color); } + +#user-menu { color: var(--header-color); } +.fromdropdown li a { color: var(--header-color); opacity: 0.5; } +.fromdropdown li a:hover { color: var(--hover-color); } + +#header-menu { filter: brightness(60%); } +.menulink, +.menulink a:link, +.menulink a:visited { color: var(--header-color); } +#header-menu a:hover{ color: var(--header-color); } +.headertext { color: white; opacity: 0.8; } +#header-menu #current + { font-weight: bold; opacity: 1; } +#gethelp { color: var(--text-color); } + +.flash.info { background-color: var(--internal-bg-color); filter: brightness(150%); } +.flash.error { background-color: var(--external-bg-color); filter: brightness(150%); } + +.loginform { background-color: var(--card-bg-color); border-color: grey; } +.mfa_form { background-color: var(--card-bg-color); border-color: grey; } + +#active_engagement { background-color: var(--card-bg-color); } +.eng_form { background-color: var(--card-bg-color); } + +#list_engagements, +.engagement { background-color: var(--darker-card); } + +#show_eng_form { color: var(--white-text); } + +.org_name { font-weight: bold; opacity: 0.8; } +.eng_outline { border-top-color: darkgrey; } + +#list_engagements a:hover, +.engagement a:hover { color: black; opacity: 0.9; } + +.eng_category { font-weight: 500; opacity: 0.8; } + +.update, #libview, +.libsearch { background-color: var(--card-bg-color); } + +.libsearch input, +.libsearch select { border-color: grey; } +.libtitle:hover { background-color: var(--card-bg-color); } +.libentry { color: #4949ff; } +.current_text { color: black; } +.current_text:hover { color: black; } + +#scantype { background-color: var(--external-bg-color); } +.internal { background-color: var(--internal-bg-color); } +.external { background-color: var(--external-bg-color); } +.internal-small { background-color: var(--internal-bg-color-light); color: black; } +.external-small { background-color: var(--external-bg-color-light); color: black; } +.internal p, .external p, .filename, .delscan, +#scantype { color: black; } +.fileupload { background-color: var(--bg-hover-color); color: white; filter: brightness(50%); } + + +.reporting_table th, +#hoststable th { background-color: var(--header-bg-color); color: var(--text-color); } + +#export-txt, +.reporting_table th img, +#repburgerimg, +.check_ok { filter: brightness(60%); } + +.cvssjs label { filter: brightness(80%); } + +.libpending, #load_lib a:link, .libpending a:link, .load_lib a:visited, .libpending a:visited + { color: var(--blue); text-decoration: underline; } + +.libpending.current_text { color: var(--text-color); text-decoration: none; } + +#hoststable td { border-top-color: var(--bg-hover-color); } +.first_row td { border-top-color: grey !important; } +#hoststable tr { background-color: var(--darker-card); } + +.merge, .merge_on { filter: brightness(50%); } + +.hover:hover { background-color: var(--card-bg-color); } + +.linkmenu { color: var(--white-text); background-color: var(--blue-bg); } + +#addhost { background-color: green; color: white; opacity: 0.8; } +.affected_host a, a.affected_host { color: black; } + +.labelled_box { border-color: grey; } + +.wide-card, +#usersettings { background-color: var(--card-bg-color); } + +.overlay { background-color: var(--header-bg-color); opacity: 0.8; } + +.import-file-name { color: var(--text-color); } +.import-status { color: var(--header-bg-color); } + +.upload-bar { background-color: grey; } +.upload-percent { background-color: #4cb04f; filter: brightness(70%); } + +.warning { background-color: #fff9c4; } + +.cefail { background-color: var(--red); } +.ceunknown { background-color: yellow; } + +.button { border-color: grey; } +a:hover.green_btn { color: white; } +.cvssjs input, +.green_btn { background-color: var(--green); color: var(--white-text); border: none; } +.blue_btn { background-color: var(--blue-bg); color: var(--white-text); border: none; } +.red_btn { background-color: var(--light-red); color: var(--white-text); border: none; } +.error { background: #f0d6d6; } +.good { background: #c8e6c9; } +.green { color: green; } +.red { color: var(--red); } +.soft { opacity: 0.9; } +.softer { opacity: 0.8; } + +.Crit { background-color: var(--crit-bg-color); } +.High { background-color: var(--high-bg-color); } +.Medium { background-color: var(--medium-bg-color); } +.Low { background-color: var(--low-bg-color); } +.Info { background-color: var(--info-bg-color); } +.Crit span, p.Crit { color: var(--white-text); font-size: 0.9em; } +.High span, .Medium span, .Low span, .Info span, +p.High, p.Medium, p.Low, p.Info + { color: var(--page-bg-color); font-size: 0.9em; } + +.valid { border-color: green !important; } +.invalid { border-color: var(--red) !important; } +.reqd { border-left-color: var(--red); } + +#timeoutwarn, +.popup { background-color: var(--card-bg-color); } + +/* jQuery UI overrides */ +/* calendar */ +div.ui-widget.ui-widget-content { border-color: var(--page-bg-color); } +div.ui-widget-content { background: var(--page-bg-color); } +.ui-widget-header { border-color: var(--darker-card) !important; background: var(--card-bg-color) !important; } +.ui-state-default { background: var(--card-bg-color) !important; color: var(--text-color) !important; + border-color: var(--darker-card) !important; } +.ui-state-hover { border-color: var(--page-bg-color) !important; background: var(--bg-hover-color) !important; } + +/* autocomplete */ + +li.ui-menu-item { background-color: black; } +.ui-menu.ui-widget-content { background: var(--darker-card); color: var(--text-color); } +.ui-menu.ui-widget.ui-widget-content { border-color: var(--page-bg-color); } +.ui-menu-item-wrapper.ui-state-active { background: var(--bg-hover-color) !important; border-color: var(--card-bg-color) !important; + color: lightgrey !important; } diff --git a/haxhq/haxhq/static/favicon/android-chrome-192x192.png b/haxhq/haxhq/static/favicon/android-chrome-192x192.png new file mode 100644 index 0000000..4807a4c Binary files /dev/null and b/haxhq/haxhq/static/favicon/android-chrome-192x192.png differ diff --git a/haxhq/haxhq/static/favicon/android-chrome-512x512.png b/haxhq/haxhq/static/favicon/android-chrome-512x512.png new file mode 100644 index 0000000..4b0f00b Binary files /dev/null and b/haxhq/haxhq/static/favicon/android-chrome-512x512.png differ diff --git a/haxhq/haxhq/static/favicon/apple-touch-icon.png b/haxhq/haxhq/static/favicon/apple-touch-icon.png new file mode 100644 index 0000000..4807a4c Binary files /dev/null and b/haxhq/haxhq/static/favicon/apple-touch-icon.png differ diff --git a/haxhq/haxhq/static/favicon/favicon-16x16.png b/haxhq/haxhq/static/favicon/favicon-16x16.png new file mode 100644 index 0000000..3eeb84a Binary files /dev/null and b/haxhq/haxhq/static/favicon/favicon-16x16.png differ diff --git a/haxhq/haxhq/static/favicon/favicon-32x32.png b/haxhq/haxhq/static/favicon/favicon-32x32.png new file mode 100644 index 0000000..5f249c7 Binary files /dev/null and b/haxhq/haxhq/static/favicon/favicon-32x32.png differ diff --git a/haxhq/haxhq/static/favicon/favicon.ico b/haxhq/haxhq/static/favicon/favicon.ico new file mode 100644 index 0000000..76924c8 Binary files /dev/null and b/haxhq/haxhq/static/favicon/favicon.ico differ diff --git a/haxhq/haxhq/static/favicon/site.webmanifest b/haxhq/haxhq/static/favicon/site.webmanifest new file mode 100644 index 0000000..45dc8a2 --- /dev/null +++ b/haxhq/haxhq/static/favicon/site.webmanifest @@ -0,0 +1 @@ +{"name":"","short_name":"","icons":[{"src":"/android-chrome-192x192.png","sizes":"192x192","type":"image/png"},{"src":"/android-chrome-512x512.png","sizes":"512x512","type":"image/png"}],"theme_color":"#ffffff","background_color":"#ffffff","display":"standalone"} \ No newline at end of file diff --git a/haxhq/haxhq/static/haxhq.js b/haxhq/haxhq/static/haxhq.js new file mode 100644 index 0000000..d523f23 --- /dev/null +++ b/haxhq/haxhq/static/haxhq.js @@ -0,0 +1,1118 @@ +const base_url = window.location.origin + +if(typeof(String.prototype.trim) === "undefined") { + String.prototype.trim = function() { + return String(this).replace(/^\s+|\s+$/g, ''); + }; +} + +function install_update(pkg) { + $('#update_' + pkg).prop('disabled', true); + $('#update_' + pkg).text('Updating...').removeClass('green_btn').addClass('blue_btn').css('cursor', 'wait'); + var url = '/update/' + pkg; + $.getJSON( url, function( data ) { + if (data.success) { + $('#update_' + pkg).text('Updated').removeClass('blue_btn').addClass('green_btn').css('cursor', 'not-allowed'); + } else { + $('#update_' + pkg).text('Failed').removeClass('blue_btn').addClass('red_btn').css('cursor', 'not-allowed'); + $('#' + pkg + '_error').text(data.error).css('display', 'block'); + } + }); +} + +function load_issue(data) { + let current_user = data.current_user; + let user_list = data.user_list; + let issue = data.issue_versions[current_user]; + if (typeof(issue) == 'undefined') { + issue = data.issue_versions[user_list[0]]; + current_user = user_list[0]; + //console.log('switching current_user to ' + current_user); + } else { + // only show the delete button if the current user has a version of this issue defined + $('#delLib').removeClass('hidden'); + } + + $('#formtitle').text(issue.title); + for (v in issue) { + $('#' + v).val(issue[v]); + } + + $('#altlib').empty(); + for (u in data.issue_versions) { + if (u == current_user) { + $('#altlib').append("" + u + ""); + } else { + let obj = $('', {class: 'libentry', src: u, text: u}) + obj.on('click', function() { + data.current_user = $(this).text(); + load_issue(data); + }); + $('#altlib').append(obj); + } + } + toggle_select_color('#severity'); + toggle_select_color('#exposure'); +} + +function empty_issue() { + $('textarea','#libview').val(''); + $('#altlib').empty(); + $('#formtitle').empty(); + //$('#name').focus(); +} + +function update_severity(cvss_score) { + var cvssmap = { '10': '4', '9': '4', '8': '3', '7': '3', '6': '2', '5': '2', '4': '2', '3': '1', '2': '1', '1': '1', '0': '1'}; + var cvssint; + if (cvss_score == 0) { + $('#severity').val('0').change(); + } else { + cvssint = cvss_score.split('.')[0] + $('#severity').val(cvssmap[cvssint]).change(); + } +} + +function toggle_select_color(el) { + var bodyStyles = window.getComputedStyle(document.body); + let crit = bodyStyles.getPropertyValue('--crit-bg-color'); + let high = bodyStyles.getPropertyValue('--high-bg-color'); + let medium = bodyStyles.getPropertyValue('--medium-bg-color'); + let low = bodyStyles.getPropertyValue('--low-bg-color'); + let info = bodyStyles.getPropertyValue('--info-bg-color'); + let white = bodyStyles.getPropertyValue('--white-text'); + let internal = bodyStyles.getPropertyValue('--internal-bg-color'); + let external = bodyStyles.getPropertyValue('--external-bg-color'); + let grey = bodyStyles.getPropertyValue('--card-bg-color'); + switch ($(el).val()) { + case 'adreview' : + case 'internal' : $(el).css('background-color', internal); + $('.issue_hosts').css('background-color', internal); + $('#issue_hosts').css('background-color', internal); break; + case 'external' : $(el).css('background-color', external); + $('.issue_hosts').css('background-color', external); + $('#issue_hosts').css('background-color', external); break; + case 'selectexp' : $(el).css('background-color', grey); + $('.issue_hosts').css('background-color', grey); + $('#issue_hosts').css('background-color', grey); break; + case '4' : $(el).css({'background-color': crit, 'color': white}); break; + case '3' : $(el).css({'background-color': high, 'color': 'black'}); break; + case '2' : $(el).css({'background-color': medium, 'color': 'black'}); break; + case '1' : $(el).css({'background-color': low, 'color': 'black'}); break; + case '0' : $(el).css({'background-color': info, 'color': 'black'}); break; + } +} + +function confirm_lib_update() { + let confirm_text = ''; + $('.new_scanner_text.current_text').each(function() { + let field = $(this).attr('class').split(/\s+/)[1]; + if (confirm_text != '') { + confirm_text += '\n\n'; + } + confirm_text += 'This will overwrite your ' + field + ' text in library with the new scanner text.'; + }); + $('.old_scanner_text.current_text').each(function() { + let field = $(this).attr('class').split(/\s+/)[1]; + if (confirm_text != '') { + confirm_text += '\n\n'; + } + confirm_text += 'This will overwrite your ' + field + ' text in library with the old scanner text.'; + }); + if (confirm_text != '') { + return confirm(confirm_text); + } else { + return true; + } +} + +$.fn.exists = function () { + return this.length !== 0; +} + +$(window).resize(function() { + hidemobnav(); +}); + +function hidemobnav() { + if ( $('#menu-overlay').is(':visible') ) { + //only hide user menu if popup is on, else it hides the desktop user menu on resize + $('#user-menu').css('visibility', 'hidden'); + } else { + $('#user-menu').css('visibility', 'visible'); + } + if ( $(window).width() < 1080 ) { + $('#burgerimg').show(); + } else { + $('#burgerimg').hide(); + } + + $('#menu-overlay').hide(); + $('#crossimg').hide(); + $('#header-menu').removeAttr('style'); + $('.fromdropdown').removeClass('fromdropdown').addClass('dropdown').removeAttr('style'); +} + +var idleTime = 0; +$(document).ready(function(){ + var bodyStyles = window.getComputedStyle(document.body); + + $('#sendmail').click(function(){ + var href = $(this).attr('href') + '&body=' + $('#message').val().replace(/\n/g, '%0A'); + $(this).attr('href', href); + return true; + }); + //console.log($(window).width()); + if ($('.user').length && $('#timeoutwarn').length) { + let timeout = 120; // 2 min + let timeoutwarn = 60; // 1 min + // Increment the idle time counter every minute. + let idleInterval = setInterval(timerIncrement, 1000); // 1 sec + let idleTime = 0; + // Zero the idle timer on mouse movement. + $('#page').mousemove(function () { idleTime = 0; $('#timeoutwarn').css('visibility', 'hidden'); }); + $('#page').keypress(function () { idleTime = 0; $('#timeoutwarn').css('visibility', 'hidden'); }); + + function timerIncrement() { + idleTime = idleTime + 1; + if ((timeout - idleTime) < timeoutwarn) { + $('#timeoutwarn').css('visibility', 'visible'); + } + console.log(timeout - idleTime); + $('#timeleft').text(timeout - idleTime); + if (idleTime >= timeout) { // 60 minutes + clearInterval(idleInterval); + window.location.href = base_url + '/logout'; + } + } + } + + $('#user-menu').hover(function() { + $('ul.dropdown').css('display', 'block').css('visibility', 'visible'); + }, function() { + $('ul.dropdown').css('display', 'none').css('visibility', 'hidden'); + }); + + $('#burgerimg').click(function(){ + $('#menu-overlay').css({'display': 'block', 'z-index': '10'}); + $('#crossimg').css('display', 'block'); + $('#burgerimg').hide(); + $('#header-menu').css('display', 'flex'); + + }); + $('#crossimg').click(function(){ + hidemobnav(); + $('#user-menu').css('visibility', 'hidden'); + }); + $('#usermenulink').click(function(){ + $('#header-menu').removeAttr('style'); + $('#user-menu').css('visibility', 'visible'); + $('.dropdown').addClass('fromdropdown').removeClass('dropdown').css('display', 'flex'); + $('.fromdropdown').css('visibility', 'visible'); + }); + + // confirmations + $('.confirm').on('click', function() { + var message = 'Are you sure?'; + if ( $("#current").text() == 'Reporting' ) { + message = 'This will reset changes you have made to issues, including details added or issues merged/deleted'; + } else if ( $("#current").text() == 'Engagement' ) { + message = 'This engagement will be permanently deleted'; + } + return confirm(message); + }); + + // input validation + //console.log($('.validate input[type=text]')); + $(".validate").on('blur', function() { + validate(this); + }); + + $("#toggler").click(function(){ + $(":checkbox").prop('checked', this.checked); + }); + + $('#gethelp').click(function() { + $('#contact-popup, .overlay').css('display', 'block'); + $('#contact-popup')[0].scrollIntoView({ block: 'center' }); + }); + + $('#getlogs').click(function() { + var lines = [$('#message').val(),'','','']; + $.ajaxSetup({ async: false }); + $.getJSON( "/getlogs", function( data ) { + $.each( data, function( i, logline ) { + lines.push( logline ); + console.log(logline); + }); + }); + console.log(lines); + console.log(lines.join('\n')); + + $('#message').val(lines.join('\n')); + $.ajaxSetup({ async: true }); + return false; + }); + + $('#getupdates').click(function() { + $('#updates-popup, .overlay').css('display', 'block'); + $('#updates-popup')[0].scrollIntoView({ block: 'center' }); + $('#updates-content').empty(); + var updatetypes = ['HaxHQ', 'Python', 'OS']; + var i = 0; + $('#updates-status').html('

Checking for ' + updatetypes[i] + ' updates...

'); + function check_updates(updatetype) { + $.ajax({ + dataType: "html", + url: '/get_updates/' + updatetype, + success: function(data) { + if (data.startsWith('')) { + window.location.href = base_url + '/login' + } else { + $(data).appendTo('#updates-content'); + $('#update_' + updatetype).on('click', function() { install_update(updatetype); } ); + i += 1; + if (i < updatetypes.length) { + $('#updates-status').html('

Checking for ' + updatetypes[i] + ' updates...

'); + check_updates(updatetypes[i]); + } else { + $('#updates-status').empty(); + } + } + } + }); + } + check_updates(updatetypes[i]); + }); + + $('.close-popup').click(function() { + $('#message').val(''); + $('.popup, .overlay').removeAttr('style'); + }); + + if (( $("#current").text() == 'Reporting' && !$('#reportmenu').length )|| $("#current").text() == 'Library') { + //CVSS calculator for edit issue form + var c = new CVSS("cvss-calc-container", { + onchange: function() { + if ($('input:checked, #cvssjs').length == 8) { + $('input[type=submit], #cvssjs').val('Save'); + } + }, + onsubmit: function() { + var cvss3 = c.get(); + $('#cvss3').val(cvss3.score); + $('#cvss3_vector').val(cvss3.vector); + // submit also used as a cancel button + if (cvss3.score != '?' && cvss3.score != '') { + update_severity(cvss3.score); + } + $('#cvss-calc-container, .overlay').css('display', 'none'); + return false; + } + }); + + $('#cvss-calc').click(function(){ + if ($('#cvss3_vector').val()) { + c.set($('#cvss3_vector').val()); + } + $('#cvss-calc-container, .overlay').css('display', 'block'); + }); + + // dont submit form if enter is pressed in the cvss field + $('#cvss').keypress(function(event){ + if (event.which == '13') { + event.preventDefault(); + } + }); + } + + if ( $("#current").text() == 'Engagement' ) { + // only run on engagement page + let bgcolor = bodyStyles.getPropertyValue('--darker-card'); + let hovercolor = bodyStyles.getPropertyValue('--card-bg-color'); + let hoverred = bodyStyles.getPropertyValue('--hover-bg-red'); + + $('.confirm').hover( + function() { $(this).parents('.engagement').css('background-color', hoverred); }, + function() { $(this).parents('.engagement').css('background-color', bgcolor); } + ); + + $('.eng_link').hover( + function() { $(this).parents('.engagement, #list_engagements').css('background-color', hovercolor); }, + function() { $(this).parents('.engagement, #list_engagements').css('background-color', bgcolor); } + ); + + $('#show_secondary').click(function() { + $('.secondary_contact').removeClass('hidden'); + $('#show_secondary').hide(); + }); + + $('#mk_dummy').click(function() { + eng_type = $('#test_type').val() + //if (typeof(eng_type) == 'undefined') { + // eng_type = 'audit'; + //} + window.location.href = base_url + '/dummy_eng?eng_type=' + eng_type + }); + + $('#show_eng_form').click(function() { + $('#eng_form').css('display', 'block').css('z-index','12') + .css('position', 'absolute').css('top', '100px').css('left', 'auto') + .css('width', '90%'); + $('#eng_buttons').css('display', 'none'); + $('.overlay').css('display', 'block'); + $('#content').css('margin-top', '20px'); + }); + + $('#cancel_new_eng').click(function() { + $('#eng_form, #content, #eng_buttons, .overlay').removeAttr('style'); + return false; + }); + + $('#show_eng_list').click(function() { + if ($('#show_eng_list').text() == 'Show all engagements') { + $('.engagement.hidden').removeClass('hidden'); + $('#show_eng_list').text('Hide old engagements'); + $('.engagement').css('display', 'flex'); + } else { + $('.engagement').removeAttr('style'); + let num2hide = $('.engagement').length - 4; + $('.engagement').slice(-num2hide).addClass('hidden'); + $('#show_eng_list').text('Show all engagements'); + } + $('#list_engagements').css('background-color', '#798994'); + return false; + }); + + } else if ( $("#current").text() == 'Reporting' ) { + // only run on Reporting page + toggle_select_color('#exposure'); + toggle_select_color('#severity'); + //$('#affected_wrapper').width($('#vuln_affected').width()); + + let bgcolor = bodyStyles.getPropertyValue('--darker-card'); + $('#reporting_burger').click(function() { + $('#reportmenu').css('flex-direction', 'column').css('gap', '2em').css('align-items', 'center').css('max-width', '450px') + .css('position', 'absolute').css('top', '160px').css('left', '50%').css('transform', 'translate(-50%)') + .css('z-index', '100').css('background', bgcolor).css('border-radius', '5px') + .css('padding', '10px 5px 2em'); + $('.optblock, .overlay, #hide_repmenu').css('display', 'block'); + $('#reporting_burger').css('display', 'none'); + }); + + $('#hide_repmenu').click(function() { + $('#reportmenu, .optblock, .overlay, #hide_repmenu, #reporting_burger').removeAttr('style'); + return false; + }); + + $("#generate_report").click(function(e){ + e.preventDefault(); + window.location.href = base_url + '/generate_report?reportby=' + $('#current_reportby').text(); + }); + + $("#reportby_link").click(function(){ + current_reportby = $('#current_reportby').text() + reportby_changeto = $('#reportby_changeto').text() + $('#current_reportby').text(reportby_changeto) + $('#reportby_changeto').text(current_reportby) + return false + }); + + $('#exposure').change(function(){ toggle_select_color('#exposure'); }); + $('#severity').change(function(){ toggle_select_color('#severity'); }); + + $('#show_addhost').on('click', function() { + $('#addhost').val('Save'); + if ($('#show_addhost').text() == 'Add host') { + $('#vuln_affected').animate({scrollTop:8000000}); //arbitrary number exceeding any expected height + $('#addissuehost_tr').removeClass('hidden'); + $('#show_addhost').text('Cancel'); + $('#ip0').focus(); + } else { + $('#addissuehost_tr').addClass('hidden'); + $('#show_addhost').text('Add host'); + } + return false; + }); + + $('#addhost').on('click', function() { + // if adding host to an existing vuln + if ( $('#vuln_title').length ) { + $('.affected_host>input:not(:submit)').each(function(){ + validate(this); + }); + if ($(".invalid").exists()) { + return false; + } else { + $('#addhostform').submit(); + } + // if adding host as part of a new (manual) issue + } else { + xtra_host = $('.issue_hosts:first').clone(); + cancellink = $("").attr("href", "#").attr("class", "hidehost").text('Cancel'); + cancellink.click(function(){ $(this).parents('.issue_hosts').remove() }); + xtra_host.children('#addhost').replaceWith(cancellink); + xtra_host.children('#csrf_token').remove(); + + n = $('.issue_hosts').length; + xtra_host.children('input').each(function(){ + idstr = $(this).attr('id').slice(0, -1) + n; + $(this).attr('id', idstr); + $(this).attr('name', idstr); + $(this).on('blur', function() {validate(this)}); + }); + xtra_host.children('label').each(function(){ + forstr = $(this).attr('for') + n + $(this).attr('for', forstr) + }); + xtra_host.insertAfter('.issue_hosts:last') + return false + } + }); + + + $('.delete').hover( + function() { + $(this).parents('tr').css('background-color', '#ff6868'); + }, + function() { $(this).parents('tr').css('background-color', $('#vuln_affected').css('background-color')); } + ); + + //TODO add the hidden title input in forms.py + let title = $('#vuln_title').text(); + input = $("").attr("type", "hidden").attr("name", "title").val(title); + $('#issueeditor').append(input); + + $('.libpending').click(function(){ + let classlist = $(this).attr('class').split(/\s+/); + // this will break if the order in which the classes are assigned in jinja is changed + let field = classlist[1] + let type = classlist[2] + $('.libpending.' + field).removeClass('current_text'); + if (type == 'old_scanner_text') { + $(this).addClass('current_text'); + let container = $('.hidden.old_scanner_text.'+ field); + $('#' + field).text(container.text()); + } else if (type == 'new_scanner_text') { + $(this).addClass('current_text'); + let container = $('.hidden.new_scanner_text.'+ field); + $('#' + field).text(container.text()); + } else { + $(this).addClass('current_text'); + let container = $('.hidden.libtext.'+ field); + $('#' + field).text(container.text()); + } + return false; + }); + + $("#saveRep").click(function(){ + $(".validate:not(:hidden)").each(function(){ + validate(this); + }); + if ($(".invalid").exists()) { + $('html, body').animate({ scrollTop: $($(".invalid")[0]).offset().top - 120 }, 0); + return false; + } + input = $("").attr("type", "hidden").attr("name", "cmd").val("saverep"); + $('#issueeditor').append(input); + $("#issueeditor").submit(); + }); + + $("#delRep").click(function(){ + let input = $("").attr("type", "hidden").attr("name", "cmd").val("delrep"); + $('#issueeditor').append(input); + $("#issueeditor").submit(); + }); + $("#getMerge").click(function(){ + window.location.href = base_url + '/get_merges/' + $('#iid').val(); + }); + $("#saveLib").click(function(){ + if (confirm_lib_update() == false) { return false; } + //console.log('saving') + $(".validate:not(:hidden)").each(function(){ + validate(this); + }); + if ($(".invalid").exists()) { + //console.log($(".invalid")) + $('html, body').animate({ scrollTop: $($(".invalid")[0]).offset().top - 120 }, 0); + return false; + } + let input = $("").attr("type", "hidden").attr("name", "cmd").val("savelib"); + $('#issueeditor').append(input); + $("#issueeditor").submit(); + }); + $("#saveRepLib").click(function(){ + if (confirm_lib_update() == false) { return false; } + $(".validate:not(:hidden)").each(function(){ + validate(this); + }); + if ($(".invalid").exists()) { + $('html, body').animate({ scrollTop: $($(".invalid")[0]).offset().top - 120 }, 0); + return false; + } + let input = $("").attr("type", "hidden").attr("name", "cmd").val("savereplib"); + $('#issueeditor').append(input); + $("#issueeditor").submit(); + }); + + if ( $("#page_title").text() == 'Add finding' ) { + // only run on Add issue page + $( "#name" ).autocomplete({ + source: function(request, response) { + $.getJSON('get/titlelist', { 'term': $('#name').val(), + 'type': $('#exposure').val()}, + response); + }, + + minLength: 3, + select: function( event, ui ) { + $.ajax({ + dataType: "json", + url: base_url + "/get/lib_issue", + data: {title: ui.item.value}, + success: function(data){ load_issue(data); }, + global: false, + }); + } + }); + + } else if ( $('#issueeditor').length ) { + // runs whenever editing issues - in library, while reporting or creating new + $( "#discoverability" ).autocomplete({ + source: base_url + "/get/discoverabilitylist", + minLength: 3 + }); + $( "#exploitability" ).autocomplete({ + source: base_url + "/get/exploitabilitylist", + minLength: 3 + }); + } + } else if ( $("#current").text() == 'Hacking' ) { + // only run on Hacking pages + let bgcolor = bodyStyles.getPropertyValue('--darker-card'); + let hovercolor = bodyStyles.getPropertyValue('--card-bg-color'); + $('#scantype').change(function(){ toggle_select_color('#scantype') }); + + $('#xmlform').submit(function(e){ + e.preventDefault(); + upload_files(); + return false; + }); + + $('tr').hover( + function() { + let hid = $(this).attr('hid'); + if (typeof(hid) != 'undefined') { + $('tr[hid=' + hid + ']').css({'background-color': hovercolor}).click(function() { + window.location.href = base_url + '/hacking/' + hid; + }); + } + }, + function() { + let hid = $(this).attr('hid'); + if (typeof(hid) != 'undefined') { + $('tr[hid=' + hid + ']').removeAttr('style'); + } + } + ); + + let hoverred = bodyStyles.getPropertyValue('--light-red'); + let textcolor = bodyStyles.getPropertyValue('--text-color'); + $('.delscan').hover( + function() { + bgcolor = $(this).parents('.impt_file').css('background-color', hoverred); + $(this).css('color', textcolor); + $(this).prev('.filename').css('color', textcolor); + }, + function() { + $(this).removeAttr('style'); + $(this).prev('.filename').removeAttr('style'); + $(this).parents('.impt_file').removeAttr('style'); + } + ); + + //$('.filename').hover( + // function() { + // bgcolor = $(this).parents('.impt_file').css('background-color'); + // $(this).parents('.impt_file').css('background-color', '#fbf4e0'); + // }, + // function() { $(this).parents('.impt_file').css('background-color', bgcolor); } + //); + + $( "#host" ).autocomplete({ + minLength: 0, + source: function( request, response ) { + var qdata = {'host': ''}; + $('.filter').each(function() { + if ($(this).val()) { + qdata[$(this).attr('id')] = $(this).val(); + } + }); + + $.ajax({ + url: base_url + "/get/hostlist", + data: qdata, + success: function(data){ + response(data); + }, + error: function(jqXHR, textStatus, errorThrown){ + document.location.reload(); + }, + dataType: 'json' + }); + } + }).focus(function() { + $(this).autocomplete("search"); + }); + $( "#port" ).autocomplete({ + minLength: 1, + source: function( request, response ) { + var qdata = {}; + $('.filter').each(function() { + if ($(this).val()) { + qdata[$(this).attr('id')] = $(this).val(); + } + }); + $.ajax({ + url: base_url + "/get/portlist", + data: qdata, + success: function(data){ + response(data); + }, + error: function(jqXHR, textStatus, errorThrown){ + document.location.reload(); + }, + dataType: 'json' + }); + } + }); + $( "#service" ).autocomplete({ + minLength: 1, + source: function( request, response ) { + var qdata = {}; + $('.filter').each(function() { + if ($(this).val()) { + qdata[$(this).attr('id')] = $(this).val(); + } + }); + $.ajax({ + url: base_url + "/get/servicelist", + data: qdata, + success: function(data){ + response(data); + }, + error: function(jqXHR, textStatus, errorThrown){ + document.location.reload(); + }, + dataType: 'json' + }); + } + }); + $( "#software" ).autocomplete({ + minLength: 1, + source: function( request, response ) { + var qdata = {}; + $('.filter').each(function() { + if ($(this).val()) { + qdata[$(this).attr('id')] = $(this).val(); + } + }); + $.ajax({ + url: base_url + "/get/softwarelist", + data: qdata, + success: function(data){ + response(data); + }, + error: function(jqXHR, textStatus, errorThrown){ + document.location.reload(); + }, + dataType: 'json' + }); + } + }); + $( "#findings" ).autocomplete({ + minLength: 1, + source: function( request, response ) { + var qdata = {}; + $('.filter').each(function() { + if ($(this).val()) { + qdata[$(this).attr('id')] = $(this).val(); + } + }); + $.ajax({ + url: base_url + "/get/vulnlist", + data: qdata, + success: function(data){ + response(data); + }, + error: function(jqXHR, textStatus, errorThrown){ + document.location.reload(); + }, + dataType: 'json' + }); + } + }).focus(function() { + $(this).autocomplete("search"); + }); + + $("#export-txt").click(function(e){ + e.preventDefault(); + window.location.href = base_url + '/export_iplist?host=' + $('#host').val() + + '&port=' + $('#port').val() + + '&service=' + $('#service').val() + + '&software=' + $('#software').val() + + '&findings=' + $('#findings').val(); + //var qdata = { 'csrf_token': $('#csrf_token').val() }; + //$('.filter').each(function() { + // qdata[$(this).attr('id')] = $(this).val(); + //}); + //$.post("/export_iplist", qdata); + }); + } else if ( $("#current").text() == 'Stats' ) { + // only run on Stats page + $( "#title" ).autocomplete({ + source: function(request, response) { + $.getJSON('get/stat_titlelist', { 'term': $('#title').val(), + 'exposure': $('#exposure').val(), + 'stat_from': $('#stat_from').val(), + 'stat_to': $('#stat_to').val() }, + response); + }, + minLength: 3 + }); + } else if ( $("#current").text() == 'Library' ) { + // only run on Library page + empty_issue(); + toggle_select_color('#severity'); + toggle_select_color('#exposure'); + + $('#exposure').change(function(){ toggle_select_color('#exposure'); }); + $('#severity').change(function(){ toggle_select_color('#severity'); }); + + $( "#libsearchstr" ).autocomplete({ + source: function(request, response) { + $.getJSON('get/titlelist', { 'term': $('#libsearchstr').val(), + 'type': $('#libsearchtype').val() }, + response); + }, + minLength: 3 + }).focus(function() { + $(this).select(); + }); + + $('#libnew').click(function(){ + $('textarea','#libview').val(''); + $('#altlib').empty(); + $('#formtitle').empty(); + $('#name').focus(); + return false; + }); + + $(".libtitle").click(function(e){ + $.ajax({ + dataType: "json", + url: base_url + "/get/lib_issue", + data: {title: $(e.target).children('span').last().text(), + exposure: $(e.target).children('span').first().text()}, + success: function(data){ load_issue(data); }, + global: false, + }); + }); + + if ($(".libtitle").length == 1) { + $.ajax({ + dataType: "json", + url: base_url + "/get/lib_issue", + data: {title: $('.libtitle').first().children('span').last().text(), + exposure: $('.libtitle').first().children('span').first().text()}, + success: function(data){ load_issue(data); }, + global: false, + }); + } + + $("#saveLib").click(function(){ + //console.log('saving') + $(".validate:not(:hidden)").each(function(){ + validate(this); + }); + if ($(".invalid").exists()) { + //console.log($(".invalid")) + $('html, body').animate({ scrollTop: $($(".invalid")[0]).offset().top - 120 }, 0); + return false; + } + let input = $("").attr("type", "hidden").attr("name", "cmd").val("savelib"); + $('#libeditor').append(input); + $("#libeditor").submit(); + }); + + $("#saveRepLib").click(function(){ + $(".validate:not(:hidden)").each(function(){ + validate(this); + }); + if ($(".invalid").exists()) { + $('html, body').animate({ scrollTop: $($(".invalid")[0]).offset().top - 120 }, 0); + return false; + } + let input = $("").attr("type", "hidden").attr("name", "cmd").val("savereplib"); + $('#libeditor').append(input); + $("#libeditor").submit(); + }); + + $('#delLib').click(function(){ + let input = $("").attr("type", "hidden").attr("name", "cmd").val("dellib"); + $('#libeditor').append(input); + $("#libeditor").submit(); + + }); + + } else if ( $("#page-title").text() == 'Administration' ) { + // only run on administration & usersettings pages + $('#adduser').click(function() { + $.ajax({ + dataType: "HTML", + url: base_url + "/manage_users", + success: function(formhtml){ + $('#user-popup-content').html(formhtml); + }, + global: false, + }); + $('#adduser-popup').css('display', 'block').css('z-index', 12); + $('.overlay').css('display', 'block'); + }); + + $('button#addlicense').click(function() { + $('#message').val('We have grown 🎉 and need to purchase additional licenses!') + $('#contact-popup, .overlay').css('display', 'block'); + $('#contact-popup')[0].scrollIntoView({ block: 'center' }); + }); + + $('.edituser').click(function() { + $('#adduser-popup').css('display', 'block').css('z-index', 12); + $('.overlay').css('display', 'block'); + var uid = $(this).attr('uid'); + + $.ajax({ + dataType: "HTML", + url: base_url + "/manage_users", + data: 'user_id=' + uid, + success: function(formhtml){ + $('#user-popup-content').html(formhtml); + }, + global: false, + }); + return false; + }); + + $('#init-ca').click(function() { + return confirm('You are about to delete the existing CA and create a new one.\n\nOnce that is done you will be able to issue new client certificates and enable certificate authentication again.'); + }); + + $('.close-popup').click(function() { + // popup already cleared above, just reset form + $('.uiclr').val(''); + $('#admin').prop('checked', false); + }); + + } else if ( $("#page-title").text() == 'User settings' ) { + $('#getcert').click(function() { + var confirm_text = ''; + if ($(this).val() == 'Issue') { + confirm_text = 'A new certificate will be generated, please save it to a suitable location.\n\nIt will be encrypted with the certificate password you entered. You will need to provide this password when installing the certificate in your browser.' + } else if ($(this).val() == 'Renew') { + confirm_text += '\n\nThe old certificate will be revoked automatically the next time you use this new certificate to log in.' + } else if ($(this).val() == 'Download') { + confirm_text = 'You are about to download your more recent certificate, please save it to a suitable location.' + confirm_text += '\n\nThe old certificate will be revoked automatically the next time you use this new certificate to log in.' + } else { + console.log($(this).val()); + } + return confirm(confirm_text); + }); + $('#certpassform').submit(function() { + $('#getcert').attr('disabled', true).css('cursor', 'not-allowed'); + return true; + }); + } else if ( $('#usetoken').length ) { + // only run on usetoken page + setTimeout(function() { + window.location.href = base_url + '/usersettings'; + }, 1000); + } + + $( ".datepicker" ).datepicker({ dateFormat:'d/m/yy', firstDay: 1 }); + + $('.merge_on').change(function() { + iid = this.name.split('_')[2]; + let this_status = $(this).prop('checked') + $('.merge_on').prop('checked', false); + $('.merge_on').parents('td').siblings().css('font-weight', '400'); + $('.merge').removeAttr('disabled'); + $(this).prop('checked', this_status); + if (this_status) { + $('.merge[name=' + iid + ']').prop('checked', false); + $('.merge[name=' + iid + ']').attr('disabled', true); + $(this).parents('td').siblings().css('font-weight', '700'); + } else { + $(this).parents('td').siblings().css('font-weight', '400'); + } + action = base_url + '/merge_issues/' + iid; + $(this).parents('form').prop('action', action); + }); + $('.merge').change(function() { + if ($(this).prop('checked')) { + $(this).parents('td').siblings().css('opacity', '0.6'); + } else { + $(this).parents('td').siblings().css('opacity', '1'); + } + }); +}); + +function toggle_checkboxes(source) { + inputs = document.getElementsByTagName('input'); + for(let input in inputs) { + if (input.getAttribute('type') == 'checkbox') { + input.checked = source.checked; + } + } +} + +function validate(input) { + if ((!$(input).prop('required') && !$(input).val()) || !$(input).is('visible') ) { + console.log('ok') + return true; + } + console.log($(input)) + let rgxp; + let iprgxp = /^ip\d*/ + switch (input.name) { + case 'user' : + case 'username' : + case 'contact1_email' : + case 'contact2_email' : rgxp = /^[a-z0-9\._'-]{1,48}@[a-z0-9\.-]{4,48}$/i; return rgx_test(rgxp, input); break; + + case 'nickname' : rgxp = /^[0-9a-zA-Z \._'-]{1,20}$/; return rgx_test(rgxp, input); break; + + case 'org_name' : + case 'contact1_name' : + case 'contact1_role' : + case 'contact2_name' : + case 'contact2_role' : rgxp = /^[a-zA-Z0-9.'_()":, -]{2,64}$/; return rgx_test(rgxp, input); break; + + case 'phone' : + case 'contact1_phone' : + case 'contact2_phone' : rgxp = /^[0-9 +().-]{6,20}$/; return rgx_test(rgxp, input); break; + + case 'target_subnets' : rgxp = /^[0-9.,\s\/]{7,}/; return rgx_test(rgxp, input); break; + case 'target_urls' : rgxp = /^[A-Za-z0-9._~:\/?#\[\]@!$&'()\*\+,;%=\s]{4,}$/; return rgx_test(rgxp, input); break; + + case 'protocol0' : + case 'protocol1' : + case 'protocol2' : + case 'protocol3' : + case 'protocol4' : + case 'protocol' : rgxp = /^[a-zA-Z]{2,12}$/; return rgx_test(rgxp, input); break; + case 'port0' : + case 'port1' : + case 'port2' : + case 'port3' : + case 'port4' : + case 'port' : rgxp = /^[0-9]{1,5}$/; return rgx_test(rgxp, input); break; + // try to get dynamic match to work + // case /^ip\d*/.test(input.name) or similar + case 'ip' : + case 'ip0' : + case 'ip1' : + case 'ip2' : + case 'ip3' : + case 'ip4' : + case 'ip5' : + case 'ip6' : + case 'ip7' : + case 'ip8' : + case 'ip9' : + case 'ip10' : rgxp = /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/; return rgx_test(rgxp, input); break; + case 'name' : rgxp = /^.{3,255}$/; return rgx_test(rgxp, input); break; + case 'severity' : rgxp = /^[0-4]$/; return rgx_test(rgxp, input); break; + case 'description' : rgxp = /^.{3,}/; return rgx_test(rgxp, input); break; + case 'remediation' : rgxp = /^.{3,}/; return rgx_test(rgxp, input); break; + case 'compliance' : rgxp = /^.{6,7}$/; return rgx_test(rgxp, input); break; + case 'hostname0' : + case 'hostname1' : + case 'hostname2' : + case 'hostname3' : + case 'hostname4' : + case 'hostname5' : + case 'hostname6' : + case 'hostname7' : + case 'hostname8' : + case 'hostname9' : + case 'hostname10' : rgxp = /^[a-z][a-z0-9.-]{3,64}/; return rgx_test(rgxp, input); break; + } +} + +function rgx_test(rgx, input) { + if (rgx.test(input.value)) { + $(input).removeClass('invalid'); + $(input).addClass('valid'); + return true; + } else { + $(input).removeClass('valid'); + $(input).addClass('invalid'); + return false; + } +} + +function upload_files() { + let files = $('#scanfile').prop('files'); + let imported = 0; + $('#progress-panel, .overlay').css('display', 'block'); + $('#progress-panel').css('z-index', 100) + $('#progress-panel')[0].scrollIntoView({ block: 'center' }); + for ( let i = 0; i < files.length; i++) { + let fd = new FormData(); + fd.set( 'scanfile', files[i] ); + fd.set( 'csrf_token', $('#csrf_token').val() ); + fd.set( 'scantype', $('#scantype').val() ); + fd.set( 'filecount', files.length ); + let progressbar = "

" + files[i].name + "

uploading

"; + $('#progress-panel-grid').append(progressbar); + + $.ajax({ + xhr: function() { + let xhr = new window.XMLHttpRequest(); + + xhr.upload.addEventListener("progress", function(evt) { + if (evt.lengthComputable) { + let percentComplete = evt.loaded / evt.total; + percentComplete = parseInt(percentComplete * 100) + '%'; + $('#uploaded-' + i).css('width', percentComplete); + if (percentComplete === '100%') { + $('#status-' + i).text('processing'); + } + } + }, false); + + return xhr; + }, + url: base_url + '/upload_file', + type: "POST", + data: fd, + processData: false, + contentType: false, + timeout: 240000, // 4 min + success: function(data) { + let result = jQuery.parseJSON(data); + if (result.error == false) { + $('#status-' + i).text('done (' + result['import_time'] + 's)'); + } else { + //console.log('error: ' + files[i].name); + $('#status-' + i).text('error').addClass('red'); + } + imported++; + if (imported == files.length) { + window.location.href = base_url + '/hacking/main'; + } + } + }); + } +} diff --git a/haxhq/haxhq/static/images b/haxhq/haxhq/static/images new file mode 120000 index 0000000..7934034 --- /dev/null +++ b/haxhq/haxhq/static/images @@ -0,0 +1 @@ +jquery-ui-1.13.2.custom/images \ No newline at end of file diff --git a/haxhq/haxhq/static/img/burger-white.png b/haxhq/haxhq/static/img/burger-white.png new file mode 100644 index 0000000..8391b88 Binary files /dev/null and b/haxhq/haxhq/static/img/burger-white.png differ diff --git a/haxhq/haxhq/static/img/burger.png b/haxhq/haxhq/static/img/burger.png new file mode 100644 index 0000000..0273929 Binary files /dev/null and b/haxhq/haxhq/static/img/burger.png differ diff --git a/haxhq/haxhq/static/img/calc-small-grey.svg b/haxhq/haxhq/static/img/calc-small-grey.svg new file mode 100644 index 0000000..3beaab2 --- /dev/null +++ b/haxhq/haxhq/static/img/calc-small-grey.svg @@ -0,0 +1,129 @@ + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + diff --git a/haxhq/haxhq/static/img/calc-small-light.svg b/haxhq/haxhq/static/img/calc-small-light.svg new file mode 100644 index 0000000..6ddd20c --- /dev/null +++ b/haxhq/haxhq/static/img/calc-small-light.svg @@ -0,0 +1,129 @@ + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + diff --git a/haxhq/haxhq/static/img/calc-small.svg b/haxhq/haxhq/static/img/calc-small.svg new file mode 100644 index 0000000..271d02c --- /dev/null +++ b/haxhq/haxhq/static/img/calc-small.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/haxhq/haxhq/static/img/check_auto_ok.png b/haxhq/haxhq/static/img/check_auto_ok.png new file mode 100644 index 0000000..6d01b6e Binary files /dev/null and b/haxhq/haxhq/static/img/check_auto_ok.png differ diff --git a/haxhq/haxhq/static/img/check_ok.png b/haxhq/haxhq/static/img/check_ok.png new file mode 100644 index 0000000..14f637e Binary files /dev/null and b/haxhq/haxhq/static/img/check_ok.png differ diff --git a/haxhq/haxhq/static/img/checkmark.png b/haxhq/haxhq/static/img/checkmark.png new file mode 100644 index 0000000..3d5971c Binary files /dev/null and b/haxhq/haxhq/static/img/checkmark.png differ diff --git a/haxhq/haxhq/static/img/cross.png b/haxhq/haxhq/static/img/cross.png new file mode 100644 index 0000000..a91a4c9 Binary files /dev/null and b/haxhq/haxhq/static/img/cross.png differ diff --git a/haxhq/haxhq/static/img/downloads_dark.svg b/haxhq/haxhq/static/img/downloads_dark.svg new file mode 100644 index 0000000..58c6d86 --- /dev/null +++ b/haxhq/haxhq/static/img/downloads_dark.svg @@ -0,0 +1,69 @@ + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + diff --git a/haxhq/haxhq/static/img/downloads_white.svg b/haxhq/haxhq/static/img/downloads_white.svg new file mode 100644 index 0000000..4cde6e4 --- /dev/null +++ b/haxhq/haxhq/static/img/downloads_white.svg @@ -0,0 +1,69 @@ + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + diff --git a/haxhq/haxhq/static/img/hackercat_giphy.webp b/haxhq/haxhq/static/img/hackercat_giphy.webp new file mode 100644 index 0000000..16b6a47 Binary files /dev/null and b/haxhq/haxhq/static/img/hackercat_giphy.webp differ diff --git a/haxhq/haxhq/static/img/header.png b/haxhq/haxhq/static/img/header.png new file mode 100644 index 0000000..7bb7dc3 Binary files /dev/null and b/haxhq/haxhq/static/img/header.png differ diff --git a/haxhq/haxhq/static/img/loading.gif b/haxhq/haxhq/static/img/loading.gif new file mode 100644 index 0000000..a3fd502 Binary files /dev/null and b/haxhq/haxhq/static/img/loading.gif differ diff --git a/haxhq/haxhq/static/img/logo.png b/haxhq/haxhq/static/img/logo.png new file mode 100644 index 0000000..644a857 Binary files /dev/null and b/haxhq/haxhq/static/img/logo.png differ diff --git a/haxhq/haxhq/static/img/logo_white.png b/haxhq/haxhq/static/img/logo_white.png new file mode 100644 index 0000000..3573c29 Binary files /dev/null and b/haxhq/haxhq/static/img/logo_white.png differ diff --git a/haxhq/haxhq/static/img/red_cross.png b/haxhq/haxhq/static/img/red_cross.png new file mode 100644 index 0000000..af7ed5d Binary files /dev/null and b/haxhq/haxhq/static/img/red_cross.png differ diff --git a/haxhq/haxhq/static/img/square.png b/haxhq/haxhq/static/img/square.png new file mode 100644 index 0000000..e0012b8 Binary files /dev/null and b/haxhq/haxhq/static/img/square.png differ diff --git a/haxhq/haxhq/static/img/trans.png b/haxhq/haxhq/static/img/trans.png new file mode 100644 index 0000000..2ceca52 Binary files /dev/null and b/haxhq/haxhq/static/img/trans.png differ diff --git a/haxhq/haxhq/static/img/unlocked.svg b/haxhq/haxhq/static/img/unlocked.svg new file mode 100644 index 0000000..d1c3e56 --- /dev/null +++ b/haxhq/haxhq/static/img/unlocked.svg @@ -0,0 +1,48 @@ + + + + + + + + + + + + + diff --git a/haxhq/haxhq/static/img/usericon.png b/haxhq/haxhq/static/img/usericon.png new file mode 100644 index 0000000..11b5f1e Binary files /dev/null and b/haxhq/haxhq/static/img/usericon.png differ diff --git a/haxhq/haxhq/static/img/usermenu.png b/haxhq/haxhq/static/img/usermenu.png new file mode 100644 index 0000000..7bdc32b Binary files /dev/null and b/haxhq/haxhq/static/img/usermenu.png differ diff --git a/haxhq/haxhq/static/jquery-3.6.1.min.js b/haxhq/haxhq/static/jquery-3.6.1.min.js new file mode 100644 index 0000000..2c69bc9 --- /dev/null +++ b/haxhq/haxhq/static/jquery-3.6.1.min.js @@ -0,0 +1,2 @@ +/*! jQuery v3.6.1 | (c) OpenJS Foundation and other contributors | jquery.org/license */ +!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,y=n.hasOwnProperty,a=y.toString,l=a.call(Object),v={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.6.1",S=function(e,t){return new S.fn.init(e,t)};function p(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp(F),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+F),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&v(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!y||!y.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&(U.test(t)||z.test(t))){(f=ee.test(t)&&ve(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){N(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return g(t.replace(B,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ye(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ve(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:p;return r!=C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.createElement("div")),"undefined"!=typeof e.querySelectorAll&&!e.querySelectorAll(":scope fieldset div").length}),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=S,!C.getElementsByName||!C.getElementsByName(S).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],y=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){var t;a.appendChild(e).innerHTML="",e.querySelectorAll("[msallowcapture^='']").length&&y.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||y.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+S+"-]").length||y.push("~="),(t=C.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||y.push("\\["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||y.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||y.push(".#.+[+~]"),e.querySelectorAll("\\\f"),y.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&y.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&y.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&y.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),y.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",F)}),y=y.length&&new RegExp(y.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),v=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},j=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&v(p,e)?-1:t==C||t.ownerDocument==p&&v(p,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e==C?-1:t==C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]==p?-1:s[r]==p?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if(T(e),d.matchesSelector&&E&&!N[t+" "]&&(!s||!s.test(t))&&(!y||!y.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){N(t,!0)}return 0":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=m[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&m(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?S.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?S.grep(e,function(e){return e===n!==r}):"string"!=typeof n?S.grep(e,function(e){return-1)[^>]*|#([\w-]+))$/;(S.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||D,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:q.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof S?t[0]:t,S.merge(this,S.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),N.test(r[1])&&S.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(S):S.makeArray(e,this)}).prototype=S.fn,D=S(E);var L=/^(?:parents|prev(?:Until|All))/,H={children:!0,contents:!0,next:!0,prev:!0};function O(e,t){while((e=e[t])&&1!==e.nodeType);return e}S.fn.extend({has:function(e){var t=S(e,this),n=t.length;return this.filter(function(){for(var e=0;e\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i;ce=E.createDocumentFragment().appendChild(E.createElement("div")),(fe=E.createElement("input")).setAttribute("type","radio"),fe.setAttribute("checked","checked"),fe.setAttribute("name","t"),ce.appendChild(fe),v.checkClone=ce.cloneNode(!0).cloneNode(!0).lastChild.checked,ce.innerHTML="",v.noCloneChecked=!!ce.cloneNode(!0).lastChild.defaultValue,ce.innerHTML="",v.option=!!ce.lastChild;var ge={thead:[1,"","
"],col:[2,"","
"],tr:[2,"","
"],td:[3,"","
"],_default:[0,"",""]};function ye(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?S.merge([e],n):n}function ve(e,t){for(var n=0,r=e.length;n",""]);var me=/<|&#?\w+;/;function xe(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d\s*$/g;function je(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&S(e).children("tbody")[0]||e}function De(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function qe(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Le(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(Y.hasData(e)&&(s=Y.get(e).events))for(i in Y.remove(t,"handle events"),s)for(n=0,r=s[i].length;n").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var Ut,Xt=[],Vt=/(=)\?(?=&|$)|\?\?/;S.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Xt.pop()||S.expando+"_"+Ct.guid++;return this[e]=!0,e}}),S.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Vt.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Vt.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Vt,"$1"+r):!1!==e.jsonp&&(e.url+=(Et.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||S.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?S(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,Xt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),v.createHTMLDocument=((Ut=E.implementation.createHTMLDocument("").body).innerHTML="
",2===Ut.childNodes.length),S.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(v.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=N.exec(e))?[t.createElement(i[1])]:(i=xe([e],t,o),o&&o.length&&S(o).remove(),S.merge([],i.childNodes)));var r,i,o},S.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1").append(S.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},S.expr.pseudos.animated=function(t){return S.grep(S.timers,function(e){return t===e.elem}).length},S.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=S.css(e,"position"),c=S(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=S.css(e,"top"),u=S.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,S.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},S.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){S.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===S.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===S.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=S(e).offset()).top+=S.css(e,"borderTopWidth",!0),i.left+=S.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-S.css(r,"marginTop",!0),left:t.left-i.left-S.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===S.css(e,"position"))e=e.offsetParent;return e||re})}}),S.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;S.fn[t]=function(e){return B(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),S.each(["top","left"],function(e,n){S.cssHooks[n]=_e(v.pixelPosition,function(e,t){if(t)return t=Be(e,n),Pe.test(t)?S(e).position()[n]+"px":t})}),S.each({Height:"height",Width:"width"},function(a,s){S.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){S.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return B(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?S.css(e,t,i):S.style(e,t,n,i)},s,n?e:void 0,n)}})}),S.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){S.fn[t]=function(e){return this.on(t,e)}}),S.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),S.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){S.fn[n]=function(e,t){return 0+~]|"+ge+")"+ge+"*"),x=new RegExp(ge+"|>"),j=new RegExp(g),A=new RegExp("^"+t+"$"),D={ID:new RegExp("^#("+t+")"),CLASS:new RegExp("^\\.("+t+")"),TAG:new RegExp("^("+t+"|[*])"),ATTR:new RegExp("^"+p),PSEUDO:new RegExp("^"+g),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+ge+"*(even|odd|(([+-]|)(\\d*)n|)"+ge+"*(?:([+-]|)"+ge+"*(\\d+)|))"+ge+"*\\)|)","i"),bool:new RegExp("^(?:"+f+")$","i"),needsContext:new RegExp("^"+ge+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+ge+"*((?:-\\d)?\\d*)"+ge+"*\\)|)(?=[^-]|$)","i")},N=/^(?:input|select|textarea|button)$/i,q=/^h\d$/i,L=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,H=/[+~]/,O=new RegExp("\\\\[\\da-fA-F]{1,6}"+ge+"?|\\\\([^\\r\\n\\f])","g"),P=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},M=function(){V()},R=J(function(e){return!0===e.disabled&&fe(e,"fieldset")},{dir:"parentNode",next:"legend"});try{k.apply(oe=ae.call(ye.childNodes),ye.childNodes),oe[ye.childNodes.length].nodeType}catch(e){k={apply:function(e,t){me.apply(e,ae.call(t))},call:function(e){me.apply(e,ae.call(arguments,1))}}}function I(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(V(e),e=e||T,C)){if(11!==p&&(u=L.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return k.call(n,a),n}else if(f&&(a=f.getElementById(i))&&I.contains(e,a)&&a.id===i)return k.call(n,a),n}else{if(u[2])return k.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&e.getElementsByClassName)return k.apply(n,e.getElementsByClassName(i)),n}if(!(h[t+" "]||d&&d.test(t))){if(c=t,f=e,1===p&&(x.test(t)||m.test(t))){(f=H.test(t)&&U(e.parentNode)||e)==e&&le.scope||((s=e.getAttribute("id"))?s=ce.escapeSelector(s):e.setAttribute("id",s=S)),o=(l=Y(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+Q(l[o]);c=l.join(",")}try{return k.apply(n,f.querySelectorAll(c)),n}catch(e){h(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return re(t.replace(ve,"$1"),e,n,r)}function W(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function F(e){return e[S]=!0,e}function $(e){var t=T.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function B(t){return function(e){return fe(e,"input")&&e.type===t}}function _(t){return function(e){return(fe(e,"input")||fe(e,"button"))&&e.type===t}}function z(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&R(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function X(a){return F(function(o){return o=+o,F(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function U(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}function V(e){var t,n=e?e.ownerDocument||e:ye;return n!=T&&9===n.nodeType&&n.documentElement&&(r=(T=n).documentElement,C=!ce.isXMLDoc(T),i=r.matches||r.webkitMatchesSelector||r.msMatchesSelector,r.msMatchesSelector&&ye!=T&&(t=T.defaultView)&&t.top!==t&&t.addEventListener("unload",M),le.getById=$(function(e){return r.appendChild(e).id=ce.expando,!T.getElementsByName||!T.getElementsByName(ce.expando).length}),le.disconnectedMatch=$(function(e){return i.call(e,"*")}),le.scope=$(function(){return T.querySelectorAll(":scope")}),le.cssHas=$(function(){try{return T.querySelector(":has(*,:jqfake)"),!1}catch(e){return!0}}),le.getById?(b.filter.ID=function(e){var t=e.replace(O,P);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&C){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(O,P);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&C){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):t.querySelectorAll(e)},b.find.CLASS=function(e,t){if("undefined"!=typeof t.getElementsByClassName&&C)return t.getElementsByClassName(e)},d=[],$(function(e){var t;r.appendChild(e).innerHTML="",e.querySelectorAll("[selected]").length||d.push("\\["+ge+"*(?:value|"+f+")"),e.querySelectorAll("[id~="+S+"-]").length||d.push("~="),e.querySelectorAll("a#"+S+"+*").length||d.push(".#.+[+~]"),e.querySelectorAll(":checked").length||d.push(":checked"),(t=T.createElement("input")).setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),r.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&d.push(":enabled",":disabled"),(t=T.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||d.push("\\["+ge+"*name"+ge+"*="+ge+"*(?:''|\"\")")}),le.cssHas||d.push(":has"),d=d.length&&new RegExp(d.join("|")),l=function(e,t){if(e===t)return a=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!le.sortDetached&&t.compareDocumentPosition(e)===n?e===T||e.ownerDocument==ye&&I.contains(ye,e)?-1:t===T||t.ownerDocument==ye&&I.contains(ye,t)?1:o?se.call(o,e)-se.call(o,t):0:4&n?-1:1)}),T}for(e in I.matches=function(e,t){return I(e,null,null,t)},I.matchesSelector=function(e,t){if(V(e),C&&!h[t+" "]&&(!d||!d.test(t)))try{var n=i.call(e,t);if(n||le.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){h(t,!0)}return 0":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(O,P),e[3]=(e[3]||e[4]||e[5]||"").replace(O,P),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||I.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&I.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return D.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&j.test(n)&&(t=Y(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(O,P).toLowerCase();return"*"===e?function(){return!0}:function(e){return fe(e,t)}},CLASS:function(e){var t=s[e+" "];return t||(t=new RegExp("(^|"+ge+")"+e+"("+ge+"|$)"))&&s(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=I.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function T(e,n,r){return v(n)?ce.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?ce.grep(e,function(e){return e===n!==r}):"string"!=typeof n?ce.grep(e,function(e){return-1)[^>]*|#([\w-]+))$/;(ce.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||k,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:S.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof ce?t[0]:t,ce.merge(this,ce.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:C,!0)),w.test(r[1])&&ce.isPlainObject(t))for(r in t)v(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=C.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):v(e)?void 0!==n.ready?n.ready(e):e(ce):ce.makeArray(e,this)}).prototype=ce.fn,k=ce(C);var E=/^(?:parents|prev(?:Until|All))/,j={children:!0,contents:!0,next:!0,prev:!0};function A(e,t){while((e=e[t])&&1!==e.nodeType);return e}ce.fn.extend({has:function(e){var t=ce(e,this),n=t.length;return this.filter(function(){for(var e=0;e\x20\t\r\n\f]*)/i,Ce=/^$|^module$|\/(?:java|ecma)script/i;xe=C.createDocumentFragment().appendChild(C.createElement("div")),(be=C.createElement("input")).setAttribute("type","radio"),be.setAttribute("checked","checked"),be.setAttribute("name","t"),xe.appendChild(be),le.checkClone=xe.cloneNode(!0).cloneNode(!0).lastChild.checked,xe.innerHTML="",le.noCloneChecked=!!xe.cloneNode(!0).lastChild.defaultValue,xe.innerHTML="",le.option=!!xe.lastChild;var ke={thead:[1,"","
"],col:[2,"","
"],tr:[2,"","
"],td:[3,"","
"],_default:[0,"",""]};function Se(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&fe(e,t)?ce.merge([e],n):n}function Ee(e,t){for(var n=0,r=e.length;n",""]);var je=/<|&#?\w+;/;function Ae(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d\s*$/g;function Re(e,t){return fe(e,"table")&&fe(11!==t.nodeType?t:t.firstChild,"tr")&&ce(e).children("tbody")[0]||e}function Ie(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function We(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Fe(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(_.hasData(e)&&(s=_.get(e).events))for(i in _.remove(t,"handle events"),s)for(n=0,r=s[i].length;n").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),C.head.appendChild(r[0])},abort:function(){i&&i()}}});var Jt,Kt=[],Zt=/(=)\?(?=&|$)|\?\?/;ce.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Kt.pop()||ce.expando+"_"+jt.guid++;return this[e]=!0,e}}),ce.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Zt.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Zt.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=v(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Zt,"$1"+r):!1!==e.jsonp&&(e.url+=(At.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||ce.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=ie[r],ie[r]=function(){o=arguments},n.always(function(){void 0===i?ce(ie).removeProp(r):ie[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,Kt.push(r)),o&&v(i)&&i(o[0]),o=i=void 0}),"script"}),le.createHTMLDocument=((Jt=C.implementation.createHTMLDocument("").body).innerHTML="
",2===Jt.childNodes.length),ce.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(le.createHTMLDocument?((r=(t=C.implementation.createHTMLDocument("")).createElement("base")).href=C.location.href,t.head.appendChild(r)):t=C),o=!n&&[],(i=w.exec(e))?[t.createElement(i[1])]:(i=Ae([e],t,o),o&&o.length&&ce(o).remove(),ce.merge([],i.childNodes)));var r,i,o},ce.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1").append(ce.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},ce.expr.pseudos.animated=function(t){return ce.grep(ce.timers,function(e){return t===e.elem}).length},ce.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=ce.css(e,"position"),c=ce(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=ce.css(e,"top"),u=ce.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),v(t)&&(t=t.call(e,n,ce.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},ce.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){ce.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===ce.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===ce.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=ce(e).offset()).top+=ce.css(e,"borderTopWidth",!0),i.left+=ce.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-ce.css(r,"marginTop",!0),left:t.left-i.left-ce.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===ce.css(e,"position"))e=e.offsetParent;return e||J})}}),ce.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;ce.fn[t]=function(e){return M(this,function(e,t,n){var r;if(y(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),ce.each(["top","left"],function(e,n){ce.cssHooks[n]=Ye(le.pixelPosition,function(e,t){if(t)return t=Ge(e,n),_e.test(t)?ce(e).position()[n]+"px":t})}),ce.each({Height:"height",Width:"width"},function(a,s){ce.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){ce.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return M(this,function(e,t,n){var r;return y(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?ce.css(e,t,i):ce.style(e,t,n,i)},s,n?e:void 0,n)}})}),ce.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){ce.fn[t]=function(e){return this.on(t,e)}}),ce.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){return this.on("mouseenter",e).on("mouseleave",t||e)}}),ce.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){ce.fn[n]=function(e,t){return 0= 0 && j < len ? [ this[ j ] ] : [] ); + }, + + end: function() { + return this.prevObject || this.constructor(); + }, + + // For internal use only. + // Behaves like an Array's method, not like a jQuery method. + push: push, + sort: deletedIds.sort, + splice: deletedIds.splice +}; + +jQuery.extend = jQuery.fn.extend = function() { + var src, copyIsArray, copy, name, options, clone, + target = arguments[ 0 ] || {}, + i = 1, + length = arguments.length, + deep = false; + + // Handle a deep copy situation + if ( typeof target === "boolean" ) { + deep = target; + + // skip the boolean and the target + target = arguments[ i ] || {}; + i++; + } + + // Handle case when target is a string or something (possible in deep copy) + if ( typeof target !== "object" && !jQuery.isFunction( target ) ) { + target = {}; + } + + // extend jQuery itself if only one argument is passed + if ( i === length ) { + target = this; + i--; + } + + for ( ; i < length; i++ ) { + + // Only deal with non-null/undefined values + if ( ( options = arguments[ i ] ) != null ) { + + // Extend the base object + for ( name in options ) { + src = target[ name ]; + copy = options[ name ]; + + // Prevent never-ending loop + if ( target === copy ) { + continue; + } + + // Recurse if we're merging plain objects or arrays + if ( deep && copy && ( jQuery.isPlainObject( copy ) || + ( copyIsArray = jQuery.isArray( copy ) ) ) ) { + + if ( copyIsArray ) { + copyIsArray = false; + clone = src && jQuery.isArray( src ) ? src : []; + + } else { + clone = src && jQuery.isPlainObject( src ) ? src : {}; + } + + // Never move original objects, clone them + target[ name ] = jQuery.extend( deep, clone, copy ); + + // Don't bring in undefined values + } else if ( copy !== undefined ) { + target[ name ] = copy; + } + } + } + } + + // Return the modified object + return target; +}; + +jQuery.extend( { + + // Unique for each copy of jQuery on the page + expando: "jQuery" + ( version + Math.random() ).replace( /\D/g, "" ), + + // Assume jQuery is ready without the ready module + isReady: true, + + error: function( msg ) { + throw new Error( msg ); + }, + + noop: function() {}, + + // See test/unit/core.js for details concerning isFunction. + // Since version 1.3, DOM methods and functions like alert + // aren't supported. They return false on IE (#2968). + isFunction: function( obj ) { + return jQuery.type( obj ) === "function"; + }, + + isArray: Array.isArray || function( obj ) { + return jQuery.type( obj ) === "array"; + }, + + isWindow: function( obj ) { + /* jshint eqeqeq: false */ + return obj != null && obj == obj.window; + }, + + isNumeric: function( obj ) { + + // parseFloat NaNs numeric-cast false positives (null|true|false|"") + // ...but misinterprets leading-number strings, particularly hex literals ("0x...") + // subtraction forces infinities to NaN + // adding 1 corrects loss of precision from parseFloat (#15100) + var realStringObj = obj && obj.toString(); + return !jQuery.isArray( obj ) && ( realStringObj - parseFloat( realStringObj ) + 1 ) >= 0; + }, + + isEmptyObject: function( obj ) { + var name; + for ( name in obj ) { + return false; + } + return true; + }, + + isPlainObject: function( obj ) { + var key; + + // Must be an Object. + // Because of IE, we also have to check the presence of the constructor property. + // Make sure that DOM nodes and window objects don't pass through, as well + if ( !obj || jQuery.type( obj ) !== "object" || obj.nodeType || jQuery.isWindow( obj ) ) { + return false; + } + + try { + + // Not own constructor property must be Object + if ( obj.constructor && + !hasOwn.call( obj, "constructor" ) && + !hasOwn.call( obj.constructor.prototype, "isPrototypeOf" ) ) { + return false; + } + } catch ( e ) { + + // IE8,9 Will throw exceptions on certain host objects #9897 + return false; + } + + // Support: IE<9 + // Handle iteration over inherited properties before own properties. + if ( !support.ownFirst ) { + for ( key in obj ) { + return hasOwn.call( obj, key ); + } + } + + // Own properties are enumerated firstly, so to speed up, + // if last one is own, then all properties are own. + for ( key in obj ) {} + + return key === undefined || hasOwn.call( obj, key ); + }, + + type: function( obj ) { + if ( obj == null ) { + return obj + ""; + } + return typeof obj === "object" || typeof obj === "function" ? + class2type[ toString.call( obj ) ] || "object" : + typeof obj; + }, + + // Workarounds based on findings by Jim Driscoll + // http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context + globalEval: function( data ) { + if ( data && jQuery.trim( data ) ) { + + // We use execScript on Internet Explorer + // We use an anonymous function so that context is window + // rather than jQuery in Firefox + ( window.execScript || function( data ) { + window[ "eval" ].call( window, data ); // jscs:ignore requireDotNotation + } )( data ); + } + }, + + // Convert dashed to camelCase; used by the css and data modules + // Microsoft forgot to hump their vendor prefix (#9572) + camelCase: function( string ) { + return string.replace( rmsPrefix, "ms-" ).replace( rdashAlpha, fcamelCase ); + }, + + nodeName: function( elem, name ) { + return elem.nodeName && elem.nodeName.toLowerCase() === name.toLowerCase(); + }, + + each: function( obj, callback ) { + var length, i = 0; + + if ( isArrayLike( obj ) ) { + length = obj.length; + for ( ; i < length; i++ ) { + if ( callback.call( obj[ i ], i, obj[ i ] ) === false ) { + break; + } + } + } else { + for ( i in obj ) { + if ( callback.call( obj[ i ], i, obj[ i ] ) === false ) { + break; + } + } + } + + return obj; + }, + + // Support: Android<4.1, IE<9 + trim: function( text ) { + return text == null ? + "" : + ( text + "" ).replace( rtrim, "" ); + }, + + // results is for internal usage only + makeArray: function( arr, results ) { + var ret = results || []; + + if ( arr != null ) { + if ( isArrayLike( Object( arr ) ) ) { + jQuery.merge( ret, + typeof arr === "string" ? + [ arr ] : arr + ); + } else { + push.call( ret, arr ); + } + } + + return ret; + }, + + inArray: function( elem, arr, i ) { + var len; + + if ( arr ) { + if ( indexOf ) { + return indexOf.call( arr, elem, i ); + } + + len = arr.length; + i = i ? i < 0 ? Math.max( 0, len + i ) : i : 0; + + for ( ; i < len; i++ ) { + + // Skip accessing in sparse arrays + if ( i in arr && arr[ i ] === elem ) { + return i; + } + } + } + + return -1; + }, + + merge: function( first, second ) { + var len = +second.length, + j = 0, + i = first.length; + + while ( j < len ) { + first[ i++ ] = second[ j++ ]; + } + + // Support: IE<9 + // Workaround casting of .length to NaN on otherwise arraylike objects (e.g., NodeLists) + if ( len !== len ) { + while ( second[ j ] !== undefined ) { + first[ i++ ] = second[ j++ ]; + } + } + + first.length = i; + + return first; + }, + + grep: function( elems, callback, invert ) { + var callbackInverse, + matches = [], + i = 0, + length = elems.length, + callbackExpect = !invert; + + // Go through the array, only saving the items + // that pass the validator function + for ( ; i < length; i++ ) { + callbackInverse = !callback( elems[ i ], i ); + if ( callbackInverse !== callbackExpect ) { + matches.push( elems[ i ] ); + } + } + + return matches; + }, + + // arg is for internal usage only + map: function( elems, callback, arg ) { + var length, value, + i = 0, + ret = []; + + // Go through the array, translating each of the items to their new values + if ( isArrayLike( elems ) ) { + length = elems.length; + for ( ; i < length; i++ ) { + value = callback( elems[ i ], i, arg ); + + if ( value != null ) { + ret.push( value ); + } + } + + // Go through every key on the object, + } else { + for ( i in elems ) { + value = callback( elems[ i ], i, arg ); + + if ( value != null ) { + ret.push( value ); + } + } + } + + // Flatten any nested arrays + return concat.apply( [], ret ); + }, + + // A global GUID counter for objects + guid: 1, + + // Bind a function to a context, optionally partially applying any + // arguments. + proxy: function( fn, context ) { + var args, proxy, tmp; + + if ( typeof context === "string" ) { + tmp = fn[ context ]; + context = fn; + fn = tmp; + } + + // Quick check to determine if target is callable, in the spec + // this throws a TypeError, but we will just return undefined. + if ( !jQuery.isFunction( fn ) ) { + return undefined; + } + + // Simulated bind + args = slice.call( arguments, 2 ); + proxy = function() { + return fn.apply( context || this, args.concat( slice.call( arguments ) ) ); + }; + + // Set the guid of unique handler to the same of original handler, so it can be removed + proxy.guid = fn.guid = fn.guid || jQuery.guid++; + + return proxy; + }, + + now: function() { + return +( new Date() ); + }, + + // jQuery.support is not used in Core but other projects attach their + // properties to it so it needs to exist. + support: support +} ); + +// JSHint would error on this code due to the Symbol not being defined in ES5. +// Defining this global in .jshintrc would create a danger of using the global +// unguarded in another place, it seems safer to just disable JSHint for these +// three lines. +/* jshint ignore: start */ +if ( typeof Symbol === "function" ) { + jQuery.fn[ Symbol.iterator ] = deletedIds[ Symbol.iterator ]; +} +/* jshint ignore: end */ + +// Populate the class2type map +jQuery.each( "Boolean Number String Function Array Date RegExp Object Error Symbol".split( " " ), +function( i, name ) { + class2type[ "[object " + name + "]" ] = name.toLowerCase(); +} ); + +function isArrayLike( obj ) { + + // Support: iOS 8.2 (not reproducible in simulator) + // `in` check used to prevent JIT error (gh-2145) + // hasOwn isn't used here due to false negatives + // regarding Nodelist length in IE + var length = !!obj && "length" in obj && obj.length, + type = jQuery.type( obj ); + + if ( type === "function" || jQuery.isWindow( obj ) ) { + return false; + } + + return type === "array" || length === 0 || + typeof length === "number" && length > 0 && ( length - 1 ) in obj; +} +var Sizzle = +/*! + * Sizzle CSS Selector Engine v2.2.1 + * http://sizzlejs.com/ + * + * Copyright jQuery Foundation and other contributors + * Released under the MIT license + * http://jquery.org/license + * + * Date: 2015-10-17 + */ +(function( window ) { + +var i, + support, + Expr, + getText, + isXML, + tokenize, + compile, + select, + outermostContext, + sortInput, + hasDuplicate, + + // Local document vars + setDocument, + document, + docElem, + documentIsHTML, + rbuggyQSA, + rbuggyMatches, + matches, + contains, + + // Instance-specific data + expando = "sizzle" + 1 * new Date(), + preferredDoc = window.document, + dirruns = 0, + done = 0, + classCache = createCache(), + tokenCache = createCache(), + compilerCache = createCache(), + sortOrder = function( a, b ) { + if ( a === b ) { + hasDuplicate = true; + } + return 0; + }, + + // General-purpose constants + MAX_NEGATIVE = 1 << 31, + + // Instance methods + hasOwn = ({}).hasOwnProperty, + arr = [], + pop = arr.pop, + push_native = arr.push, + push = arr.push, + slice = arr.slice, + // Use a stripped-down indexOf as it's faster than native + // http://jsperf.com/thor-indexof-vs-for/5 + indexOf = function( list, elem ) { + var i = 0, + len = list.length; + for ( ; i < len; i++ ) { + if ( list[i] === elem ) { + return i; + } + } + return -1; + }, + + booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped", + + // Regular expressions + + // http://www.w3.org/TR/css3-selectors/#whitespace + whitespace = "[\\x20\\t\\r\\n\\f]", + + // http://www.w3.org/TR/CSS21/syndata.html#value-def-identifier + identifier = "(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+", + + // Attribute selectors: http://www.w3.org/TR/selectors/#attribute-selectors + attributes = "\\[" + whitespace + "*(" + identifier + ")(?:" + whitespace + + // Operator (capture 2) + "*([*^$|!~]?=)" + whitespace + + // "Attribute values must be CSS identifiers [capture 5] or strings [capture 3 or capture 4]" + "*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|(" + identifier + "))|)" + whitespace + + "*\\]", + + pseudos = ":(" + identifier + ")(?:\\((" + + // To reduce the number of selectors needing tokenize in the preFilter, prefer arguments: + // 1. quoted (capture 3; capture 4 or capture 5) + "('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|" + + // 2. simple (capture 6) + "((?:\\\\.|[^\\\\()[\\]]|" + attributes + ")*)|" + + // 3. anything else (capture 2) + ".*" + + ")\\)|)", + + // Leading and non-escaped trailing whitespace, capturing some non-whitespace characters preceding the latter + rwhitespace = new RegExp( whitespace + "+", "g" ), + rtrim = new RegExp( "^" + whitespace + "+|((?:^|[^\\\\])(?:\\\\.)*)" + whitespace + "+$", "g" ), + + rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ), + rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + "*" ), + + rattributeQuotes = new RegExp( "=" + whitespace + "*([^\\]'\"]*?)" + whitespace + "*\\]", "g" ), + + rpseudo = new RegExp( pseudos ), + ridentifier = new RegExp( "^" + identifier + "$" ), + + matchExpr = { + "ID": new RegExp( "^#(" + identifier + ")" ), + "CLASS": new RegExp( "^\\.(" + identifier + ")" ), + "TAG": new RegExp( "^(" + identifier + "|[*])" ), + "ATTR": new RegExp( "^" + attributes ), + "PSEUDO": new RegExp( "^" + pseudos ), + "CHILD": new RegExp( "^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\(" + whitespace + + "*(even|odd|(([+-]|)(\\d*)n|)" + whitespace + "*(?:([+-]|)" + whitespace + + "*(\\d+)|))" + whitespace + "*\\)|)", "i" ), + "bool": new RegExp( "^(?:" + booleans + ")$", "i" ), + // For use in libraries implementing .is() + // We use this for POS matching in `select` + "needsContext": new RegExp( "^" + whitespace + "*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\(" + + whitespace + "*((?:-\\d)?\\d*)" + whitespace + "*\\)|)(?=[^-]|$)", "i" ) + }, + + rinputs = /^(?:input|select|textarea|button)$/i, + rheader = /^h\d$/i, + + rnative = /^[^{]+\{\s*\[native \w/, + + // Easily-parseable/retrievable ID or TAG or CLASS selectors + rquickExpr = /^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/, + + rsibling = /[+~]/, + rescape = /'|\\/g, + + // CSS escapes http://www.w3.org/TR/CSS21/syndata.html#escaped-characters + runescape = new RegExp( "\\\\([\\da-f]{1,6}" + whitespace + "?|(" + whitespace + ")|.)", "ig" ), + funescape = function( _, escaped, escapedWhitespace ) { + var high = "0x" + escaped - 0x10000; + // NaN means non-codepoint + // Support: Firefox<24 + // Workaround erroneous numeric interpretation of +"0x" + return high !== high || escapedWhitespace ? + escaped : + high < 0 ? + // BMP codepoint + String.fromCharCode( high + 0x10000 ) : + // Supplemental Plane codepoint (surrogate pair) + String.fromCharCode( high >> 10 | 0xD800, high & 0x3FF | 0xDC00 ); + }, + + // Used for iframes + // See setDocument() + // Removing the function wrapper causes a "Permission Denied" + // error in IE + unloadHandler = function() { + setDocument(); + }; + +// Optimize for push.apply( _, NodeList ) +try { + push.apply( + (arr = slice.call( preferredDoc.childNodes )), + preferredDoc.childNodes + ); + // Support: Android<4.0 + // Detect silently failing push.apply + arr[ preferredDoc.childNodes.length ].nodeType; +} catch ( e ) { + push = { apply: arr.length ? + + // Leverage slice if possible + function( target, els ) { + push_native.apply( target, slice.call(els) ); + } : + + // Support: IE<9 + // Otherwise append directly + function( target, els ) { + var j = target.length, + i = 0; + // Can't trust NodeList.length + while ( (target[j++] = els[i++]) ) {} + target.length = j - 1; + } + }; +} + +function Sizzle( selector, context, results, seed ) { + var m, i, elem, nid, nidselect, match, groups, newSelector, + newContext = context && context.ownerDocument, + + // nodeType defaults to 9, since context defaults to document + nodeType = context ? context.nodeType : 9; + + results = results || []; + + // Return early from calls with invalid selector or context + if ( typeof selector !== "string" || !selector || + nodeType !== 1 && nodeType !== 9 && nodeType !== 11 ) { + + return results; + } + + // Try to shortcut find operations (as opposed to filters) in HTML documents + if ( !seed ) { + + if ( ( context ? context.ownerDocument || context : preferredDoc ) !== document ) { + setDocument( context ); + } + context = context || document; + + if ( documentIsHTML ) { + + // If the selector is sufficiently simple, try using a "get*By*" DOM method + // (excepting DocumentFragment context, where the methods don't exist) + if ( nodeType !== 11 && (match = rquickExpr.exec( selector )) ) { + + // ID selector + if ( (m = match[1]) ) { + + // Document context + if ( nodeType === 9 ) { + if ( (elem = context.getElementById( m )) ) { + + // Support: IE, Opera, Webkit + // TODO: identify versions + // getElementById can match elements by name instead of ID + if ( elem.id === m ) { + results.push( elem ); + return results; + } + } else { + return results; + } + + // Element context + } else { + + // Support: IE, Opera, Webkit + // TODO: identify versions + // getElementById can match elements by name instead of ID + if ( newContext && (elem = newContext.getElementById( m )) && + contains( context, elem ) && + elem.id === m ) { + + results.push( elem ); + return results; + } + } + + // Type selector + } else if ( match[2] ) { + push.apply( results, context.getElementsByTagName( selector ) ); + return results; + + // Class selector + } else if ( (m = match[3]) && support.getElementsByClassName && + context.getElementsByClassName ) { + + push.apply( results, context.getElementsByClassName( m ) ); + return results; + } + } + + // Take advantage of querySelectorAll + if ( support.qsa && + !compilerCache[ selector + " " ] && + (!rbuggyQSA || !rbuggyQSA.test( selector )) ) { + + if ( nodeType !== 1 ) { + newContext = context; + newSelector = selector; + + // qSA looks outside Element context, which is not what we want + // Thanks to Andrew Dupont for this workaround technique + // Support: IE <=8 + // Exclude object elements + } else if ( context.nodeName.toLowerCase() !== "object" ) { + + // Capture the context ID, setting it first if necessary + if ( (nid = context.getAttribute( "id" )) ) { + nid = nid.replace( rescape, "\\$&" ); + } else { + context.setAttribute( "id", (nid = expando) ); + } + + // Prefix every selector in the list + groups = tokenize( selector ); + i = groups.length; + nidselect = ridentifier.test( nid ) ? "#" + nid : "[id='" + nid + "']"; + while ( i-- ) { + groups[i] = nidselect + " " + toSelector( groups[i] ); + } + newSelector = groups.join( "," ); + + // Expand context for sibling selectors + newContext = rsibling.test( selector ) && testContext( context.parentNode ) || + context; + } + + if ( newSelector ) { + try { + push.apply( results, + newContext.querySelectorAll( newSelector ) + ); + return results; + } catch ( qsaError ) { + } finally { + if ( nid === expando ) { + context.removeAttribute( "id" ); + } + } + } + } + } + } + + // All others + return select( selector.replace( rtrim, "$1" ), context, results, seed ); +} + +/** + * Create key-value caches of limited size + * @returns {function(string, object)} Returns the Object data after storing it on itself with + * property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength) + * deleting the oldest entry + */ +function createCache() { + var keys = []; + + function cache( key, value ) { + // Use (key + " ") to avoid collision with native prototype properties (see Issue #157) + if ( keys.push( key + " " ) > Expr.cacheLength ) { + // Only keep the most recent entries + delete cache[ keys.shift() ]; + } + return (cache[ key + " " ] = value); + } + return cache; +} + +/** + * Mark a function for special use by Sizzle + * @param {Function} fn The function to mark + */ +function markFunction( fn ) { + fn[ expando ] = true; + return fn; +} + +/** + * Support testing using an element + * @param {Function} fn Passed the created div and expects a boolean result + */ +function assert( fn ) { + var div = document.createElement("div"); + + try { + return !!fn( div ); + } catch (e) { + return false; + } finally { + // Remove from its parent by default + if ( div.parentNode ) { + div.parentNode.removeChild( div ); + } + // release memory in IE + div = null; + } +} + +/** + * Adds the same handler for all of the specified attrs + * @param {String} attrs Pipe-separated list of attributes + * @param {Function} handler The method that will be applied + */ +function addHandle( attrs, handler ) { + var arr = attrs.split("|"), + i = arr.length; + + while ( i-- ) { + Expr.attrHandle[ arr[i] ] = handler; + } +} + +/** + * Checks document order of two siblings + * @param {Element} a + * @param {Element} b + * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b + */ +function siblingCheck( a, b ) { + var cur = b && a, + diff = cur && a.nodeType === 1 && b.nodeType === 1 && + ( ~b.sourceIndex || MAX_NEGATIVE ) - + ( ~a.sourceIndex || MAX_NEGATIVE ); + + // Use IE sourceIndex if available on both nodes + if ( diff ) { + return diff; + } + + // Check if b follows a + if ( cur ) { + while ( (cur = cur.nextSibling) ) { + if ( cur === b ) { + return -1; + } + } + } + + return a ? 1 : -1; +} + +/** + * Returns a function to use in pseudos for input types + * @param {String} type + */ +function createInputPseudo( type ) { + return function( elem ) { + var name = elem.nodeName.toLowerCase(); + return name === "input" && elem.type === type; + }; +} + +/** + * Returns a function to use in pseudos for buttons + * @param {String} type + */ +function createButtonPseudo( type ) { + return function( elem ) { + var name = elem.nodeName.toLowerCase(); + return (name === "input" || name === "button") && elem.type === type; + }; +} + +/** + * Returns a function to use in pseudos for positionals + * @param {Function} fn + */ +function createPositionalPseudo( fn ) { + return markFunction(function( argument ) { + argument = +argument; + return markFunction(function( seed, matches ) { + var j, + matchIndexes = fn( [], seed.length, argument ), + i = matchIndexes.length; + + // Match elements found at the specified indexes + while ( i-- ) { + if ( seed[ (j = matchIndexes[i]) ] ) { + seed[j] = !(matches[j] = seed[j]); + } + } + }); + }); +} + +/** + * Checks a node for validity as a Sizzle context + * @param {Element|Object=} context + * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value + */ +function testContext( context ) { + return context && typeof context.getElementsByTagName !== "undefined" && context; +} + +// Expose support vars for convenience +support = Sizzle.support = {}; + +/** + * Detects XML nodes + * @param {Element|Object} elem An element or a document + * @returns {Boolean} True iff elem is a non-HTML XML node + */ +isXML = Sizzle.isXML = function( elem ) { + // documentElement is verified for cases where it doesn't yet exist + // (such as loading iframes in IE - #4833) + var documentElement = elem && (elem.ownerDocument || elem).documentElement; + return documentElement ? documentElement.nodeName !== "HTML" : false; +}; + +/** + * Sets document-related variables once based on the current document + * @param {Element|Object} [doc] An element or document object to use to set the document + * @returns {Object} Returns the current document + */ +setDocument = Sizzle.setDocument = function( node ) { + var hasCompare, parent, + doc = node ? node.ownerDocument || node : preferredDoc; + + // Return early if doc is invalid or already selected + if ( doc === document || doc.nodeType !== 9 || !doc.documentElement ) { + return document; + } + + // Update global variables + document = doc; + docElem = document.documentElement; + documentIsHTML = !isXML( document ); + + // Support: IE 9-11, Edge + // Accessing iframe documents after unload throws "permission denied" errors (jQuery #13936) + if ( (parent = document.defaultView) && parent.top !== parent ) { + // Support: IE 11 + if ( parent.addEventListener ) { + parent.addEventListener( "unload", unloadHandler, false ); + + // Support: IE 9 - 10 only + } else if ( parent.attachEvent ) { + parent.attachEvent( "onunload", unloadHandler ); + } + } + + /* Attributes + ---------------------------------------------------------------------- */ + + // Support: IE<8 + // Verify that getAttribute really returns attributes and not properties + // (excepting IE8 booleans) + support.attributes = assert(function( div ) { + div.className = "i"; + return !div.getAttribute("className"); + }); + + /* getElement(s)By* + ---------------------------------------------------------------------- */ + + // Check if getElementsByTagName("*") returns only elements + support.getElementsByTagName = assert(function( div ) { + div.appendChild( document.createComment("") ); + return !div.getElementsByTagName("*").length; + }); + + // Support: IE<9 + support.getElementsByClassName = rnative.test( document.getElementsByClassName ); + + // Support: IE<10 + // Check if getElementById returns elements by name + // The broken getElementById methods don't pick up programatically-set names, + // so use a roundabout getElementsByName test + support.getById = assert(function( div ) { + docElem.appendChild( div ).id = expando; + return !document.getElementsByName || !document.getElementsByName( expando ).length; + }); + + // ID find and filter + if ( support.getById ) { + Expr.find["ID"] = function( id, context ) { + if ( typeof context.getElementById !== "undefined" && documentIsHTML ) { + var m = context.getElementById( id ); + return m ? [ m ] : []; + } + }; + Expr.filter["ID"] = function( id ) { + var attrId = id.replace( runescape, funescape ); + return function( elem ) { + return elem.getAttribute("id") === attrId; + }; + }; + } else { + // Support: IE6/7 + // getElementById is not reliable as a find shortcut + delete Expr.find["ID"]; + + Expr.filter["ID"] = function( id ) { + var attrId = id.replace( runescape, funescape ); + return function( elem ) { + var node = typeof elem.getAttributeNode !== "undefined" && + elem.getAttributeNode("id"); + return node && node.value === attrId; + }; + }; + } + + // Tag + Expr.find["TAG"] = support.getElementsByTagName ? + function( tag, context ) { + if ( typeof context.getElementsByTagName !== "undefined" ) { + return context.getElementsByTagName( tag ); + + // DocumentFragment nodes don't have gEBTN + } else if ( support.qsa ) { + return context.querySelectorAll( tag ); + } + } : + + function( tag, context ) { + var elem, + tmp = [], + i = 0, + // By happy coincidence, a (broken) gEBTN appears on DocumentFragment nodes too + results = context.getElementsByTagName( tag ); + + // Filter out possible comments + if ( tag === "*" ) { + while ( (elem = results[i++]) ) { + if ( elem.nodeType === 1 ) { + tmp.push( elem ); + } + } + + return tmp; + } + return results; + }; + + // Class + Expr.find["CLASS"] = support.getElementsByClassName && function( className, context ) { + if ( typeof context.getElementsByClassName !== "undefined" && documentIsHTML ) { + return context.getElementsByClassName( className ); + } + }; + + /* QSA/matchesSelector + ---------------------------------------------------------------------- */ + + // QSA and matchesSelector support + + // matchesSelector(:active) reports false when true (IE9/Opera 11.5) + rbuggyMatches = []; + + // qSa(:focus) reports false when true (Chrome 21) + // We allow this because of a bug in IE8/9 that throws an error + // whenever `document.activeElement` is accessed on an iframe + // So, we allow :focus to pass through QSA all the time to avoid the IE error + // See http://bugs.jquery.com/ticket/13378 + rbuggyQSA = []; + + if ( (support.qsa = rnative.test( document.querySelectorAll )) ) { + // Build QSA regex + // Regex strategy adopted from Diego Perini + assert(function( div ) { + // Select is set to empty string on purpose + // This is to test IE's treatment of not explicitly + // setting a boolean content attribute, + // since its presence should be enough + // http://bugs.jquery.com/ticket/12359 + docElem.appendChild( div ).innerHTML = "" + + ""; + + // Support: IE8, Opera 11-12.16 + // Nothing should be selected when empty strings follow ^= or $= or *= + // The test attribute must be unknown in Opera but "safe" for WinRT + // http://msdn.microsoft.com/en-us/library/ie/hh465388.aspx#attribute_section + if ( div.querySelectorAll("[msallowcapture^='']").length ) { + rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" ); + } + + // Support: IE8 + // Boolean attributes and "value" are not treated correctly + if ( !div.querySelectorAll("[selected]").length ) { + rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" ); + } + + // Support: Chrome<29, Android<4.4, Safari<7.0+, iOS<7.0+, PhantomJS<1.9.8+ + if ( !div.querySelectorAll( "[id~=" + expando + "-]" ).length ) { + rbuggyQSA.push("~="); + } + + // Webkit/Opera - :checked should return selected option elements + // http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked + // IE8 throws error here and will not see later tests + if ( !div.querySelectorAll(":checked").length ) { + rbuggyQSA.push(":checked"); + } + + // Support: Safari 8+, iOS 8+ + // https://bugs.webkit.org/show_bug.cgi?id=136851 + // In-page `selector#id sibing-combinator selector` fails + if ( !div.querySelectorAll( "a#" + expando + "+*" ).length ) { + rbuggyQSA.push(".#.+[+~]"); + } + }); + + assert(function( div ) { + // Support: Windows 8 Native Apps + // The type and name attributes are restricted during .innerHTML assignment + var input = document.createElement("input"); + input.setAttribute( "type", "hidden" ); + div.appendChild( input ).setAttribute( "name", "D" ); + + // Support: IE8 + // Enforce case-sensitivity of name attribute + if ( div.querySelectorAll("[name=d]").length ) { + rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" ); + } + + // FF 3.5 - :enabled/:disabled and hidden elements (hidden elements are still enabled) + // IE8 throws error here and will not see later tests + if ( !div.querySelectorAll(":enabled").length ) { + rbuggyQSA.push( ":enabled", ":disabled" ); + } + + // Opera 10-11 does not throw on post-comma invalid pseudos + div.querySelectorAll("*,:x"); + rbuggyQSA.push(",.*:"); + }); + } + + if ( (support.matchesSelector = rnative.test( (matches = docElem.matches || + docElem.webkitMatchesSelector || + docElem.mozMatchesSelector || + docElem.oMatchesSelector || + docElem.msMatchesSelector) )) ) { + + assert(function( div ) { + // Check to see if it's possible to do matchesSelector + // on a disconnected node (IE 9) + support.disconnectedMatch = matches.call( div, "div" ); + + // This should fail with an exception + // Gecko does not error, returns false instead + matches.call( div, "[s!='']:x" ); + rbuggyMatches.push( "!=", pseudos ); + }); + } + + rbuggyQSA = rbuggyQSA.length && new RegExp( rbuggyQSA.join("|") ); + rbuggyMatches = rbuggyMatches.length && new RegExp( rbuggyMatches.join("|") ); + + /* Contains + ---------------------------------------------------------------------- */ + hasCompare = rnative.test( docElem.compareDocumentPosition ); + + // Element contains another + // Purposefully self-exclusive + // As in, an element does not contain itself + contains = hasCompare || rnative.test( docElem.contains ) ? + function( a, b ) { + var adown = a.nodeType === 9 ? a.documentElement : a, + bup = b && b.parentNode; + return a === bup || !!( bup && bup.nodeType === 1 && ( + adown.contains ? + adown.contains( bup ) : + a.compareDocumentPosition && a.compareDocumentPosition( bup ) & 16 + )); + } : + function( a, b ) { + if ( b ) { + while ( (b = b.parentNode) ) { + if ( b === a ) { + return true; + } + } + } + return false; + }; + + /* Sorting + ---------------------------------------------------------------------- */ + + // Document order sorting + sortOrder = hasCompare ? + function( a, b ) { + + // Flag for duplicate removal + if ( a === b ) { + hasDuplicate = true; + return 0; + } + + // Sort on method existence if only one input has compareDocumentPosition + var compare = !a.compareDocumentPosition - !b.compareDocumentPosition; + if ( compare ) { + return compare; + } + + // Calculate position if both inputs belong to the same document + compare = ( a.ownerDocument || a ) === ( b.ownerDocument || b ) ? + a.compareDocumentPosition( b ) : + + // Otherwise we know they are disconnected + 1; + + // Disconnected nodes + if ( compare & 1 || + (!support.sortDetached && b.compareDocumentPosition( a ) === compare) ) { + + // Choose the first element that is related to our preferred document + if ( a === document || a.ownerDocument === preferredDoc && contains(preferredDoc, a) ) { + return -1; + } + if ( b === document || b.ownerDocument === preferredDoc && contains(preferredDoc, b) ) { + return 1; + } + + // Maintain original order + return sortInput ? + ( indexOf( sortInput, a ) - indexOf( sortInput, b ) ) : + 0; + } + + return compare & 4 ? -1 : 1; + } : + function( a, b ) { + // Exit early if the nodes are identical + if ( a === b ) { + hasDuplicate = true; + return 0; + } + + var cur, + i = 0, + aup = a.parentNode, + bup = b.parentNode, + ap = [ a ], + bp = [ b ]; + + // Parentless nodes are either documents or disconnected + if ( !aup || !bup ) { + return a === document ? -1 : + b === document ? 1 : + aup ? -1 : + bup ? 1 : + sortInput ? + ( indexOf( sortInput, a ) - indexOf( sortInput, b ) ) : + 0; + + // If the nodes are siblings, we can do a quick check + } else if ( aup === bup ) { + return siblingCheck( a, b ); + } + + // Otherwise we need full lists of their ancestors for comparison + cur = a; + while ( (cur = cur.parentNode) ) { + ap.unshift( cur ); + } + cur = b; + while ( (cur = cur.parentNode) ) { + bp.unshift( cur ); + } + + // Walk down the tree looking for a discrepancy + while ( ap[i] === bp[i] ) { + i++; + } + + return i ? + // Do a sibling check if the nodes have a common ancestor + siblingCheck( ap[i], bp[i] ) : + + // Otherwise nodes in our document sort first + ap[i] === preferredDoc ? -1 : + bp[i] === preferredDoc ? 1 : + 0; + }; + + return document; +}; + +Sizzle.matches = function( expr, elements ) { + return Sizzle( expr, null, null, elements ); +}; + +Sizzle.matchesSelector = function( elem, expr ) { + // Set document vars if needed + if ( ( elem.ownerDocument || elem ) !== document ) { + setDocument( elem ); + } + + // Make sure that attribute selectors are quoted + expr = expr.replace( rattributeQuotes, "='$1']" ); + + if ( support.matchesSelector && documentIsHTML && + !compilerCache[ expr + " " ] && + ( !rbuggyMatches || !rbuggyMatches.test( expr ) ) && + ( !rbuggyQSA || !rbuggyQSA.test( expr ) ) ) { + + try { + var ret = matches.call( elem, expr ); + + // IE 9's matchesSelector returns false on disconnected nodes + if ( ret || support.disconnectedMatch || + // As well, disconnected nodes are said to be in a document + // fragment in IE 9 + elem.document && elem.document.nodeType !== 11 ) { + return ret; + } + } catch (e) {} + } + + return Sizzle( expr, document, null, [ elem ] ).length > 0; +}; + +Sizzle.contains = function( context, elem ) { + // Set document vars if needed + if ( ( context.ownerDocument || context ) !== document ) { + setDocument( context ); + } + return contains( context, elem ); +}; + +Sizzle.attr = function( elem, name ) { + // Set document vars if needed + if ( ( elem.ownerDocument || elem ) !== document ) { + setDocument( elem ); + } + + var fn = Expr.attrHandle[ name.toLowerCase() ], + // Don't get fooled by Object.prototype properties (jQuery #13807) + val = fn && hasOwn.call( Expr.attrHandle, name.toLowerCase() ) ? + fn( elem, name, !documentIsHTML ) : + undefined; + + return val !== undefined ? + val : + support.attributes || !documentIsHTML ? + elem.getAttribute( name ) : + (val = elem.getAttributeNode(name)) && val.specified ? + val.value : + null; +}; + +Sizzle.error = function( msg ) { + throw new Error( "Syntax error, unrecognized expression: " + msg ); +}; + +/** + * Document sorting and removing duplicates + * @param {ArrayLike} results + */ +Sizzle.uniqueSort = function( results ) { + var elem, + duplicates = [], + j = 0, + i = 0; + + // Unless we *know* we can detect duplicates, assume their presence + hasDuplicate = !support.detectDuplicates; + sortInput = !support.sortStable && results.slice( 0 ); + results.sort( sortOrder ); + + if ( hasDuplicate ) { + while ( (elem = results[i++]) ) { + if ( elem === results[ i ] ) { + j = duplicates.push( i ); + } + } + while ( j-- ) { + results.splice( duplicates[ j ], 1 ); + } + } + + // Clear input after sorting to release objects + // See https://github.com/jquery/sizzle/pull/225 + sortInput = null; + + return results; +}; + +/** + * Utility function for retrieving the text value of an array of DOM nodes + * @param {Array|Element} elem + */ +getText = Sizzle.getText = function( elem ) { + var node, + ret = "", + i = 0, + nodeType = elem.nodeType; + + if ( !nodeType ) { + // If no nodeType, this is expected to be an array + while ( (node = elem[i++]) ) { + // Do not traverse comment nodes + ret += getText( node ); + } + } else if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) { + // Use textContent for elements + // innerText usage removed for consistency of new lines (jQuery #11153) + if ( typeof elem.textContent === "string" ) { + return elem.textContent; + } else { + // Traverse its children + for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) { + ret += getText( elem ); + } + } + } else if ( nodeType === 3 || nodeType === 4 ) { + return elem.nodeValue; + } + // Do not include comment or processing instruction nodes + + return ret; +}; + +Expr = Sizzle.selectors = { + + // Can be adjusted by the user + cacheLength: 50, + + createPseudo: markFunction, + + match: matchExpr, + + attrHandle: {}, + + find: {}, + + relative: { + ">": { dir: "parentNode", first: true }, + " ": { dir: "parentNode" }, + "+": { dir: "previousSibling", first: true }, + "~": { dir: "previousSibling" } + }, + + preFilter: { + "ATTR": function( match ) { + match[1] = match[1].replace( runescape, funescape ); + + // Move the given value to match[3] whether quoted or unquoted + match[3] = ( match[3] || match[4] || match[5] || "" ).replace( runescape, funescape ); + + if ( match[2] === "~=" ) { + match[3] = " " + match[3] + " "; + } + + return match.slice( 0, 4 ); + }, + + "CHILD": function( match ) { + /* matches from matchExpr["CHILD"] + 1 type (only|nth|...) + 2 what (child|of-type) + 3 argument (even|odd|\d*|\d*n([+-]\d+)?|...) + 4 xn-component of xn+y argument ([+-]?\d*n|) + 5 sign of xn-component + 6 x of xn-component + 7 sign of y-component + 8 y of y-component + */ + match[1] = match[1].toLowerCase(); + + if ( match[1].slice( 0, 3 ) === "nth" ) { + // nth-* requires argument + if ( !match[3] ) { + Sizzle.error( match[0] ); + } + + // numeric x and y parameters for Expr.filter.CHILD + // remember that false/true cast respectively to 0/1 + match[4] = +( match[4] ? match[5] + (match[6] || 1) : 2 * ( match[3] === "even" || match[3] === "odd" ) ); + match[5] = +( ( match[7] + match[8] ) || match[3] === "odd" ); + + // other types prohibit arguments + } else if ( match[3] ) { + Sizzle.error( match[0] ); + } + + return match; + }, + + "PSEUDO": function( match ) { + var excess, + unquoted = !match[6] && match[2]; + + if ( matchExpr["CHILD"].test( match[0] ) ) { + return null; + } + + // Accept quoted arguments as-is + if ( match[3] ) { + match[2] = match[4] || match[5] || ""; + + // Strip excess characters from unquoted arguments + } else if ( unquoted && rpseudo.test( unquoted ) && + // Get excess from tokenize (recursively) + (excess = tokenize( unquoted, true )) && + // advance to the next closing parenthesis + (excess = unquoted.indexOf( ")", unquoted.length - excess ) - unquoted.length) ) { + + // excess is a negative index + match[0] = match[0].slice( 0, excess ); + match[2] = unquoted.slice( 0, excess ); + } + + // Return only captures needed by the pseudo filter method (type and argument) + return match.slice( 0, 3 ); + } + }, + + filter: { + + "TAG": function( nodeNameSelector ) { + var nodeName = nodeNameSelector.replace( runescape, funescape ).toLowerCase(); + return nodeNameSelector === "*" ? + function() { return true; } : + function( elem ) { + return elem.nodeName && elem.nodeName.toLowerCase() === nodeName; + }; + }, + + "CLASS": function( className ) { + var pattern = classCache[ className + " " ]; + + return pattern || + (pattern = new RegExp( "(^|" + whitespace + ")" + className + "(" + whitespace + "|$)" )) && + classCache( className, function( elem ) { + return pattern.test( typeof elem.className === "string" && elem.className || typeof elem.getAttribute !== "undefined" && elem.getAttribute("class") || "" ); + }); + }, + + "ATTR": function( name, operator, check ) { + return function( elem ) { + var result = Sizzle.attr( elem, name ); + + if ( result == null ) { + return operator === "!="; + } + if ( !operator ) { + return true; + } + + result += ""; + + return operator === "=" ? result === check : + operator === "!=" ? result !== check : + operator === "^=" ? check && result.indexOf( check ) === 0 : + operator === "*=" ? check && result.indexOf( check ) > -1 : + operator === "$=" ? check && result.slice( -check.length ) === check : + operator === "~=" ? ( " " + result.replace( rwhitespace, " " ) + " " ).indexOf( check ) > -1 : + operator === "|=" ? result === check || result.slice( 0, check.length + 1 ) === check + "-" : + false; + }; + }, + + "CHILD": function( type, what, argument, first, last ) { + var simple = type.slice( 0, 3 ) !== "nth", + forward = type.slice( -4 ) !== "last", + ofType = what === "of-type"; + + return first === 1 && last === 0 ? + + // Shortcut for :nth-*(n) + function( elem ) { + return !!elem.parentNode; + } : + + function( elem, context, xml ) { + var cache, uniqueCache, outerCache, node, nodeIndex, start, + dir = simple !== forward ? "nextSibling" : "previousSibling", + parent = elem.parentNode, + name = ofType && elem.nodeName.toLowerCase(), + useCache = !xml && !ofType, + diff = false; + + if ( parent ) { + + // :(first|last|only)-(child|of-type) + if ( simple ) { + while ( dir ) { + node = elem; + while ( (node = node[ dir ]) ) { + if ( ofType ? + node.nodeName.toLowerCase() === name : + node.nodeType === 1 ) { + + return false; + } + } + // Reverse direction for :only-* (if we haven't yet done so) + start = dir = type === "only" && !start && "nextSibling"; + } + return true; + } + + start = [ forward ? parent.firstChild : parent.lastChild ]; + + // non-xml :nth-child(...) stores cache data on `parent` + if ( forward && useCache ) { + + // Seek `elem` from a previously-cached index + + // ...in a gzip-friendly way + node = parent; + outerCache = node[ expando ] || (node[ expando ] = {}); + + // Support: IE <9 only + // Defend against cloned attroperties (jQuery gh-1709) + uniqueCache = outerCache[ node.uniqueID ] || + (outerCache[ node.uniqueID ] = {}); + + cache = uniqueCache[ type ] || []; + nodeIndex = cache[ 0 ] === dirruns && cache[ 1 ]; + diff = nodeIndex && cache[ 2 ]; + node = nodeIndex && parent.childNodes[ nodeIndex ]; + + while ( (node = ++nodeIndex && node && node[ dir ] || + + // Fallback to seeking `elem` from the start + (diff = nodeIndex = 0) || start.pop()) ) { + + // When found, cache indexes on `parent` and break + if ( node.nodeType === 1 && ++diff && node === elem ) { + uniqueCache[ type ] = [ dirruns, nodeIndex, diff ]; + break; + } + } + + } else { + // Use previously-cached element index if available + if ( useCache ) { + // ...in a gzip-friendly way + node = elem; + outerCache = node[ expando ] || (node[ expando ] = {}); + + // Support: IE <9 only + // Defend against cloned attroperties (jQuery gh-1709) + uniqueCache = outerCache[ node.uniqueID ] || + (outerCache[ node.uniqueID ] = {}); + + cache = uniqueCache[ type ] || []; + nodeIndex = cache[ 0 ] === dirruns && cache[ 1 ]; + diff = nodeIndex; + } + + // xml :nth-child(...) + // or :nth-last-child(...) or :nth(-last)?-of-type(...) + if ( diff === false ) { + // Use the same loop as above to seek `elem` from the start + while ( (node = ++nodeIndex && node && node[ dir ] || + (diff = nodeIndex = 0) || start.pop()) ) { + + if ( ( ofType ? + node.nodeName.toLowerCase() === name : + node.nodeType === 1 ) && + ++diff ) { + + // Cache the index of each encountered element + if ( useCache ) { + outerCache = node[ expando ] || (node[ expando ] = {}); + + // Support: IE <9 only + // Defend against cloned attroperties (jQuery gh-1709) + uniqueCache = outerCache[ node.uniqueID ] || + (outerCache[ node.uniqueID ] = {}); + + uniqueCache[ type ] = [ dirruns, diff ]; + } + + if ( node === elem ) { + break; + } + } + } + } + } + + // Incorporate the offset, then check against cycle size + diff -= last; + return diff === first || ( diff % first === 0 && diff / first >= 0 ); + } + }; + }, + + "PSEUDO": function( pseudo, argument ) { + // pseudo-class names are case-insensitive + // http://www.w3.org/TR/selectors/#pseudo-classes + // Prioritize by case sensitivity in case custom pseudos are added with uppercase letters + // Remember that setFilters inherits from pseudos + var args, + fn = Expr.pseudos[ pseudo ] || Expr.setFilters[ pseudo.toLowerCase() ] || + Sizzle.error( "unsupported pseudo: " + pseudo ); + + // The user may use createPseudo to indicate that + // arguments are needed to create the filter function + // just as Sizzle does + if ( fn[ expando ] ) { + return fn( argument ); + } + + // But maintain support for old signatures + if ( fn.length > 1 ) { + args = [ pseudo, pseudo, "", argument ]; + return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ? + markFunction(function( seed, matches ) { + var idx, + matched = fn( seed, argument ), + i = matched.length; + while ( i-- ) { + idx = indexOf( seed, matched[i] ); + seed[ idx ] = !( matches[ idx ] = matched[i] ); + } + }) : + function( elem ) { + return fn( elem, 0, args ); + }; + } + + return fn; + } + }, + + pseudos: { + // Potentially complex pseudos + "not": markFunction(function( selector ) { + // Trim the selector passed to compile + // to avoid treating leading and trailing + // spaces as combinators + var input = [], + results = [], + matcher = compile( selector.replace( rtrim, "$1" ) ); + + return matcher[ expando ] ? + markFunction(function( seed, matches, context, xml ) { + var elem, + unmatched = matcher( seed, null, xml, [] ), + i = seed.length; + + // Match elements unmatched by `matcher` + while ( i-- ) { + if ( (elem = unmatched[i]) ) { + seed[i] = !(matches[i] = elem); + } + } + }) : + function( elem, context, xml ) { + input[0] = elem; + matcher( input, null, xml, results ); + // Don't keep the element (issue #299) + input[0] = null; + return !results.pop(); + }; + }), + + "has": markFunction(function( selector ) { + return function( elem ) { + return Sizzle( selector, elem ).length > 0; + }; + }), + + "contains": markFunction(function( text ) { + text = text.replace( runescape, funescape ); + return function( elem ) { + return ( elem.textContent || elem.innerText || getText( elem ) ).indexOf( text ) > -1; + }; + }), + + // "Whether an element is represented by a :lang() selector + // is based solely on the element's language value + // being equal to the identifier C, + // or beginning with the identifier C immediately followed by "-". + // The matching of C against the element's language value is performed case-insensitively. + // The identifier C does not have to be a valid language name." + // http://www.w3.org/TR/selectors/#lang-pseudo + "lang": markFunction( function( lang ) { + // lang value must be a valid identifier + if ( !ridentifier.test(lang || "") ) { + Sizzle.error( "unsupported lang: " + lang ); + } + lang = lang.replace( runescape, funescape ).toLowerCase(); + return function( elem ) { + var elemLang; + do { + if ( (elemLang = documentIsHTML ? + elem.lang : + elem.getAttribute("xml:lang") || elem.getAttribute("lang")) ) { + + elemLang = elemLang.toLowerCase(); + return elemLang === lang || elemLang.indexOf( lang + "-" ) === 0; + } + } while ( (elem = elem.parentNode) && elem.nodeType === 1 ); + return false; + }; + }), + + // Miscellaneous + "target": function( elem ) { + var hash = window.location && window.location.hash; + return hash && hash.slice( 1 ) === elem.id; + }, + + "root": function( elem ) { + return elem === docElem; + }, + + "focus": function( elem ) { + return elem === document.activeElement && (!document.hasFocus || document.hasFocus()) && !!(elem.type || elem.href || ~elem.tabIndex); + }, + + // Boolean properties + "enabled": function( elem ) { + return elem.disabled === false; + }, + + "disabled": function( elem ) { + return elem.disabled === true; + }, + + "checked": function( elem ) { + // In CSS3, :checked should return both checked and selected elements + // http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked + var nodeName = elem.nodeName.toLowerCase(); + return (nodeName === "input" && !!elem.checked) || (nodeName === "option" && !!elem.selected); + }, + + "selected": function( elem ) { + // Accessing this property makes selected-by-default + // options in Safari work properly + if ( elem.parentNode ) { + elem.parentNode.selectedIndex; + } + + return elem.selected === true; + }, + + // Contents + "empty": function( elem ) { + // http://www.w3.org/TR/selectors/#empty-pseudo + // :empty is negated by element (1) or content nodes (text: 3; cdata: 4; entity ref: 5), + // but not by others (comment: 8; processing instruction: 7; etc.) + // nodeType < 6 works because attributes (2) do not appear as children + for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) { + if ( elem.nodeType < 6 ) { + return false; + } + } + return true; + }, + + "parent": function( elem ) { + return !Expr.pseudos["empty"]( elem ); + }, + + // Element/input types + "header": function( elem ) { + return rheader.test( elem.nodeName ); + }, + + "input": function( elem ) { + return rinputs.test( elem.nodeName ); + }, + + "button": function( elem ) { + var name = elem.nodeName.toLowerCase(); + return name === "input" && elem.type === "button" || name === "button"; + }, + + "text": function( elem ) { + var attr; + return elem.nodeName.toLowerCase() === "input" && + elem.type === "text" && + + // Support: IE<8 + // New HTML5 attribute values (e.g., "search") appear with elem.type === "text" + ( (attr = elem.getAttribute("type")) == null || attr.toLowerCase() === "text" ); + }, + + // Position-in-collection + "first": createPositionalPseudo(function() { + return [ 0 ]; + }), + + "last": createPositionalPseudo(function( matchIndexes, length ) { + return [ length - 1 ]; + }), + + "eq": createPositionalPseudo(function( matchIndexes, length, argument ) { + return [ argument < 0 ? argument + length : argument ]; + }), + + "even": createPositionalPseudo(function( matchIndexes, length ) { + var i = 0; + for ( ; i < length; i += 2 ) { + matchIndexes.push( i ); + } + return matchIndexes; + }), + + "odd": createPositionalPseudo(function( matchIndexes, length ) { + var i = 1; + for ( ; i < length; i += 2 ) { + matchIndexes.push( i ); + } + return matchIndexes; + }), + + "lt": createPositionalPseudo(function( matchIndexes, length, argument ) { + var i = argument < 0 ? argument + length : argument; + for ( ; --i >= 0; ) { + matchIndexes.push( i ); + } + return matchIndexes; + }), + + "gt": createPositionalPseudo(function( matchIndexes, length, argument ) { + var i = argument < 0 ? argument + length : argument; + for ( ; ++i < length; ) { + matchIndexes.push( i ); + } + return matchIndexes; + }) + } +}; + +Expr.pseudos["nth"] = Expr.pseudos["eq"]; + +// Add button/input type pseudos +for ( i in { radio: true, checkbox: true, file: true, password: true, image: true } ) { + Expr.pseudos[ i ] = createInputPseudo( i ); +} +for ( i in { submit: true, reset: true } ) { + Expr.pseudos[ i ] = createButtonPseudo( i ); +} + +// Easy API for creating new setFilters +function setFilters() {} +setFilters.prototype = Expr.filters = Expr.pseudos; +Expr.setFilters = new setFilters(); + +tokenize = Sizzle.tokenize = function( selector, parseOnly ) { + var matched, match, tokens, type, + soFar, groups, preFilters, + cached = tokenCache[ selector + " " ]; + + if ( cached ) { + return parseOnly ? 0 : cached.slice( 0 ); + } + + soFar = selector; + groups = []; + preFilters = Expr.preFilter; + + while ( soFar ) { + + // Comma and first run + if ( !matched || (match = rcomma.exec( soFar )) ) { + if ( match ) { + // Don't consume trailing commas as valid + soFar = soFar.slice( match[0].length ) || soFar; + } + groups.push( (tokens = []) ); + } + + matched = false; + + // Combinators + if ( (match = rcombinators.exec( soFar )) ) { + matched = match.shift(); + tokens.push({ + value: matched, + // Cast descendant combinators to space + type: match[0].replace( rtrim, " " ) + }); + soFar = soFar.slice( matched.length ); + } + + // Filters + for ( type in Expr.filter ) { + if ( (match = matchExpr[ type ].exec( soFar )) && (!preFilters[ type ] || + (match = preFilters[ type ]( match ))) ) { + matched = match.shift(); + tokens.push({ + value: matched, + type: type, + matches: match + }); + soFar = soFar.slice( matched.length ); + } + } + + if ( !matched ) { + break; + } + } + + // Return the length of the invalid excess + // if we're just parsing + // Otherwise, throw an error or return tokens + return parseOnly ? + soFar.length : + soFar ? + Sizzle.error( selector ) : + // Cache the tokens + tokenCache( selector, groups ).slice( 0 ); +}; + +function toSelector( tokens ) { + var i = 0, + len = tokens.length, + selector = ""; + for ( ; i < len; i++ ) { + selector += tokens[i].value; + } + return selector; +} + +function addCombinator( matcher, combinator, base ) { + var dir = combinator.dir, + checkNonElements = base && dir === "parentNode", + doneName = done++; + + return combinator.first ? + // Check against closest ancestor/preceding element + function( elem, context, xml ) { + while ( (elem = elem[ dir ]) ) { + if ( elem.nodeType === 1 || checkNonElements ) { + return matcher( elem, context, xml ); + } + } + } : + + // Check against all ancestor/preceding elements + function( elem, context, xml ) { + var oldCache, uniqueCache, outerCache, + newCache = [ dirruns, doneName ]; + + // We can't set arbitrary data on XML nodes, so they don't benefit from combinator caching + if ( xml ) { + while ( (elem = elem[ dir ]) ) { + if ( elem.nodeType === 1 || checkNonElements ) { + if ( matcher( elem, context, xml ) ) { + return true; + } + } + } + } else { + while ( (elem = elem[ dir ]) ) { + if ( elem.nodeType === 1 || checkNonElements ) { + outerCache = elem[ expando ] || (elem[ expando ] = {}); + + // Support: IE <9 only + // Defend against cloned attroperties (jQuery gh-1709) + uniqueCache = outerCache[ elem.uniqueID ] || (outerCache[ elem.uniqueID ] = {}); + + if ( (oldCache = uniqueCache[ dir ]) && + oldCache[ 0 ] === dirruns && oldCache[ 1 ] === doneName ) { + + // Assign to newCache so results back-propagate to previous elements + return (newCache[ 2 ] = oldCache[ 2 ]); + } else { + // Reuse newcache so results back-propagate to previous elements + uniqueCache[ dir ] = newCache; + + // A match means we're done; a fail means we have to keep checking + if ( (newCache[ 2 ] = matcher( elem, context, xml )) ) { + return true; + } + } + } + } + } + }; +} + +function elementMatcher( matchers ) { + return matchers.length > 1 ? + function( elem, context, xml ) { + var i = matchers.length; + while ( i-- ) { + if ( !matchers[i]( elem, context, xml ) ) { + return false; + } + } + return true; + } : + matchers[0]; +} + +function multipleContexts( selector, contexts, results ) { + var i = 0, + len = contexts.length; + for ( ; i < len; i++ ) { + Sizzle( selector, contexts[i], results ); + } + return results; +} + +function condense( unmatched, map, filter, context, xml ) { + var elem, + newUnmatched = [], + i = 0, + len = unmatched.length, + mapped = map != null; + + for ( ; i < len; i++ ) { + if ( (elem = unmatched[i]) ) { + if ( !filter || filter( elem, context, xml ) ) { + newUnmatched.push( elem ); + if ( mapped ) { + map.push( i ); + } + } + } + } + + return newUnmatched; +} + +function setMatcher( preFilter, selector, matcher, postFilter, postFinder, postSelector ) { + if ( postFilter && !postFilter[ expando ] ) { + postFilter = setMatcher( postFilter ); + } + if ( postFinder && !postFinder[ expando ] ) { + postFinder = setMatcher( postFinder, postSelector ); + } + return markFunction(function( seed, results, context, xml ) { + var temp, i, elem, + preMap = [], + postMap = [], + preexisting = results.length, + + // Get initial elements from seed or context + elems = seed || multipleContexts( selector || "*", context.nodeType ? [ context ] : context, [] ), + + // Prefilter to get matcher input, preserving a map for seed-results synchronization + matcherIn = preFilter && ( seed || !selector ) ? + condense( elems, preMap, preFilter, context, xml ) : + elems, + + matcherOut = matcher ? + // If we have a postFinder, or filtered seed, or non-seed postFilter or preexisting results, + postFinder || ( seed ? preFilter : preexisting || postFilter ) ? + + // ...intermediate processing is necessary + [] : + + // ...otherwise use results directly + results : + matcherIn; + + // Find primary matches + if ( matcher ) { + matcher( matcherIn, matcherOut, context, xml ); + } + + // Apply postFilter + if ( postFilter ) { + temp = condense( matcherOut, postMap ); + postFilter( temp, [], context, xml ); + + // Un-match failing elements by moving them back to matcherIn + i = temp.length; + while ( i-- ) { + if ( (elem = temp[i]) ) { + matcherOut[ postMap[i] ] = !(matcherIn[ postMap[i] ] = elem); + } + } + } + + if ( seed ) { + if ( postFinder || preFilter ) { + if ( postFinder ) { + // Get the final matcherOut by condensing this intermediate into postFinder contexts + temp = []; + i = matcherOut.length; + while ( i-- ) { + if ( (elem = matcherOut[i]) ) { + // Restore matcherIn since elem is not yet a final match + temp.push( (matcherIn[i] = elem) ); + } + } + postFinder( null, (matcherOut = []), temp, xml ); + } + + // Move matched elements from seed to results to keep them synchronized + i = matcherOut.length; + while ( i-- ) { + if ( (elem = matcherOut[i]) && + (temp = postFinder ? indexOf( seed, elem ) : preMap[i]) > -1 ) { + + seed[temp] = !(results[temp] = elem); + } + } + } + + // Add elements to results, through postFinder if defined + } else { + matcherOut = condense( + matcherOut === results ? + matcherOut.splice( preexisting, matcherOut.length ) : + matcherOut + ); + if ( postFinder ) { + postFinder( null, results, matcherOut, xml ); + } else { + push.apply( results, matcherOut ); + } + } + }); +} + +function matcherFromTokens( tokens ) { + var checkContext, matcher, j, + len = tokens.length, + leadingRelative = Expr.relative[ tokens[0].type ], + implicitRelative = leadingRelative || Expr.relative[" "], + i = leadingRelative ? 1 : 0, + + // The foundational matcher ensures that elements are reachable from top-level context(s) + matchContext = addCombinator( function( elem ) { + return elem === checkContext; + }, implicitRelative, true ), + matchAnyContext = addCombinator( function( elem ) { + return indexOf( checkContext, elem ) > -1; + }, implicitRelative, true ), + matchers = [ function( elem, context, xml ) { + var ret = ( !leadingRelative && ( xml || context !== outermostContext ) ) || ( + (checkContext = context).nodeType ? + matchContext( elem, context, xml ) : + matchAnyContext( elem, context, xml ) ); + // Avoid hanging onto element (issue #299) + checkContext = null; + return ret; + } ]; + + for ( ; i < len; i++ ) { + if ( (matcher = Expr.relative[ tokens[i].type ]) ) { + matchers = [ addCombinator(elementMatcher( matchers ), matcher) ]; + } else { + matcher = Expr.filter[ tokens[i].type ].apply( null, tokens[i].matches ); + + // Return special upon seeing a positional matcher + if ( matcher[ expando ] ) { + // Find the next relative operator (if any) for proper handling + j = ++i; + for ( ; j < len; j++ ) { + if ( Expr.relative[ tokens[j].type ] ) { + break; + } + } + return setMatcher( + i > 1 && elementMatcher( matchers ), + i > 1 && toSelector( + // If the preceding token was a descendant combinator, insert an implicit any-element `*` + tokens.slice( 0, i - 1 ).concat({ value: tokens[ i - 2 ].type === " " ? "*" : "" }) + ).replace( rtrim, "$1" ), + matcher, + i < j && matcherFromTokens( tokens.slice( i, j ) ), + j < len && matcherFromTokens( (tokens = tokens.slice( j )) ), + j < len && toSelector( tokens ) + ); + } + matchers.push( matcher ); + } + } + + return elementMatcher( matchers ); +} + +function matcherFromGroupMatchers( elementMatchers, setMatchers ) { + var bySet = setMatchers.length > 0, + byElement = elementMatchers.length > 0, + superMatcher = function( seed, context, xml, results, outermost ) { + var elem, j, matcher, + matchedCount = 0, + i = "0", + unmatched = seed && [], + setMatched = [], + contextBackup = outermostContext, + // We must always have either seed elements or outermost context + elems = seed || byElement && Expr.find["TAG"]( "*", outermost ), + // Use integer dirruns iff this is the outermost matcher + dirrunsUnique = (dirruns += contextBackup == null ? 1 : Math.random() || 0.1), + len = elems.length; + + if ( outermost ) { + outermostContext = context === document || context || outermost; + } + + // Add elements passing elementMatchers directly to results + // Support: IE<9, Safari + // Tolerate NodeList properties (IE: "length"; Safari: ) matching elements by id + for ( ; i !== len && (elem = elems[i]) != null; i++ ) { + if ( byElement && elem ) { + j = 0; + if ( !context && elem.ownerDocument !== document ) { + setDocument( elem ); + xml = !documentIsHTML; + } + while ( (matcher = elementMatchers[j++]) ) { + if ( matcher( elem, context || document, xml) ) { + results.push( elem ); + break; + } + } + if ( outermost ) { + dirruns = dirrunsUnique; + } + } + + // Track unmatched elements for set filters + if ( bySet ) { + // They will have gone through all possible matchers + if ( (elem = !matcher && elem) ) { + matchedCount--; + } + + // Lengthen the array for every element, matched or not + if ( seed ) { + unmatched.push( elem ); + } + } + } + + // `i` is now the count of elements visited above, and adding it to `matchedCount` + // makes the latter nonnegative. + matchedCount += i; + + // Apply set filters to unmatched elements + // NOTE: This can be skipped if there are no unmatched elements (i.e., `matchedCount` + // equals `i`), unless we didn't visit _any_ elements in the above loop because we have + // no element matchers and no seed. + // Incrementing an initially-string "0" `i` allows `i` to remain a string only in that + // case, which will result in a "00" `matchedCount` that differs from `i` but is also + // numerically zero. + if ( bySet && i !== matchedCount ) { + j = 0; + while ( (matcher = setMatchers[j++]) ) { + matcher( unmatched, setMatched, context, xml ); + } + + if ( seed ) { + // Reintegrate element matches to eliminate the need for sorting + if ( matchedCount > 0 ) { + while ( i-- ) { + if ( !(unmatched[i] || setMatched[i]) ) { + setMatched[i] = pop.call( results ); + } + } + } + + // Discard index placeholder values to get only actual matches + setMatched = condense( setMatched ); + } + + // Add matches to results + push.apply( results, setMatched ); + + // Seedless set matches succeeding multiple successful matchers stipulate sorting + if ( outermost && !seed && setMatched.length > 0 && + ( matchedCount + setMatchers.length ) > 1 ) { + + Sizzle.uniqueSort( results ); + } + } + + // Override manipulation of globals by nested matchers + if ( outermost ) { + dirruns = dirrunsUnique; + outermostContext = contextBackup; + } + + return unmatched; + }; + + return bySet ? + markFunction( superMatcher ) : + superMatcher; +} + +compile = Sizzle.compile = function( selector, match /* Internal Use Only */ ) { + var i, + setMatchers = [], + elementMatchers = [], + cached = compilerCache[ selector + " " ]; + + if ( !cached ) { + // Generate a function of recursive functions that can be used to check each element + if ( !match ) { + match = tokenize( selector ); + } + i = match.length; + while ( i-- ) { + cached = matcherFromTokens( match[i] ); + if ( cached[ expando ] ) { + setMatchers.push( cached ); + } else { + elementMatchers.push( cached ); + } + } + + // Cache the compiled function + cached = compilerCache( selector, matcherFromGroupMatchers( elementMatchers, setMatchers ) ); + + // Save selector and tokenization + cached.selector = selector; + } + return cached; +}; + +/** + * A low-level selection function that works with Sizzle's compiled + * selector functions + * @param {String|Function} selector A selector or a pre-compiled + * selector function built with Sizzle.compile + * @param {Element} context + * @param {Array} [results] + * @param {Array} [seed] A set of elements to match against + */ +select = Sizzle.select = function( selector, context, results, seed ) { + var i, tokens, token, type, find, + compiled = typeof selector === "function" && selector, + match = !seed && tokenize( (selector = compiled.selector || selector) ); + + results = results || []; + + // Try to minimize operations if there is only one selector in the list and no seed + // (the latter of which guarantees us context) + if ( match.length === 1 ) { + + // Reduce context if the leading compound selector is an ID + tokens = match[0] = match[0].slice( 0 ); + if ( tokens.length > 2 && (token = tokens[0]).type === "ID" && + support.getById && context.nodeType === 9 && documentIsHTML && + Expr.relative[ tokens[1].type ] ) { + + context = ( Expr.find["ID"]( token.matches[0].replace(runescape, funescape), context ) || [] )[0]; + if ( !context ) { + return results; + + // Precompiled matchers will still verify ancestry, so step up a level + } else if ( compiled ) { + context = context.parentNode; + } + + selector = selector.slice( tokens.shift().value.length ); + } + + // Fetch a seed set for right-to-left matching + i = matchExpr["needsContext"].test( selector ) ? 0 : tokens.length; + while ( i-- ) { + token = tokens[i]; + + // Abort if we hit a combinator + if ( Expr.relative[ (type = token.type) ] ) { + break; + } + if ( (find = Expr.find[ type ]) ) { + // Search, expanding context for leading sibling combinators + if ( (seed = find( + token.matches[0].replace( runescape, funescape ), + rsibling.test( tokens[0].type ) && testContext( context.parentNode ) || context + )) ) { + + // If seed is empty or no tokens remain, we can return early + tokens.splice( i, 1 ); + selector = seed.length && toSelector( tokens ); + if ( !selector ) { + push.apply( results, seed ); + return results; + } + + break; + } + } + } + } + + // Compile and execute a filtering function if one is not provided + // Provide `match` to avoid retokenization if we modified the selector above + ( compiled || compile( selector, match ) )( + seed, + context, + !documentIsHTML, + results, + !context || rsibling.test( selector ) && testContext( context.parentNode ) || context + ); + return results; +}; + +// One-time assignments + +// Sort stability +support.sortStable = expando.split("").sort( sortOrder ).join("") === expando; + +// Support: Chrome 14-35+ +// Always assume duplicates if they aren't passed to the comparison function +support.detectDuplicates = !!hasDuplicate; + +// Initialize against the default document +setDocument(); + +// Support: Webkit<537.32 - Safari 6.0.3/Chrome 25 (fixed in Chrome 27) +// Detached nodes confoundingly follow *each other* +support.sortDetached = assert(function( div1 ) { + // Should return 1, but returns 4 (following) + return div1.compareDocumentPosition( document.createElement("div") ) & 1; +}); + +// Support: IE<8 +// Prevent attribute/property "interpolation" +// http://msdn.microsoft.com/en-us/library/ms536429%28VS.85%29.aspx +if ( !assert(function( div ) { + div.innerHTML = ""; + return div.firstChild.getAttribute("href") === "#" ; +}) ) { + addHandle( "type|href|height|width", function( elem, name, isXML ) { + if ( !isXML ) { + return elem.getAttribute( name, name.toLowerCase() === "type" ? 1 : 2 ); + } + }); +} + +// Support: IE<9 +// Use defaultValue in place of getAttribute("value") +if ( !support.attributes || !assert(function( div ) { + div.innerHTML = ""; + div.firstChild.setAttribute( "value", "" ); + return div.firstChild.getAttribute( "value" ) === ""; +}) ) { + addHandle( "value", function( elem, name, isXML ) { + if ( !isXML && elem.nodeName.toLowerCase() === "input" ) { + return elem.defaultValue; + } + }); +} + +// Support: IE<9 +// Use getAttributeNode to fetch booleans when getAttribute lies +if ( !assert(function( div ) { + return div.getAttribute("disabled") == null; +}) ) { + addHandle( booleans, function( elem, name, isXML ) { + var val; + if ( !isXML ) { + return elem[ name ] === true ? name.toLowerCase() : + (val = elem.getAttributeNode( name )) && val.specified ? + val.value : + null; + } + }); +} + +return Sizzle; + +})( window ); + + + +jQuery.find = Sizzle; +jQuery.expr = Sizzle.selectors; +jQuery.expr[ ":" ] = jQuery.expr.pseudos; +jQuery.uniqueSort = jQuery.unique = Sizzle.uniqueSort; +jQuery.text = Sizzle.getText; +jQuery.isXMLDoc = Sizzle.isXML; +jQuery.contains = Sizzle.contains; + + + +var dir = function( elem, dir, until ) { + var matched = [], + truncate = until !== undefined; + + while ( ( elem = elem[ dir ] ) && elem.nodeType !== 9 ) { + if ( elem.nodeType === 1 ) { + if ( truncate && jQuery( elem ).is( until ) ) { + break; + } + matched.push( elem ); + } + } + return matched; +}; + + +var siblings = function( n, elem ) { + var matched = []; + + for ( ; n; n = n.nextSibling ) { + if ( n.nodeType === 1 && n !== elem ) { + matched.push( n ); + } + } + + return matched; +}; + + +var rneedsContext = jQuery.expr.match.needsContext; + +var rsingleTag = ( /^<([\w-]+)\s*\/?>(?:<\/\1>|)$/ ); + + + +var risSimple = /^.[^:#\[\.,]*$/; + +// Implement the identical functionality for filter and not +function winnow( elements, qualifier, not ) { + if ( jQuery.isFunction( qualifier ) ) { + return jQuery.grep( elements, function( elem, i ) { + /* jshint -W018 */ + return !!qualifier.call( elem, i, elem ) !== not; + } ); + + } + + if ( qualifier.nodeType ) { + return jQuery.grep( elements, function( elem ) { + return ( elem === qualifier ) !== not; + } ); + + } + + if ( typeof qualifier === "string" ) { + if ( risSimple.test( qualifier ) ) { + return jQuery.filter( qualifier, elements, not ); + } + + qualifier = jQuery.filter( qualifier, elements ); + } + + return jQuery.grep( elements, function( elem ) { + return ( jQuery.inArray( elem, qualifier ) > -1 ) !== not; + } ); +} + +jQuery.filter = function( expr, elems, not ) { + var elem = elems[ 0 ]; + + if ( not ) { + expr = ":not(" + expr + ")"; + } + + return elems.length === 1 && elem.nodeType === 1 ? + jQuery.find.matchesSelector( elem, expr ) ? [ elem ] : [] : + jQuery.find.matches( expr, jQuery.grep( elems, function( elem ) { + return elem.nodeType === 1; + } ) ); +}; + +jQuery.fn.extend( { + find: function( selector ) { + var i, + ret = [], + self = this, + len = self.length; + + if ( typeof selector !== "string" ) { + return this.pushStack( jQuery( selector ).filter( function() { + for ( i = 0; i < len; i++ ) { + if ( jQuery.contains( self[ i ], this ) ) { + return true; + } + } + } ) ); + } + + for ( i = 0; i < len; i++ ) { + jQuery.find( selector, self[ i ], ret ); + } + + // Needed because $( selector, context ) becomes $( context ).find( selector ) + ret = this.pushStack( len > 1 ? jQuery.unique( ret ) : ret ); + ret.selector = this.selector ? this.selector + " " + selector : selector; + return ret; + }, + filter: function( selector ) { + return this.pushStack( winnow( this, selector || [], false ) ); + }, + not: function( selector ) { + return this.pushStack( winnow( this, selector || [], true ) ); + }, + is: function( selector ) { + return !!winnow( + this, + + // If this is a positional/relative selector, check membership in the returned set + // so $("p:first").is("p:last") won't return true for a doc with two "p". + typeof selector === "string" && rneedsContext.test( selector ) ? + jQuery( selector ) : + selector || [], + false + ).length; + } +} ); + + +// Initialize a jQuery object + + +// A central reference to the root jQuery(document) +var rootjQuery, + + // A simple way to check for HTML strings + // Prioritize #id over to avoid XSS via location.hash (#9521) + // Strict HTML recognition (#11290: must start with <) + rquickExpr = /^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]*))$/, + + init = jQuery.fn.init = function( selector, context, root ) { + var match, elem; + + // HANDLE: $(""), $(null), $(undefined), $(false) + if ( !selector ) { + return this; + } + + // init accepts an alternate rootjQuery + // so migrate can support jQuery.sub (gh-2101) + root = root || rootjQuery; + + // Handle HTML strings + if ( typeof selector === "string" ) { + if ( selector.charAt( 0 ) === "<" && + selector.charAt( selector.length - 1 ) === ">" && + selector.length >= 3 ) { + + // Assume that strings that start and end with <> are HTML and skip the regex check + match = [ null, selector, null ]; + + } else { + match = rquickExpr.exec( selector ); + } + + // Match html or make sure no context is specified for #id + if ( match && ( match[ 1 ] || !context ) ) { + + // HANDLE: $(html) -> $(array) + if ( match[ 1 ] ) { + context = context instanceof jQuery ? context[ 0 ] : context; + + // scripts is true for back-compat + // Intentionally let the error be thrown if parseHTML is not present + jQuery.merge( this, jQuery.parseHTML( + match[ 1 ], + context && context.nodeType ? context.ownerDocument || context : document, + true + ) ); + + // HANDLE: $(html, props) + if ( rsingleTag.test( match[ 1 ] ) && jQuery.isPlainObject( context ) ) { + for ( match in context ) { + + // Properties of context are called as methods if possible + if ( jQuery.isFunction( this[ match ] ) ) { + this[ match ]( context[ match ] ); + + // ...and otherwise set as attributes + } else { + this.attr( match, context[ match ] ); + } + } + } + + return this; + + // HANDLE: $(#id) + } else { + elem = document.getElementById( match[ 2 ] ); + + // Check parentNode to catch when Blackberry 4.6 returns + // nodes that are no longer in the document #6963 + if ( elem && elem.parentNode ) { + + // Handle the case where IE and Opera return items + // by name instead of ID + if ( elem.id !== match[ 2 ] ) { + return rootjQuery.find( selector ); + } + + // Otherwise, we inject the element directly into the jQuery object + this.length = 1; + this[ 0 ] = elem; + } + + this.context = document; + this.selector = selector; + return this; + } + + // HANDLE: $(expr, $(...)) + } else if ( !context || context.jquery ) { + return ( context || root ).find( selector ); + + // HANDLE: $(expr, context) + // (which is just equivalent to: $(context).find(expr) + } else { + return this.constructor( context ).find( selector ); + } + + // HANDLE: $(DOMElement) + } else if ( selector.nodeType ) { + this.context = this[ 0 ] = selector; + this.length = 1; + return this; + + // HANDLE: $(function) + // Shortcut for document ready + } else if ( jQuery.isFunction( selector ) ) { + return typeof root.ready !== "undefined" ? + root.ready( selector ) : + + // Execute immediately if ready is not present + selector( jQuery ); + } + + if ( selector.selector !== undefined ) { + this.selector = selector.selector; + this.context = selector.context; + } + + return jQuery.makeArray( selector, this ); + }; + +// Give the init function the jQuery prototype for later instantiation +init.prototype = jQuery.fn; + +// Initialize central reference +rootjQuery = jQuery( document ); + + +var rparentsprev = /^(?:parents|prev(?:Until|All))/, + + // methods guaranteed to produce a unique set when starting from a unique set + guaranteedUnique = { + children: true, + contents: true, + next: true, + prev: true + }; + +jQuery.fn.extend( { + has: function( target ) { + var i, + targets = jQuery( target, this ), + len = targets.length; + + return this.filter( function() { + for ( i = 0; i < len; i++ ) { + if ( jQuery.contains( this, targets[ i ] ) ) { + return true; + } + } + } ); + }, + + closest: function( selectors, context ) { + var cur, + i = 0, + l = this.length, + matched = [], + pos = rneedsContext.test( selectors ) || typeof selectors !== "string" ? + jQuery( selectors, context || this.context ) : + 0; + + for ( ; i < l; i++ ) { + for ( cur = this[ i ]; cur && cur !== context; cur = cur.parentNode ) { + + // Always skip document fragments + if ( cur.nodeType < 11 && ( pos ? + pos.index( cur ) > -1 : + + // Don't pass non-elements to Sizzle + cur.nodeType === 1 && + jQuery.find.matchesSelector( cur, selectors ) ) ) { + + matched.push( cur ); + break; + } + } + } + + return this.pushStack( matched.length > 1 ? jQuery.uniqueSort( matched ) : matched ); + }, + + // Determine the position of an element within + // the matched set of elements + index: function( elem ) { + + // No argument, return index in parent + if ( !elem ) { + return ( this[ 0 ] && this[ 0 ].parentNode ) ? this.first().prevAll().length : -1; + } + + // index in selector + if ( typeof elem === "string" ) { + return jQuery.inArray( this[ 0 ], jQuery( elem ) ); + } + + // Locate the position of the desired element + return jQuery.inArray( + + // If it receives a jQuery object, the first element is used + elem.jquery ? elem[ 0 ] : elem, this ); + }, + + add: function( selector, context ) { + return this.pushStack( + jQuery.uniqueSort( + jQuery.merge( this.get(), jQuery( selector, context ) ) + ) + ); + }, + + addBack: function( selector ) { + return this.add( selector == null ? + this.prevObject : this.prevObject.filter( selector ) + ); + } +} ); + +function sibling( cur, dir ) { + do { + cur = cur[ dir ]; + } while ( cur && cur.nodeType !== 1 ); + + return cur; +} + +jQuery.each( { + parent: function( elem ) { + var parent = elem.parentNode; + return parent && parent.nodeType !== 11 ? parent : null; + }, + parents: function( elem ) { + return dir( elem, "parentNode" ); + }, + parentsUntil: function( elem, i, until ) { + return dir( elem, "parentNode", until ); + }, + next: function( elem ) { + return sibling( elem, "nextSibling" ); + }, + prev: function( elem ) { + return sibling( elem, "previousSibling" ); + }, + nextAll: function( elem ) { + return dir( elem, "nextSibling" ); + }, + prevAll: function( elem ) { + return dir( elem, "previousSibling" ); + }, + nextUntil: function( elem, i, until ) { + return dir( elem, "nextSibling", until ); + }, + prevUntil: function( elem, i, until ) { + return dir( elem, "previousSibling", until ); + }, + siblings: function( elem ) { + return siblings( ( elem.parentNode || {} ).firstChild, elem ); + }, + children: function( elem ) { + return siblings( elem.firstChild ); + }, + contents: function( elem ) { + return jQuery.nodeName( elem, "iframe" ) ? + elem.contentDocument || elem.contentWindow.document : + jQuery.merge( [], elem.childNodes ); + } +}, function( name, fn ) { + jQuery.fn[ name ] = function( until, selector ) { + var ret = jQuery.map( this, fn, until ); + + if ( name.slice( -5 ) !== "Until" ) { + selector = until; + } + + if ( selector && typeof selector === "string" ) { + ret = jQuery.filter( selector, ret ); + } + + if ( this.length > 1 ) { + + // Remove duplicates + if ( !guaranteedUnique[ name ] ) { + ret = jQuery.uniqueSort( ret ); + } + + // Reverse order for parents* and prev-derivatives + if ( rparentsprev.test( name ) ) { + ret = ret.reverse(); + } + } + + return this.pushStack( ret ); + }; +} ); +var rnotwhite = ( /\S+/g ); + + + +// Convert String-formatted options into Object-formatted ones +function createOptions( options ) { + var object = {}; + jQuery.each( options.match( rnotwhite ) || [], function( _, flag ) { + object[ flag ] = true; + } ); + return object; +} + +/* + * Create a callback list using the following parameters: + * + * options: an optional list of space-separated options that will change how + * the callback list behaves or a more traditional option object + * + * By default a callback list will act like an event callback list and can be + * "fired" multiple times. + * + * Possible options: + * + * once: will ensure the callback list can only be fired once (like a Deferred) + * + * memory: will keep track of previous values and will call any callback added + * after the list has been fired right away with the latest "memorized" + * values (like a Deferred) + * + * unique: will ensure a callback can only be added once (no duplicate in the list) + * + * stopOnFalse: interrupt callings when a callback returns false + * + */ +jQuery.Callbacks = function( options ) { + + // Convert options from String-formatted to Object-formatted if needed + // (we check in cache first) + options = typeof options === "string" ? + createOptions( options ) : + jQuery.extend( {}, options ); + + var // Flag to know if list is currently firing + firing, + + // Last fire value for non-forgettable lists + memory, + + // Flag to know if list was already fired + fired, + + // Flag to prevent firing + locked, + + // Actual callback list + list = [], + + // Queue of execution data for repeatable lists + queue = [], + + // Index of currently firing callback (modified by add/remove as needed) + firingIndex = -1, + + // Fire callbacks + fire = function() { + + // Enforce single-firing + locked = options.once; + + // Execute callbacks for all pending executions, + // respecting firingIndex overrides and runtime changes + fired = firing = true; + for ( ; queue.length; firingIndex = -1 ) { + memory = queue.shift(); + while ( ++firingIndex < list.length ) { + + // Run callback and check for early termination + if ( list[ firingIndex ].apply( memory[ 0 ], memory[ 1 ] ) === false && + options.stopOnFalse ) { + + // Jump to end and forget the data so .add doesn't re-fire + firingIndex = list.length; + memory = false; + } + } + } + + // Forget the data if we're done with it + if ( !options.memory ) { + memory = false; + } + + firing = false; + + // Clean up if we're done firing for good + if ( locked ) { + + // Keep an empty list if we have data for future add calls + if ( memory ) { + list = []; + + // Otherwise, this object is spent + } else { + list = ""; + } + } + }, + + // Actual Callbacks object + self = { + + // Add a callback or a collection of callbacks to the list + add: function() { + if ( list ) { + + // If we have memory from a past run, we should fire after adding + if ( memory && !firing ) { + firingIndex = list.length - 1; + queue.push( memory ); + } + + ( function add( args ) { + jQuery.each( args, function( _, arg ) { + if ( jQuery.isFunction( arg ) ) { + if ( !options.unique || !self.has( arg ) ) { + list.push( arg ); + } + } else if ( arg && arg.length && jQuery.type( arg ) !== "string" ) { + + // Inspect recursively + add( arg ); + } + } ); + } )( arguments ); + + if ( memory && !firing ) { + fire(); + } + } + return this; + }, + + // Remove a callback from the list + remove: function() { + jQuery.each( arguments, function( _, arg ) { + var index; + while ( ( index = jQuery.inArray( arg, list, index ) ) > -1 ) { + list.splice( index, 1 ); + + // Handle firing indexes + if ( index <= firingIndex ) { + firingIndex--; + } + } + } ); + return this; + }, + + // Check if a given callback is in the list. + // If no argument is given, return whether or not list has callbacks attached. + has: function( fn ) { + return fn ? + jQuery.inArray( fn, list ) > -1 : + list.length > 0; + }, + + // Remove all callbacks from the list + empty: function() { + if ( list ) { + list = []; + } + return this; + }, + + // Disable .fire and .add + // Abort any current/pending executions + // Clear all callbacks and values + disable: function() { + locked = queue = []; + list = memory = ""; + return this; + }, + disabled: function() { + return !list; + }, + + // Disable .fire + // Also disable .add unless we have memory (since it would have no effect) + // Abort any pending executions + lock: function() { + locked = true; + if ( !memory ) { + self.disable(); + } + return this; + }, + locked: function() { + return !!locked; + }, + + // Call all callbacks with the given context and arguments + fireWith: function( context, args ) { + if ( !locked ) { + args = args || []; + args = [ context, args.slice ? args.slice() : args ]; + queue.push( args ); + if ( !firing ) { + fire(); + } + } + return this; + }, + + // Call all the callbacks with the given arguments + fire: function() { + self.fireWith( this, arguments ); + return this; + }, + + // To know if the callbacks have already been called at least once + fired: function() { + return !!fired; + } + }; + + return self; +}; + + +jQuery.extend( { + + Deferred: function( func ) { + var tuples = [ + + // action, add listener, listener list, final state + [ "resolve", "done", jQuery.Callbacks( "once memory" ), "resolved" ], + [ "reject", "fail", jQuery.Callbacks( "once memory" ), "rejected" ], + [ "notify", "progress", jQuery.Callbacks( "memory" ) ] + ], + state = "pending", + promise = { + state: function() { + return state; + }, + always: function() { + deferred.done( arguments ).fail( arguments ); + return this; + }, + then: function( /* fnDone, fnFail, fnProgress */ ) { + var fns = arguments; + return jQuery.Deferred( function( newDefer ) { + jQuery.each( tuples, function( i, tuple ) { + var fn = jQuery.isFunction( fns[ i ] ) && fns[ i ]; + + // deferred[ done | fail | progress ] for forwarding actions to newDefer + deferred[ tuple[ 1 ] ]( function() { + var returned = fn && fn.apply( this, arguments ); + if ( returned && jQuery.isFunction( returned.promise ) ) { + returned.promise() + .progress( newDefer.notify ) + .done( newDefer.resolve ) + .fail( newDefer.reject ); + } else { + newDefer[ tuple[ 0 ] + "With" ]( + this === promise ? newDefer.promise() : this, + fn ? [ returned ] : arguments + ); + } + } ); + } ); + fns = null; + } ).promise(); + }, + + // Get a promise for this deferred + // If obj is provided, the promise aspect is added to the object + promise: function( obj ) { + return obj != null ? jQuery.extend( obj, promise ) : promise; + } + }, + deferred = {}; + + // Keep pipe for back-compat + promise.pipe = promise.then; + + // Add list-specific methods + jQuery.each( tuples, function( i, tuple ) { + var list = tuple[ 2 ], + stateString = tuple[ 3 ]; + + // promise[ done | fail | progress ] = list.add + promise[ tuple[ 1 ] ] = list.add; + + // Handle state + if ( stateString ) { + list.add( function() { + + // state = [ resolved | rejected ] + state = stateString; + + // [ reject_list | resolve_list ].disable; progress_list.lock + }, tuples[ i ^ 1 ][ 2 ].disable, tuples[ 2 ][ 2 ].lock ); + } + + // deferred[ resolve | reject | notify ] + deferred[ tuple[ 0 ] ] = function() { + deferred[ tuple[ 0 ] + "With" ]( this === deferred ? promise : this, arguments ); + return this; + }; + deferred[ tuple[ 0 ] + "With" ] = list.fireWith; + } ); + + // Make the deferred a promise + promise.promise( deferred ); + + // Call given func if any + if ( func ) { + func.call( deferred, deferred ); + } + + // All done! + return deferred; + }, + + // Deferred helper + when: function( subordinate /* , ..., subordinateN */ ) { + var i = 0, + resolveValues = slice.call( arguments ), + length = resolveValues.length, + + // the count of uncompleted subordinates + remaining = length !== 1 || + ( subordinate && jQuery.isFunction( subordinate.promise ) ) ? length : 0, + + // the master Deferred. + // If resolveValues consist of only a single Deferred, just use that. + deferred = remaining === 1 ? subordinate : jQuery.Deferred(), + + // Update function for both resolve and progress values + updateFunc = function( i, contexts, values ) { + return function( value ) { + contexts[ i ] = this; + values[ i ] = arguments.length > 1 ? slice.call( arguments ) : value; + if ( values === progressValues ) { + deferred.notifyWith( contexts, values ); + + } else if ( !( --remaining ) ) { + deferred.resolveWith( contexts, values ); + } + }; + }, + + progressValues, progressContexts, resolveContexts; + + // add listeners to Deferred subordinates; treat others as resolved + if ( length > 1 ) { + progressValues = new Array( length ); + progressContexts = new Array( length ); + resolveContexts = new Array( length ); + for ( ; i < length; i++ ) { + if ( resolveValues[ i ] && jQuery.isFunction( resolveValues[ i ].promise ) ) { + resolveValues[ i ].promise() + .progress( updateFunc( i, progressContexts, progressValues ) ) + .done( updateFunc( i, resolveContexts, resolveValues ) ) + .fail( deferred.reject ); + } else { + --remaining; + } + } + } + + // if we're not waiting on anything, resolve the master + if ( !remaining ) { + deferred.resolveWith( resolveContexts, resolveValues ); + } + + return deferred.promise(); + } +} ); + + +// The deferred used on DOM ready +var readyList; + +jQuery.fn.ready = function( fn ) { + + // Add the callback + jQuery.ready.promise().done( fn ); + + return this; +}; + +jQuery.extend( { + + // Is the DOM ready to be used? Set to true once it occurs. + isReady: false, + + // A counter to track how many items to wait for before + // the ready event fires. See #6781 + readyWait: 1, + + // Hold (or release) the ready event + holdReady: function( hold ) { + if ( hold ) { + jQuery.readyWait++; + } else { + jQuery.ready( true ); + } + }, + + // Handle when the DOM is ready + ready: function( wait ) { + + // Abort if there are pending holds or we're already ready + if ( wait === true ? --jQuery.readyWait : jQuery.isReady ) { + return; + } + + // Remember that the DOM is ready + jQuery.isReady = true; + + // If a normal DOM Ready event fired, decrement, and wait if need be + if ( wait !== true && --jQuery.readyWait > 0 ) { + return; + } + + // If there are functions bound, to execute + readyList.resolveWith( document, [ jQuery ] ); + + // Trigger any bound ready events + if ( jQuery.fn.triggerHandler ) { + jQuery( document ).triggerHandler( "ready" ); + jQuery( document ).off( "ready" ); + } + } +} ); + +/** + * Clean-up method for dom ready events + */ +function detach() { + if ( document.addEventListener ) { + document.removeEventListener( "DOMContentLoaded", completed ); + window.removeEventListener( "load", completed ); + + } else { + document.detachEvent( "onreadystatechange", completed ); + window.detachEvent( "onload", completed ); + } +} + +/** + * The ready event handler and self cleanup method + */ +function completed() { + + // readyState === "complete" is good enough for us to call the dom ready in oldIE + if ( document.addEventListener || + window.event.type === "load" || + document.readyState === "complete" ) { + + detach(); + jQuery.ready(); + } +} + +jQuery.ready.promise = function( obj ) { + if ( !readyList ) { + + readyList = jQuery.Deferred(); + + // Catch cases where $(document).ready() is called + // after the browser event has already occurred. + // Support: IE6-10 + // Older IE sometimes signals "interactive" too soon + if ( document.readyState === "complete" || + ( document.readyState !== "loading" && !document.documentElement.doScroll ) ) { + + // Handle it asynchronously to allow scripts the opportunity to delay ready + window.setTimeout( jQuery.ready ); + + // Standards-based browsers support DOMContentLoaded + } else if ( document.addEventListener ) { + + // Use the handy event callback + document.addEventListener( "DOMContentLoaded", completed ); + + // A fallback to window.onload, that will always work + window.addEventListener( "load", completed ); + + // If IE event model is used + } else { + + // Ensure firing before onload, maybe late but safe also for iframes + document.attachEvent( "onreadystatechange", completed ); + + // A fallback to window.onload, that will always work + window.attachEvent( "onload", completed ); + + // If IE and not a frame + // continually check to see if the document is ready + var top = false; + + try { + top = window.frameElement == null && document.documentElement; + } catch ( e ) {} + + if ( top && top.doScroll ) { + ( function doScrollCheck() { + if ( !jQuery.isReady ) { + + try { + + // Use the trick by Diego Perini + // http://javascript.nwbox.com/IEContentLoaded/ + top.doScroll( "left" ); + } catch ( e ) { + return window.setTimeout( doScrollCheck, 50 ); + } + + // detach all dom ready events + detach(); + + // and execute any waiting functions + jQuery.ready(); + } + } )(); + } + } + } + return readyList.promise( obj ); +}; + +// Kick off the DOM ready check even if the user does not +jQuery.ready.promise(); + + + + +// Support: IE<9 +// Iteration over object's inherited properties before its own +var i; +for ( i in jQuery( support ) ) { + break; +} +support.ownFirst = i === "0"; + +// Note: most support tests are defined in their respective modules. +// false until the test is run +support.inlineBlockNeedsLayout = false; + +// Execute ASAP in case we need to set body.style.zoom +jQuery( function() { + + // Minified: var a,b,c,d + var val, div, body, container; + + body = document.getElementsByTagName( "body" )[ 0 ]; + if ( !body || !body.style ) { + + // Return for frameset docs that don't have a body + return; + } + + // Setup + div = document.createElement( "div" ); + container = document.createElement( "div" ); + container.style.cssText = "position:absolute;border:0;width:0;height:0;top:0;left:-9999px"; + body.appendChild( container ).appendChild( div ); + + if ( typeof div.style.zoom !== "undefined" ) { + + // Support: IE<8 + // Check if natively block-level elements act like inline-block + // elements when setting their display to 'inline' and giving + // them layout + div.style.cssText = "display:inline;margin:0;border:0;padding:1px;width:1px;zoom:1"; + + support.inlineBlockNeedsLayout = val = div.offsetWidth === 3; + if ( val ) { + + // Prevent IE 6 from affecting layout for positioned elements #11048 + // Prevent IE from shrinking the body in IE 7 mode #12869 + // Support: IE<8 + body.style.zoom = 1; + } + } + + body.removeChild( container ); +} ); + + +( function() { + var div = document.createElement( "div" ); + + // Support: IE<9 + support.deleteExpando = true; + try { + delete div.test; + } catch ( e ) { + support.deleteExpando = false; + } + + // Null elements to avoid leaks in IE. + div = null; +} )(); +var acceptData = function( elem ) { + var noData = jQuery.noData[ ( elem.nodeName + " " ).toLowerCase() ], + nodeType = +elem.nodeType || 1; + + // Do not set data on non-element DOM nodes because it will not be cleared (#8335). + return nodeType !== 1 && nodeType !== 9 ? + false : + + // Nodes accept data unless otherwise specified; rejection can be conditional + !noData || noData !== true && elem.getAttribute( "classid" ) === noData; +}; + + + + +var rbrace = /^(?:\{[\w\W]*\}|\[[\w\W]*\])$/, + rmultiDash = /([A-Z])/g; + +function dataAttr( elem, key, data ) { + + // If nothing was found internally, try to fetch any + // data from the HTML5 data-* attribute + if ( data === undefined && elem.nodeType === 1 ) { + + var name = "data-" + key.replace( rmultiDash, "-$1" ).toLowerCase(); + + data = elem.getAttribute( name ); + + if ( typeof data === "string" ) { + try { + data = data === "true" ? true : + data === "false" ? false : + data === "null" ? null : + + // Only convert to a number if it doesn't change the string + +data + "" === data ? +data : + rbrace.test( data ) ? jQuery.parseJSON( data ) : + data; + } catch ( e ) {} + + // Make sure we set the data so it isn't changed later + jQuery.data( elem, key, data ); + + } else { + data = undefined; + } + } + + return data; +} + +// checks a cache object for emptiness +function isEmptyDataObject( obj ) { + var name; + for ( name in obj ) { + + // if the public data object is empty, the private is still empty + if ( name === "data" && jQuery.isEmptyObject( obj[ name ] ) ) { + continue; + } + if ( name !== "toJSON" ) { + return false; + } + } + + return true; +} + +function internalData( elem, name, data, pvt /* Internal Use Only */ ) { + if ( !acceptData( elem ) ) { + return; + } + + var ret, thisCache, + internalKey = jQuery.expando, + + // We have to handle DOM nodes and JS objects differently because IE6-7 + // can't GC object references properly across the DOM-JS boundary + isNode = elem.nodeType, + + // Only DOM nodes need the global jQuery cache; JS object data is + // attached directly to the object so GC can occur automatically + cache = isNode ? jQuery.cache : elem, + + // Only defining an ID for JS objects if its cache already exists allows + // the code to shortcut on the same path as a DOM node with no cache + id = isNode ? elem[ internalKey ] : elem[ internalKey ] && internalKey; + + // Avoid doing any more work than we need to when trying to get data on an + // object that has no data at all + if ( ( !id || !cache[ id ] || ( !pvt && !cache[ id ].data ) ) && + data === undefined && typeof name === "string" ) { + return; + } + + if ( !id ) { + + // Only DOM nodes need a new unique ID for each element since their data + // ends up in the global cache + if ( isNode ) { + id = elem[ internalKey ] = deletedIds.pop() || jQuery.guid++; + } else { + id = internalKey; + } + } + + if ( !cache[ id ] ) { + + // Avoid exposing jQuery metadata on plain JS objects when the object + // is serialized using JSON.stringify + cache[ id ] = isNode ? {} : { toJSON: jQuery.noop }; + } + + // An object can be passed to jQuery.data instead of a key/value pair; this gets + // shallow copied over onto the existing cache + if ( typeof name === "object" || typeof name === "function" ) { + if ( pvt ) { + cache[ id ] = jQuery.extend( cache[ id ], name ); + } else { + cache[ id ].data = jQuery.extend( cache[ id ].data, name ); + } + } + + thisCache = cache[ id ]; + + // jQuery data() is stored in a separate object inside the object's internal data + // cache in order to avoid key collisions between internal data and user-defined + // data. + if ( !pvt ) { + if ( !thisCache.data ) { + thisCache.data = {}; + } + + thisCache = thisCache.data; + } + + if ( data !== undefined ) { + thisCache[ jQuery.camelCase( name ) ] = data; + } + + // Check for both converted-to-camel and non-converted data property names + // If a data property was specified + if ( typeof name === "string" ) { + + // First Try to find as-is property data + ret = thisCache[ name ]; + + // Test for null|undefined property data + if ( ret == null ) { + + // Try to find the camelCased property + ret = thisCache[ jQuery.camelCase( name ) ]; + } + } else { + ret = thisCache; + } + + return ret; +} + +function internalRemoveData( elem, name, pvt ) { + if ( !acceptData( elem ) ) { + return; + } + + var thisCache, i, + isNode = elem.nodeType, + + // See jQuery.data for more information + cache = isNode ? jQuery.cache : elem, + id = isNode ? elem[ jQuery.expando ] : jQuery.expando; + + // If there is already no cache entry for this object, there is no + // purpose in continuing + if ( !cache[ id ] ) { + return; + } + + if ( name ) { + + thisCache = pvt ? cache[ id ] : cache[ id ].data; + + if ( thisCache ) { + + // Support array or space separated string names for data keys + if ( !jQuery.isArray( name ) ) { + + // try the string as a key before any manipulation + if ( name in thisCache ) { + name = [ name ]; + } else { + + // split the camel cased version by spaces unless a key with the spaces exists + name = jQuery.camelCase( name ); + if ( name in thisCache ) { + name = [ name ]; + } else { + name = name.split( " " ); + } + } + } else { + + // If "name" is an array of keys... + // When data is initially created, via ("key", "val") signature, + // keys will be converted to camelCase. + // Since there is no way to tell _how_ a key was added, remove + // both plain key and camelCase key. #12786 + // This will only penalize the array argument path. + name = name.concat( jQuery.map( name, jQuery.camelCase ) ); + } + + i = name.length; + while ( i-- ) { + delete thisCache[ name[ i ] ]; + } + + // If there is no data left in the cache, we want to continue + // and let the cache object itself get destroyed + if ( pvt ? !isEmptyDataObject( thisCache ) : !jQuery.isEmptyObject( thisCache ) ) { + return; + } + } + } + + // See jQuery.data for more information + if ( !pvt ) { + delete cache[ id ].data; + + // Don't destroy the parent cache unless the internal data object + // had been the only thing left in it + if ( !isEmptyDataObject( cache[ id ] ) ) { + return; + } + } + + // Destroy the cache + if ( isNode ) { + jQuery.cleanData( [ elem ], true ); + + // Use delete when supported for expandos or `cache` is not a window per isWindow (#10080) + /* jshint eqeqeq: false */ + } else if ( support.deleteExpando || cache != cache.window ) { + /* jshint eqeqeq: true */ + delete cache[ id ]; + + // When all else fails, undefined + } else { + cache[ id ] = undefined; + } +} + +jQuery.extend( { + cache: {}, + + // The following elements (space-suffixed to avoid Object.prototype collisions) + // throw uncatchable exceptions if you attempt to set expando properties + noData: { + "applet ": true, + "embed ": true, + + // ...but Flash objects (which have this classid) *can* handle expandos + "object ": "clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" + }, + + hasData: function( elem ) { + elem = elem.nodeType ? jQuery.cache[ elem[ jQuery.expando ] ] : elem[ jQuery.expando ]; + return !!elem && !isEmptyDataObject( elem ); + }, + + data: function( elem, name, data ) { + return internalData( elem, name, data ); + }, + + removeData: function( elem, name ) { + return internalRemoveData( elem, name ); + }, + + // For internal use only. + _data: function( elem, name, data ) { + return internalData( elem, name, data, true ); + }, + + _removeData: function( elem, name ) { + return internalRemoveData( elem, name, true ); + } +} ); + +jQuery.fn.extend( { + data: function( key, value ) { + var i, name, data, + elem = this[ 0 ], + attrs = elem && elem.attributes; + + // Special expections of .data basically thwart jQuery.access, + // so implement the relevant behavior ourselves + + // Gets all values + if ( key === undefined ) { + if ( this.length ) { + data = jQuery.data( elem ); + + if ( elem.nodeType === 1 && !jQuery._data( elem, "parsedAttrs" ) ) { + i = attrs.length; + while ( i-- ) { + + // Support: IE11+ + // The attrs elements can be null (#14894) + if ( attrs[ i ] ) { + name = attrs[ i ].name; + if ( name.indexOf( "data-" ) === 0 ) { + name = jQuery.camelCase( name.slice( 5 ) ); + dataAttr( elem, name, data[ name ] ); + } + } + } + jQuery._data( elem, "parsedAttrs", true ); + } + } + + return data; + } + + // Sets multiple values + if ( typeof key === "object" ) { + return this.each( function() { + jQuery.data( this, key ); + } ); + } + + return arguments.length > 1 ? + + // Sets one value + this.each( function() { + jQuery.data( this, key, value ); + } ) : + + // Gets one value + // Try to fetch any internally stored data first + elem ? dataAttr( elem, key, jQuery.data( elem, key ) ) : undefined; + }, + + removeData: function( key ) { + return this.each( function() { + jQuery.removeData( this, key ); + } ); + } +} ); + + +jQuery.extend( { + queue: function( elem, type, data ) { + var queue; + + if ( elem ) { + type = ( type || "fx" ) + "queue"; + queue = jQuery._data( elem, type ); + + // Speed up dequeue by getting out quickly if this is just a lookup + if ( data ) { + if ( !queue || jQuery.isArray( data ) ) { + queue = jQuery._data( elem, type, jQuery.makeArray( data ) ); + } else { + queue.push( data ); + } + } + return queue || []; + } + }, + + dequeue: function( elem, type ) { + type = type || "fx"; + + var queue = jQuery.queue( elem, type ), + startLength = queue.length, + fn = queue.shift(), + hooks = jQuery._queueHooks( elem, type ), + next = function() { + jQuery.dequeue( elem, type ); + }; + + // If the fx queue is dequeued, always remove the progress sentinel + if ( fn === "inprogress" ) { + fn = queue.shift(); + startLength--; + } + + if ( fn ) { + + // Add a progress sentinel to prevent the fx queue from being + // automatically dequeued + if ( type === "fx" ) { + queue.unshift( "inprogress" ); + } + + // clear up the last queue stop function + delete hooks.stop; + fn.call( elem, next, hooks ); + } + + if ( !startLength && hooks ) { + hooks.empty.fire(); + } + }, + + // not intended for public consumption - generates a queueHooks object, + // or returns the current one + _queueHooks: function( elem, type ) { + var key = type + "queueHooks"; + return jQuery._data( elem, key ) || jQuery._data( elem, key, { + empty: jQuery.Callbacks( "once memory" ).add( function() { + jQuery._removeData( elem, type + "queue" ); + jQuery._removeData( elem, key ); + } ) + } ); + } +} ); + +jQuery.fn.extend( { + queue: function( type, data ) { + var setter = 2; + + if ( typeof type !== "string" ) { + data = type; + type = "fx"; + setter--; + } + + if ( arguments.length < setter ) { + return jQuery.queue( this[ 0 ], type ); + } + + return data === undefined ? + this : + this.each( function() { + var queue = jQuery.queue( this, type, data ); + + // ensure a hooks for this queue + jQuery._queueHooks( this, type ); + + if ( type === "fx" && queue[ 0 ] !== "inprogress" ) { + jQuery.dequeue( this, type ); + } + } ); + }, + dequeue: function( type ) { + return this.each( function() { + jQuery.dequeue( this, type ); + } ); + }, + clearQueue: function( type ) { + return this.queue( type || "fx", [] ); + }, + + // Get a promise resolved when queues of a certain type + // are emptied (fx is the type by default) + promise: function( type, obj ) { + var tmp, + count = 1, + defer = jQuery.Deferred(), + elements = this, + i = this.length, + resolve = function() { + if ( !( --count ) ) { + defer.resolveWith( elements, [ elements ] ); + } + }; + + if ( typeof type !== "string" ) { + obj = type; + type = undefined; + } + type = type || "fx"; + + while ( i-- ) { + tmp = jQuery._data( elements[ i ], type + "queueHooks" ); + if ( tmp && tmp.empty ) { + count++; + tmp.empty.add( resolve ); + } + } + resolve(); + return defer.promise( obj ); + } +} ); + + +( function() { + var shrinkWrapBlocksVal; + + support.shrinkWrapBlocks = function() { + if ( shrinkWrapBlocksVal != null ) { + return shrinkWrapBlocksVal; + } + + // Will be changed later if needed. + shrinkWrapBlocksVal = false; + + // Minified: var b,c,d + var div, body, container; + + body = document.getElementsByTagName( "body" )[ 0 ]; + if ( !body || !body.style ) { + + // Test fired too early or in an unsupported environment, exit. + return; + } + + // Setup + div = document.createElement( "div" ); + container = document.createElement( "div" ); + container.style.cssText = "position:absolute;border:0;width:0;height:0;top:0;left:-9999px"; + body.appendChild( container ).appendChild( div ); + + // Support: IE6 + // Check if elements with layout shrink-wrap their children + if ( typeof div.style.zoom !== "undefined" ) { + + // Reset CSS: box-sizing; display; margin; border + div.style.cssText = + + // Support: Firefox<29, Android 2.3 + // Vendor-prefix box-sizing + "-webkit-box-sizing:content-box;-moz-box-sizing:content-box;" + + "box-sizing:content-box;display:block;margin:0;border:0;" + + "padding:1px;width:1px;zoom:1"; + div.appendChild( document.createElement( "div" ) ).style.width = "5px"; + shrinkWrapBlocksVal = div.offsetWidth !== 3; + } + + body.removeChild( container ); + + return shrinkWrapBlocksVal; + }; + +} )(); +var pnum = ( /[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/ ).source; + +var rcssNum = new RegExp( "^(?:([+-])=|)(" + pnum + ")([a-z%]*)$", "i" ); + + +var cssExpand = [ "Top", "Right", "Bottom", "Left" ]; + +var isHidden = function( elem, el ) { + + // isHidden might be called from jQuery#filter function; + // in that case, element will be second argument + elem = el || elem; + return jQuery.css( elem, "display" ) === "none" || + !jQuery.contains( elem.ownerDocument, elem ); + }; + + + +function adjustCSS( elem, prop, valueParts, tween ) { + var adjusted, + scale = 1, + maxIterations = 20, + currentValue = tween ? + function() { return tween.cur(); } : + function() { return jQuery.css( elem, prop, "" ); }, + initial = currentValue(), + unit = valueParts && valueParts[ 3 ] || ( jQuery.cssNumber[ prop ] ? "" : "px" ), + + // Starting value computation is required for potential unit mismatches + initialInUnit = ( jQuery.cssNumber[ prop ] || unit !== "px" && +initial ) && + rcssNum.exec( jQuery.css( elem, prop ) ); + + if ( initialInUnit && initialInUnit[ 3 ] !== unit ) { + + // Trust units reported by jQuery.css + unit = unit || initialInUnit[ 3 ]; + + // Make sure we update the tween properties later on + valueParts = valueParts || []; + + // Iteratively approximate from a nonzero starting point + initialInUnit = +initial || 1; + + do { + + // If previous iteration zeroed out, double until we get *something*. + // Use string for doubling so we don't accidentally see scale as unchanged below + scale = scale || ".5"; + + // Adjust and apply + initialInUnit = initialInUnit / scale; + jQuery.style( elem, prop, initialInUnit + unit ); + + // Update scale, tolerating zero or NaN from tween.cur() + // Break the loop if scale is unchanged or perfect, or if we've just had enough. + } while ( + scale !== ( scale = currentValue() / initial ) && scale !== 1 && --maxIterations + ); + } + + if ( valueParts ) { + initialInUnit = +initialInUnit || +initial || 0; + + // Apply relative offset (+=/-=) if specified + adjusted = valueParts[ 1 ] ? + initialInUnit + ( valueParts[ 1 ] + 1 ) * valueParts[ 2 ] : + +valueParts[ 2 ]; + if ( tween ) { + tween.unit = unit; + tween.start = initialInUnit; + tween.end = adjusted; + } + } + return adjusted; +} + + +// Multifunctional method to get and set values of a collection +// The value/s can optionally be executed if it's a function +var access = function( elems, fn, key, value, chainable, emptyGet, raw ) { + var i = 0, + length = elems.length, + bulk = key == null; + + // Sets many values + if ( jQuery.type( key ) === "object" ) { + chainable = true; + for ( i in key ) { + access( elems, fn, i, key[ i ], true, emptyGet, raw ); + } + + // Sets one value + } else if ( value !== undefined ) { + chainable = true; + + if ( !jQuery.isFunction( value ) ) { + raw = true; + } + + if ( bulk ) { + + // Bulk operations run against the entire set + if ( raw ) { + fn.call( elems, value ); + fn = null; + + // ...except when executing function values + } else { + bulk = fn; + fn = function( elem, key, value ) { + return bulk.call( jQuery( elem ), value ); + }; + } + } + + if ( fn ) { + for ( ; i < length; i++ ) { + fn( + elems[ i ], + key, + raw ? value : value.call( elems[ i ], i, fn( elems[ i ], key ) ) + ); + } + } + } + + return chainable ? + elems : + + // Gets + bulk ? + fn.call( elems ) : + length ? fn( elems[ 0 ], key ) : emptyGet; +}; +var rcheckableType = ( /^(?:checkbox|radio)$/i ); + +var rtagName = ( /<([\w:-]+)/ ); + +var rscriptType = ( /^$|\/(?:java|ecma)script/i ); + +var rleadingWhitespace = ( /^\s+/ ); + +var nodeNames = "abbr|article|aside|audio|bdi|canvas|data|datalist|" + + "details|dialog|figcaption|figure|footer|header|hgroup|main|" + + "mark|meter|nav|output|picture|progress|section|summary|template|time|video"; + + + +function createSafeFragment( document ) { + var list = nodeNames.split( "|" ), + safeFrag = document.createDocumentFragment(); + + if ( safeFrag.createElement ) { + while ( list.length ) { + safeFrag.createElement( + list.pop() + ); + } + } + return safeFrag; +} + + +( function() { + var div = document.createElement( "div" ), + fragment = document.createDocumentFragment(), + input = document.createElement( "input" ); + + // Setup + div.innerHTML = "
a"; + + // IE strips leading whitespace when .innerHTML is used + support.leadingWhitespace = div.firstChild.nodeType === 3; + + // Make sure that tbody elements aren't automatically inserted + // IE will insert them into empty tables + support.tbody = !div.getElementsByTagName( "tbody" ).length; + + // Make sure that link elements get serialized correctly by innerHTML + // This requires a wrapper element in IE + support.htmlSerialize = !!div.getElementsByTagName( "link" ).length; + + // Makes sure cloning an html5 element does not cause problems + // Where outerHTML is undefined, this still works + support.html5Clone = + document.createElement( "nav" ).cloneNode( true ).outerHTML !== "<:nav>"; + + // Check if a disconnected checkbox will retain its checked + // value of true after appended to the DOM (IE6/7) + input.type = "checkbox"; + input.checked = true; + fragment.appendChild( input ); + support.appendChecked = input.checked; + + // Make sure textarea (and checkbox) defaultValue is properly cloned + // Support: IE6-IE11+ + div.innerHTML = ""; + support.noCloneChecked = !!div.cloneNode( true ).lastChild.defaultValue; + + // #11217 - WebKit loses check when the name is after the checked attribute + fragment.appendChild( div ); + + // Support: Windows Web Apps (WWA) + // `name` and `type` must use .setAttribute for WWA (#14901) + input = document.createElement( "input" ); + input.setAttribute( "type", "radio" ); + input.setAttribute( "checked", "checked" ); + input.setAttribute( "name", "t" ); + + div.appendChild( input ); + + // Support: Safari 5.1, iOS 5.1, Android 4.x, Android 2.3 + // old WebKit doesn't clone checked state correctly in fragments + support.checkClone = div.cloneNode( true ).cloneNode( true ).lastChild.checked; + + // Support: IE<9 + // Cloned elements keep attachEvent handlers, we use addEventListener on IE9+ + support.noCloneEvent = !!div.addEventListener; + + // Support: IE<9 + // Since attributes and properties are the same in IE, + // cleanData must set properties to undefined rather than use removeAttribute + div[ jQuery.expando ] = 1; + support.attributes = !div.getAttribute( jQuery.expando ); +} )(); + + +// We have to close these tags to support XHTML (#13200) +var wrapMap = { + option: [ 1, "" ], + legend: [ 1, "
", "
" ], + area: [ 1, "", "" ], + + // Support: IE8 + param: [ 1, "", "" ], + thead: [ 1, "", "
" ], + tr: [ 2, "", "
" ], + col: [ 2, "", "
" ], + td: [ 3, "", "
" ], + + // IE6-8 can't serialize link, script, style, or any html5 (NoScope) tags, + // unless wrapped in a div with non-breaking characters in front of it. + _default: support.htmlSerialize ? [ 0, "", "" ] : [ 1, "X
", "
" ] +}; + +// Support: IE8-IE9 +wrapMap.optgroup = wrapMap.option; + +wrapMap.tbody = wrapMap.tfoot = wrapMap.colgroup = wrapMap.caption = wrapMap.thead; +wrapMap.th = wrapMap.td; + + +function getAll( context, tag ) { + var elems, elem, + i = 0, + found = typeof context.getElementsByTagName !== "undefined" ? + context.getElementsByTagName( tag || "*" ) : + typeof context.querySelectorAll !== "undefined" ? + context.querySelectorAll( tag || "*" ) : + undefined; + + if ( !found ) { + for ( found = [], elems = context.childNodes || context; + ( elem = elems[ i ] ) != null; + i++ + ) { + if ( !tag || jQuery.nodeName( elem, tag ) ) { + found.push( elem ); + } else { + jQuery.merge( found, getAll( elem, tag ) ); + } + } + } + + return tag === undefined || tag && jQuery.nodeName( context, tag ) ? + jQuery.merge( [ context ], found ) : + found; +} + + +// Mark scripts as having already been evaluated +function setGlobalEval( elems, refElements ) { + var elem, + i = 0; + for ( ; ( elem = elems[ i ] ) != null; i++ ) { + jQuery._data( + elem, + "globalEval", + !refElements || jQuery._data( refElements[ i ], "globalEval" ) + ); + } +} + + +var rhtml = /<|&#?\w+;/, + rtbody = / from table fragments + if ( !support.tbody ) { + + // String was a , *may* have spurious + elem = tag === "table" && !rtbody.test( elem ) ? + tmp.firstChild : + + // String was a bare or + wrap[ 1 ] === "
" && !rtbody.test( elem ) ? + tmp : + 0; + + j = elem && elem.childNodes.length; + while ( j-- ) { + if ( jQuery.nodeName( ( tbody = elem.childNodes[ j ] ), "tbody" ) && + !tbody.childNodes.length ) { + + elem.removeChild( tbody ); + } + } + } + + jQuery.merge( nodes, tmp.childNodes ); + + // Fix #12392 for WebKit and IE > 9 + tmp.textContent = ""; + + // Fix #12392 for oldIE + while ( tmp.firstChild ) { + tmp.removeChild( tmp.firstChild ); + } + + // Remember the top-level container for proper cleanup + tmp = safe.lastChild; + } + } + } + + // Fix #11356: Clear elements from fragment + if ( tmp ) { + safe.removeChild( tmp ); + } + + // Reset defaultChecked for any radios and checkboxes + // about to be appended to the DOM in IE 6/7 (#8060) + if ( !support.appendChecked ) { + jQuery.grep( getAll( nodes, "input" ), fixDefaultChecked ); + } + + i = 0; + while ( ( elem = nodes[ i++ ] ) ) { + + // Skip elements already in the context collection (trac-4087) + if ( selection && jQuery.inArray( elem, selection ) > -1 ) { + if ( ignored ) { + ignored.push( elem ); + } + + continue; + } + + contains = jQuery.contains( elem.ownerDocument, elem ); + + // Append to fragment + tmp = getAll( safe.appendChild( elem ), "script" ); + + // Preserve script evaluation history + if ( contains ) { + setGlobalEval( tmp ); + } + + // Capture executables + if ( scripts ) { + j = 0; + while ( ( elem = tmp[ j++ ] ) ) { + if ( rscriptType.test( elem.type || "" ) ) { + scripts.push( elem ); + } + } + } + } + + tmp = null; + + return safe; +} + + +( function() { + var i, eventName, + div = document.createElement( "div" ); + + // Support: IE<9 (lack submit/change bubble), Firefox (lack focus(in | out) events) + for ( i in { submit: true, change: true, focusin: true } ) { + eventName = "on" + i; + + if ( !( support[ i ] = eventName in window ) ) { + + // Beware of CSP restrictions (https://developer.mozilla.org/en/Security/CSP) + div.setAttribute( eventName, "t" ); + support[ i ] = div.attributes[ eventName ].expando === false; + } + } + + // Null elements to avoid leaks in IE. + div = null; +} )(); + + +var rformElems = /^(?:input|select|textarea)$/i, + rkeyEvent = /^key/, + rmouseEvent = /^(?:mouse|pointer|contextmenu|drag|drop)|click/, + rfocusMorph = /^(?:focusinfocus|focusoutblur)$/, + rtypenamespace = /^([^.]*)(?:\.(.+)|)/; + +function returnTrue() { + return true; +} + +function returnFalse() { + return false; +} + +// Support: IE9 +// See #13393 for more info +function safeActiveElement() { + try { + return document.activeElement; + } catch ( err ) { } +} + +function on( elem, types, selector, data, fn, one ) { + var origFn, type; + + // Types can be a map of types/handlers + if ( typeof types === "object" ) { + + // ( types-Object, selector, data ) + if ( typeof selector !== "string" ) { + + // ( types-Object, data ) + data = data || selector; + selector = undefined; + } + for ( type in types ) { + on( elem, type, selector, data, types[ type ], one ); + } + return elem; + } + + if ( data == null && fn == null ) { + + // ( types, fn ) + fn = selector; + data = selector = undefined; + } else if ( fn == null ) { + if ( typeof selector === "string" ) { + + // ( types, selector, fn ) + fn = data; + data = undefined; + } else { + + // ( types, data, fn ) + fn = data; + data = selector; + selector = undefined; + } + } + if ( fn === false ) { + fn = returnFalse; + } else if ( !fn ) { + return elem; + } + + if ( one === 1 ) { + origFn = fn; + fn = function( event ) { + + // Can use an empty set, since event contains the info + jQuery().off( event ); + return origFn.apply( this, arguments ); + }; + + // Use same guid so caller can remove using origFn + fn.guid = origFn.guid || ( origFn.guid = jQuery.guid++ ); + } + return elem.each( function() { + jQuery.event.add( this, types, fn, data, selector ); + } ); +} + +/* + * Helper functions for managing events -- not part of the public interface. + * Props to Dean Edwards' addEvent library for many of the ideas. + */ +jQuery.event = { + + global: {}, + + add: function( elem, types, handler, data, selector ) { + var tmp, events, t, handleObjIn, + special, eventHandle, handleObj, + handlers, type, namespaces, origType, + elemData = jQuery._data( elem ); + + // Don't attach events to noData or text/comment nodes (but allow plain objects) + if ( !elemData ) { + return; + } + + // Caller can pass in an object of custom data in lieu of the handler + if ( handler.handler ) { + handleObjIn = handler; + handler = handleObjIn.handler; + selector = handleObjIn.selector; + } + + // Make sure that the handler has a unique ID, used to find/remove it later + if ( !handler.guid ) { + handler.guid = jQuery.guid++; + } + + // Init the element's event structure and main handler, if this is the first + if ( !( events = elemData.events ) ) { + events = elemData.events = {}; + } + if ( !( eventHandle = elemData.handle ) ) { + eventHandle = elemData.handle = function( e ) { + + // Discard the second event of a jQuery.event.trigger() and + // when an event is called after a page has unloaded + return typeof jQuery !== "undefined" && + ( !e || jQuery.event.triggered !== e.type ) ? + jQuery.event.dispatch.apply( eventHandle.elem, arguments ) : + undefined; + }; + + // Add elem as a property of the handle fn to prevent a memory leak + // with IE non-native events + eventHandle.elem = elem; + } + + // Handle multiple events separated by a space + types = ( types || "" ).match( rnotwhite ) || [ "" ]; + t = types.length; + while ( t-- ) { + tmp = rtypenamespace.exec( types[ t ] ) || []; + type = origType = tmp[ 1 ]; + namespaces = ( tmp[ 2 ] || "" ).split( "." ).sort(); + + // There *must* be a type, no attaching namespace-only handlers + if ( !type ) { + continue; + } + + // If event changes its type, use the special event handlers for the changed type + special = jQuery.event.special[ type ] || {}; + + // If selector defined, determine special event api type, otherwise given type + type = ( selector ? special.delegateType : special.bindType ) || type; + + // Update special based on newly reset type + special = jQuery.event.special[ type ] || {}; + + // handleObj is passed to all event handlers + handleObj = jQuery.extend( { + type: type, + origType: origType, + data: data, + handler: handler, + guid: handler.guid, + selector: selector, + needsContext: selector && jQuery.expr.match.needsContext.test( selector ), + namespace: namespaces.join( "." ) + }, handleObjIn ); + + // Init the event handler queue if we're the first + if ( !( handlers = events[ type ] ) ) { + handlers = events[ type ] = []; + handlers.delegateCount = 0; + + // Only use addEventListener/attachEvent if the special events handler returns false + if ( !special.setup || + special.setup.call( elem, data, namespaces, eventHandle ) === false ) { + + // Bind the global event handler to the element + if ( elem.addEventListener ) { + elem.addEventListener( type, eventHandle, false ); + + } else if ( elem.attachEvent ) { + elem.attachEvent( "on" + type, eventHandle ); + } + } + } + + if ( special.add ) { + special.add.call( elem, handleObj ); + + if ( !handleObj.handler.guid ) { + handleObj.handler.guid = handler.guid; + } + } + + // Add to the element's handler list, delegates in front + if ( selector ) { + handlers.splice( handlers.delegateCount++, 0, handleObj ); + } else { + handlers.push( handleObj ); + } + + // Keep track of which events have ever been used, for event optimization + jQuery.event.global[ type ] = true; + } + + // Nullify elem to prevent memory leaks in IE + elem = null; + }, + + // Detach an event or set of events from an element + remove: function( elem, types, handler, selector, mappedTypes ) { + var j, handleObj, tmp, + origCount, t, events, + special, handlers, type, + namespaces, origType, + elemData = jQuery.hasData( elem ) && jQuery._data( elem ); + + if ( !elemData || !( events = elemData.events ) ) { + return; + } + + // Once for each type.namespace in types; type may be omitted + types = ( types || "" ).match( rnotwhite ) || [ "" ]; + t = types.length; + while ( t-- ) { + tmp = rtypenamespace.exec( types[ t ] ) || []; + type = origType = tmp[ 1 ]; + namespaces = ( tmp[ 2 ] || "" ).split( "." ).sort(); + + // Unbind all events (on this namespace, if provided) for the element + if ( !type ) { + for ( type in events ) { + jQuery.event.remove( elem, type + types[ t ], handler, selector, true ); + } + continue; + } + + special = jQuery.event.special[ type ] || {}; + type = ( selector ? special.delegateType : special.bindType ) || type; + handlers = events[ type ] || []; + tmp = tmp[ 2 ] && + new RegExp( "(^|\\.)" + namespaces.join( "\\.(?:.*\\.|)" ) + "(\\.|$)" ); + + // Remove matching events + origCount = j = handlers.length; + while ( j-- ) { + handleObj = handlers[ j ]; + + if ( ( mappedTypes || origType === handleObj.origType ) && + ( !handler || handler.guid === handleObj.guid ) && + ( !tmp || tmp.test( handleObj.namespace ) ) && + ( !selector || selector === handleObj.selector || + selector === "**" && handleObj.selector ) ) { + handlers.splice( j, 1 ); + + if ( handleObj.selector ) { + handlers.delegateCount--; + } + if ( special.remove ) { + special.remove.call( elem, handleObj ); + } + } + } + + // Remove generic event handler if we removed something and no more handlers exist + // (avoids potential for endless recursion during removal of special event handlers) + if ( origCount && !handlers.length ) { + if ( !special.teardown || + special.teardown.call( elem, namespaces, elemData.handle ) === false ) { + + jQuery.removeEvent( elem, type, elemData.handle ); + } + + delete events[ type ]; + } + } + + // Remove the expando if it's no longer used + if ( jQuery.isEmptyObject( events ) ) { + delete elemData.handle; + + // removeData also checks for emptiness and clears the expando if empty + // so use it instead of delete + jQuery._removeData( elem, "events" ); + } + }, + + trigger: function( event, data, elem, onlyHandlers ) { + var handle, ontype, cur, + bubbleType, special, tmp, i, + eventPath = [ elem || document ], + type = hasOwn.call( event, "type" ) ? event.type : event, + namespaces = hasOwn.call( event, "namespace" ) ? event.namespace.split( "." ) : []; + + cur = tmp = elem = elem || document; + + // Don't do events on text and comment nodes + if ( elem.nodeType === 3 || elem.nodeType === 8 ) { + return; + } + + // focus/blur morphs to focusin/out; ensure we're not firing them right now + if ( rfocusMorph.test( type + jQuery.event.triggered ) ) { + return; + } + + if ( type.indexOf( "." ) > -1 ) { + + // Namespaced trigger; create a regexp to match event type in handle() + namespaces = type.split( "." ); + type = namespaces.shift(); + namespaces.sort(); + } + ontype = type.indexOf( ":" ) < 0 && "on" + type; + + // Caller can pass in a jQuery.Event object, Object, or just an event type string + event = event[ jQuery.expando ] ? + event : + new jQuery.Event( type, typeof event === "object" && event ); + + // Trigger bitmask: & 1 for native handlers; & 2 for jQuery (always true) + event.isTrigger = onlyHandlers ? 2 : 3; + event.namespace = namespaces.join( "." ); + event.rnamespace = event.namespace ? + new RegExp( "(^|\\.)" + namespaces.join( "\\.(?:.*\\.|)" ) + "(\\.|$)" ) : + null; + + // Clean up the event in case it is being reused + event.result = undefined; + if ( !event.target ) { + event.target = elem; + } + + // Clone any incoming data and prepend the event, creating the handler arg list + data = data == null ? + [ event ] : + jQuery.makeArray( data, [ event ] ); + + // Allow special events to draw outside the lines + special = jQuery.event.special[ type ] || {}; + if ( !onlyHandlers && special.trigger && special.trigger.apply( elem, data ) === false ) { + return; + } + + // Determine event propagation path in advance, per W3C events spec (#9951) + // Bubble up to document, then to window; watch for a global ownerDocument var (#9724) + if ( !onlyHandlers && !special.noBubble && !jQuery.isWindow( elem ) ) { + + bubbleType = special.delegateType || type; + if ( !rfocusMorph.test( bubbleType + type ) ) { + cur = cur.parentNode; + } + for ( ; cur; cur = cur.parentNode ) { + eventPath.push( cur ); + tmp = cur; + } + + // Only add window if we got to document (e.g., not plain obj or detached DOM) + if ( tmp === ( elem.ownerDocument || document ) ) { + eventPath.push( tmp.defaultView || tmp.parentWindow || window ); + } + } + + // Fire handlers on the event path + i = 0; + while ( ( cur = eventPath[ i++ ] ) && !event.isPropagationStopped() ) { + + event.type = i > 1 ? + bubbleType : + special.bindType || type; + + // jQuery handler + handle = ( jQuery._data( cur, "events" ) || {} )[ event.type ] && + jQuery._data( cur, "handle" ); + + if ( handle ) { + handle.apply( cur, data ); + } + + // Native handler + handle = ontype && cur[ ontype ]; + if ( handle && handle.apply && acceptData( cur ) ) { + event.result = handle.apply( cur, data ); + if ( event.result === false ) { + event.preventDefault(); + } + } + } + event.type = type; + + // If nobody prevented the default action, do it now + if ( !onlyHandlers && !event.isDefaultPrevented() ) { + + if ( + ( !special._default || + special._default.apply( eventPath.pop(), data ) === false + ) && acceptData( elem ) + ) { + + // Call a native DOM method on the target with the same name name as the event. + // Can't use an .isFunction() check here because IE6/7 fails that test. + // Don't do default actions on window, that's where global variables be (#6170) + if ( ontype && elem[ type ] && !jQuery.isWindow( elem ) ) { + + // Don't re-trigger an onFOO event when we call its FOO() method + tmp = elem[ ontype ]; + + if ( tmp ) { + elem[ ontype ] = null; + } + + // Prevent re-triggering of the same event, since we already bubbled it above + jQuery.event.triggered = type; + try { + elem[ type ](); + } catch ( e ) { + + // IE<9 dies on focus/blur to hidden element (#1486,#12518) + // only reproducible on winXP IE8 native, not IE9 in IE8 mode + } + jQuery.event.triggered = undefined; + + if ( tmp ) { + elem[ ontype ] = tmp; + } + } + } + } + + return event.result; + }, + + dispatch: function( event ) { + + // Make a writable jQuery.Event from the native event object + event = jQuery.event.fix( event ); + + var i, j, ret, matched, handleObj, + handlerQueue = [], + args = slice.call( arguments ), + handlers = ( jQuery._data( this, "events" ) || {} )[ event.type ] || [], + special = jQuery.event.special[ event.type ] || {}; + + // Use the fix-ed jQuery.Event rather than the (read-only) native event + args[ 0 ] = event; + event.delegateTarget = this; + + // Call the preDispatch hook for the mapped type, and let it bail if desired + if ( special.preDispatch && special.preDispatch.call( this, event ) === false ) { + return; + } + + // Determine handlers + handlerQueue = jQuery.event.handlers.call( this, event, handlers ); + + // Run delegates first; they may want to stop propagation beneath us + i = 0; + while ( ( matched = handlerQueue[ i++ ] ) && !event.isPropagationStopped() ) { + event.currentTarget = matched.elem; + + j = 0; + while ( ( handleObj = matched.handlers[ j++ ] ) && + !event.isImmediatePropagationStopped() ) { + + // Triggered event must either 1) have no namespace, or 2) have namespace(s) + // a subset or equal to those in the bound event (both can have no namespace). + if ( !event.rnamespace || event.rnamespace.test( handleObj.namespace ) ) { + + event.handleObj = handleObj; + event.data = handleObj.data; + + ret = ( ( jQuery.event.special[ handleObj.origType ] || {} ).handle || + handleObj.handler ).apply( matched.elem, args ); + + if ( ret !== undefined ) { + if ( ( event.result = ret ) === false ) { + event.preventDefault(); + event.stopPropagation(); + } + } + } + } + } + + // Call the postDispatch hook for the mapped type + if ( special.postDispatch ) { + special.postDispatch.call( this, event ); + } + + return event.result; + }, + + handlers: function( event, handlers ) { + var i, matches, sel, handleObj, + handlerQueue = [], + delegateCount = handlers.delegateCount, + cur = event.target; + + // Support (at least): Chrome, IE9 + // Find delegate handlers + // Black-hole SVG instance trees (#13180) + // + // Support: Firefox<=42+ + // Avoid non-left-click in FF but don't block IE radio events (#3861, gh-2343) + if ( delegateCount && cur.nodeType && + ( event.type !== "click" || isNaN( event.button ) || event.button < 1 ) ) { + + /* jshint eqeqeq: false */ + for ( ; cur != this; cur = cur.parentNode || this ) { + /* jshint eqeqeq: true */ + + // Don't check non-elements (#13208) + // Don't process clicks on disabled elements (#6911, #8165, #11382, #11764) + if ( cur.nodeType === 1 && ( cur.disabled !== true || event.type !== "click" ) ) { + matches = []; + for ( i = 0; i < delegateCount; i++ ) { + handleObj = handlers[ i ]; + + // Don't conflict with Object.prototype properties (#13203) + sel = handleObj.selector + " "; + + if ( matches[ sel ] === undefined ) { + matches[ sel ] = handleObj.needsContext ? + jQuery( sel, this ).index( cur ) > -1 : + jQuery.find( sel, this, null, [ cur ] ).length; + } + if ( matches[ sel ] ) { + matches.push( handleObj ); + } + } + if ( matches.length ) { + handlerQueue.push( { elem: cur, handlers: matches } ); + } + } + } + } + + // Add the remaining (directly-bound) handlers + if ( delegateCount < handlers.length ) { + handlerQueue.push( { elem: this, handlers: handlers.slice( delegateCount ) } ); + } + + return handlerQueue; + }, + + fix: function( event ) { + if ( event[ jQuery.expando ] ) { + return event; + } + + // Create a writable copy of the event object and normalize some properties + var i, prop, copy, + type = event.type, + originalEvent = event, + fixHook = this.fixHooks[ type ]; + + if ( !fixHook ) { + this.fixHooks[ type ] = fixHook = + rmouseEvent.test( type ) ? this.mouseHooks : + rkeyEvent.test( type ) ? this.keyHooks : + {}; + } + copy = fixHook.props ? this.props.concat( fixHook.props ) : this.props; + + event = new jQuery.Event( originalEvent ); + + i = copy.length; + while ( i-- ) { + prop = copy[ i ]; + event[ prop ] = originalEvent[ prop ]; + } + + // Support: IE<9 + // Fix target property (#1925) + if ( !event.target ) { + event.target = originalEvent.srcElement || document; + } + + // Support: Safari 6-8+ + // Target should not be a text node (#504, #13143) + if ( event.target.nodeType === 3 ) { + event.target = event.target.parentNode; + } + + // Support: IE<9 + // For mouse/key events, metaKey==false if it's undefined (#3368, #11328) + event.metaKey = !!event.metaKey; + + return fixHook.filter ? fixHook.filter( event, originalEvent ) : event; + }, + + // Includes some event props shared by KeyEvent and MouseEvent + props: ( "altKey bubbles cancelable ctrlKey currentTarget detail eventPhase " + + "metaKey relatedTarget shiftKey target timeStamp view which" ).split( " " ), + + fixHooks: {}, + + keyHooks: { + props: "char charCode key keyCode".split( " " ), + filter: function( event, original ) { + + // Add which for key events + if ( event.which == null ) { + event.which = original.charCode != null ? original.charCode : original.keyCode; + } + + return event; + } + }, + + mouseHooks: { + props: ( "button buttons clientX clientY fromElement offsetX offsetY " + + "pageX pageY screenX screenY toElement" ).split( " " ), + filter: function( event, original ) { + var body, eventDoc, doc, + button = original.button, + fromElement = original.fromElement; + + // Calculate pageX/Y if missing and clientX/Y available + if ( event.pageX == null && original.clientX != null ) { + eventDoc = event.target.ownerDocument || document; + doc = eventDoc.documentElement; + body = eventDoc.body; + + event.pageX = original.clientX + + ( doc && doc.scrollLeft || body && body.scrollLeft || 0 ) - + ( doc && doc.clientLeft || body && body.clientLeft || 0 ); + event.pageY = original.clientY + + ( doc && doc.scrollTop || body && body.scrollTop || 0 ) - + ( doc && doc.clientTop || body && body.clientTop || 0 ); + } + + // Add relatedTarget, if necessary + if ( !event.relatedTarget && fromElement ) { + event.relatedTarget = fromElement === event.target ? + original.toElement : + fromElement; + } + + // Add which for click: 1 === left; 2 === middle; 3 === right + // Note: button is not normalized, so don't use it + if ( !event.which && button !== undefined ) { + event.which = ( button & 1 ? 1 : ( button & 2 ? 3 : ( button & 4 ? 2 : 0 ) ) ); + } + + return event; + } + }, + + special: { + load: { + + // Prevent triggered image.load events from bubbling to window.load + noBubble: true + }, + focus: { + + // Fire native event if possible so blur/focus sequence is correct + trigger: function() { + if ( this !== safeActiveElement() && this.focus ) { + try { + this.focus(); + return false; + } catch ( e ) { + + // Support: IE<9 + // If we error on focus to hidden element (#1486, #12518), + // let .trigger() run the handlers + } + } + }, + delegateType: "focusin" + }, + blur: { + trigger: function() { + if ( this === safeActiveElement() && this.blur ) { + this.blur(); + return false; + } + }, + delegateType: "focusout" + }, + click: { + + // For checkbox, fire native event so checked state will be right + trigger: function() { + if ( jQuery.nodeName( this, "input" ) && this.type === "checkbox" && this.click ) { + this.click(); + return false; + } + }, + + // For cross-browser consistency, don't fire native .click() on links + _default: function( event ) { + return jQuery.nodeName( event.target, "a" ); + } + }, + + beforeunload: { + postDispatch: function( event ) { + + // Support: Firefox 20+ + // Firefox doesn't alert if the returnValue field is not set. + if ( event.result !== undefined && event.originalEvent ) { + event.originalEvent.returnValue = event.result; + } + } + } + }, + + // Piggyback on a donor event to simulate a different one + simulate: function( type, elem, event ) { + var e = jQuery.extend( + new jQuery.Event(), + event, + { + type: type, + isSimulated: true + + // Previously, `originalEvent: {}` was set here, so stopPropagation call + // would not be triggered on donor event, since in our own + // jQuery.event.stopPropagation function we had a check for existence of + // originalEvent.stopPropagation method, so, consequently it would be a noop. + // + // Guard for simulated events was moved to jQuery.event.stopPropagation function + // since `originalEvent` should point to the original event for the + // constancy with other events and for more focused logic + } + ); + + jQuery.event.trigger( e, null, elem ); + + if ( e.isDefaultPrevented() ) { + event.preventDefault(); + } + } +}; + +jQuery.removeEvent = document.removeEventListener ? + function( elem, type, handle ) { + + // This "if" is needed for plain objects + if ( elem.removeEventListener ) { + elem.removeEventListener( type, handle ); + } + } : + function( elem, type, handle ) { + var name = "on" + type; + + if ( elem.detachEvent ) { + + // #8545, #7054, preventing memory leaks for custom events in IE6-8 + // detachEvent needed property on element, by name of that event, + // to properly expose it to GC + if ( typeof elem[ name ] === "undefined" ) { + elem[ name ] = null; + } + + elem.detachEvent( name, handle ); + } + }; + +jQuery.Event = function( src, props ) { + + // Allow instantiation without the 'new' keyword + if ( !( this instanceof jQuery.Event ) ) { + return new jQuery.Event( src, props ); + } + + // Event object + if ( src && src.type ) { + this.originalEvent = src; + this.type = src.type; + + // Events bubbling up the document may have been marked as prevented + // by a handler lower down the tree; reflect the correct value. + this.isDefaultPrevented = src.defaultPrevented || + src.defaultPrevented === undefined && + + // Support: IE < 9, Android < 4.0 + src.returnValue === false ? + returnTrue : + returnFalse; + + // Event type + } else { + this.type = src; + } + + // Put explicitly provided properties onto the event object + if ( props ) { + jQuery.extend( this, props ); + } + + // Create a timestamp if incoming event doesn't have one + this.timeStamp = src && src.timeStamp || jQuery.now(); + + // Mark it as fixed + this[ jQuery.expando ] = true; +}; + +// jQuery.Event is based on DOM3 Events as specified by the ECMAScript Language Binding +// http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html +jQuery.Event.prototype = { + constructor: jQuery.Event, + isDefaultPrevented: returnFalse, + isPropagationStopped: returnFalse, + isImmediatePropagationStopped: returnFalse, + + preventDefault: function() { + var e = this.originalEvent; + + this.isDefaultPrevented = returnTrue; + if ( !e ) { + return; + } + + // If preventDefault exists, run it on the original event + if ( e.preventDefault ) { + e.preventDefault(); + + // Support: IE + // Otherwise set the returnValue property of the original event to false + } else { + e.returnValue = false; + } + }, + stopPropagation: function() { + var e = this.originalEvent; + + this.isPropagationStopped = returnTrue; + + if ( !e || this.isSimulated ) { + return; + } + + // If stopPropagation exists, run it on the original event + if ( e.stopPropagation ) { + e.stopPropagation(); + } + + // Support: IE + // Set the cancelBubble property of the original event to true + e.cancelBubble = true; + }, + stopImmediatePropagation: function() { + var e = this.originalEvent; + + this.isImmediatePropagationStopped = returnTrue; + + if ( e && e.stopImmediatePropagation ) { + e.stopImmediatePropagation(); + } + + this.stopPropagation(); + } +}; + +// Create mouseenter/leave events using mouseover/out and event-time checks +// so that event delegation works in jQuery. +// Do the same for pointerenter/pointerleave and pointerover/pointerout +// +// Support: Safari 7 only +// Safari sends mouseenter too often; see: +// https://code.google.com/p/chromium/issues/detail?id=470258 +// for the description of the bug (it existed in older Chrome versions as well). +jQuery.each( { + mouseenter: "mouseover", + mouseleave: "mouseout", + pointerenter: "pointerover", + pointerleave: "pointerout" +}, function( orig, fix ) { + jQuery.event.special[ orig ] = { + delegateType: fix, + bindType: fix, + + handle: function( event ) { + var ret, + target = this, + related = event.relatedTarget, + handleObj = event.handleObj; + + // For mouseenter/leave call the handler if related is outside the target. + // NB: No relatedTarget if the mouse left/entered the browser window + if ( !related || ( related !== target && !jQuery.contains( target, related ) ) ) { + event.type = handleObj.origType; + ret = handleObj.handler.apply( this, arguments ); + event.type = fix; + } + return ret; + } + }; +} ); + +// IE submit delegation +if ( !support.submit ) { + + jQuery.event.special.submit = { + setup: function() { + + // Only need this for delegated form submit events + if ( jQuery.nodeName( this, "form" ) ) { + return false; + } + + // Lazy-add a submit handler when a descendant form may potentially be submitted + jQuery.event.add( this, "click._submit keypress._submit", function( e ) { + + // Node name check avoids a VML-related crash in IE (#9807) + var elem = e.target, + form = jQuery.nodeName( elem, "input" ) || jQuery.nodeName( elem, "button" ) ? + + // Support: IE <=8 + // We use jQuery.prop instead of elem.form + // to allow fixing the IE8 delegated submit issue (gh-2332) + // by 3rd party polyfills/workarounds. + jQuery.prop( elem, "form" ) : + undefined; + + if ( form && !jQuery._data( form, "submit" ) ) { + jQuery.event.add( form, "submit._submit", function( event ) { + event._submitBubble = true; + } ); + jQuery._data( form, "submit", true ); + } + } ); + + // return undefined since we don't need an event listener + }, + + postDispatch: function( event ) { + + // If form was submitted by the user, bubble the event up the tree + if ( event._submitBubble ) { + delete event._submitBubble; + if ( this.parentNode && !event.isTrigger ) { + jQuery.event.simulate( "submit", this.parentNode, event ); + } + } + }, + + teardown: function() { + + // Only need this for delegated form submit events + if ( jQuery.nodeName( this, "form" ) ) { + return false; + } + + // Remove delegated handlers; cleanData eventually reaps submit handlers attached above + jQuery.event.remove( this, "._submit" ); + } + }; +} + +// IE change delegation and checkbox/radio fix +if ( !support.change ) { + + jQuery.event.special.change = { + + setup: function() { + + if ( rformElems.test( this.nodeName ) ) { + + // IE doesn't fire change on a check/radio until blur; trigger it on click + // after a propertychange. Eat the blur-change in special.change.handle. + // This still fires onchange a second time for check/radio after blur. + if ( this.type === "checkbox" || this.type === "radio" ) { + jQuery.event.add( this, "propertychange._change", function( event ) { + if ( event.originalEvent.propertyName === "checked" ) { + this._justChanged = true; + } + } ); + jQuery.event.add( this, "click._change", function( event ) { + if ( this._justChanged && !event.isTrigger ) { + this._justChanged = false; + } + + // Allow triggered, simulated change events (#11500) + jQuery.event.simulate( "change", this, event ); + } ); + } + return false; + } + + // Delegated event; lazy-add a change handler on descendant inputs + jQuery.event.add( this, "beforeactivate._change", function( e ) { + var elem = e.target; + + if ( rformElems.test( elem.nodeName ) && !jQuery._data( elem, "change" ) ) { + jQuery.event.add( elem, "change._change", function( event ) { + if ( this.parentNode && !event.isSimulated && !event.isTrigger ) { + jQuery.event.simulate( "change", this.parentNode, event ); + } + } ); + jQuery._data( elem, "change", true ); + } + } ); + }, + + handle: function( event ) { + var elem = event.target; + + // Swallow native change events from checkbox/radio, we already triggered them above + if ( this !== elem || event.isSimulated || event.isTrigger || + ( elem.type !== "radio" && elem.type !== "checkbox" ) ) { + + return event.handleObj.handler.apply( this, arguments ); + } + }, + + teardown: function() { + jQuery.event.remove( this, "._change" ); + + return !rformElems.test( this.nodeName ); + } + }; +} + +// Support: Firefox +// Firefox doesn't have focus(in | out) events +// Related ticket - https://bugzilla.mozilla.org/show_bug.cgi?id=687787 +// +// Support: Chrome, Safari +// focus(in | out) events fire after focus & blur events, +// which is spec violation - http://www.w3.org/TR/DOM-Level-3-Events/#events-focusevent-event-order +// Related ticket - https://code.google.com/p/chromium/issues/detail?id=449857 +if ( !support.focusin ) { + jQuery.each( { focus: "focusin", blur: "focusout" }, function( orig, fix ) { + + // Attach a single capturing handler on the document while someone wants focusin/focusout + var handler = function( event ) { + jQuery.event.simulate( fix, event.target, jQuery.event.fix( event ) ); + }; + + jQuery.event.special[ fix ] = { + setup: function() { + var doc = this.ownerDocument || this, + attaches = jQuery._data( doc, fix ); + + if ( !attaches ) { + doc.addEventListener( orig, handler, true ); + } + jQuery._data( doc, fix, ( attaches || 0 ) + 1 ); + }, + teardown: function() { + var doc = this.ownerDocument || this, + attaches = jQuery._data( doc, fix ) - 1; + + if ( !attaches ) { + doc.removeEventListener( orig, handler, true ); + jQuery._removeData( doc, fix ); + } else { + jQuery._data( doc, fix, attaches ); + } + } + }; + } ); +} + +jQuery.fn.extend( { + + on: function( types, selector, data, fn ) { + return on( this, types, selector, data, fn ); + }, + one: function( types, selector, data, fn ) { + return on( this, types, selector, data, fn, 1 ); + }, + off: function( types, selector, fn ) { + var handleObj, type; + if ( types && types.preventDefault && types.handleObj ) { + + // ( event ) dispatched jQuery.Event + handleObj = types.handleObj; + jQuery( types.delegateTarget ).off( + handleObj.namespace ? + handleObj.origType + "." + handleObj.namespace : + handleObj.origType, + handleObj.selector, + handleObj.handler + ); + return this; + } + if ( typeof types === "object" ) { + + // ( types-object [, selector] ) + for ( type in types ) { + this.off( type, selector, types[ type ] ); + } + return this; + } + if ( selector === false || typeof selector === "function" ) { + + // ( types [, fn] ) + fn = selector; + selector = undefined; + } + if ( fn === false ) { + fn = returnFalse; + } + return this.each( function() { + jQuery.event.remove( this, types, fn, selector ); + } ); + }, + + trigger: function( type, data ) { + return this.each( function() { + jQuery.event.trigger( type, data, this ); + } ); + }, + triggerHandler: function( type, data ) { + var elem = this[ 0 ]; + if ( elem ) { + return jQuery.event.trigger( type, data, elem, true ); + } + } +} ); + + +var rinlinejQuery = / jQuery\d+="(?:null|\d+)"/g, + rnoshimcache = new RegExp( "<(?:" + nodeNames + ")[\\s/>]", "i" ), + rxhtmlTag = /<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:-]+)[^>]*)\/>/gi, + + // Support: IE 10-11, Edge 10240+ + // In IE/Edge using regex groups here causes severe slowdowns. + // See https://connect.microsoft.com/IE/feedback/details/1736512/ + rnoInnerhtml = /\s*$/g, + safeFragment = createSafeFragment( document ), + fragmentDiv = safeFragment.appendChild( document.createElement( "div" ) ); + +// Support: IE<8 +// Manipulating tables requires a tbody +function manipulationTarget( elem, content ) { + return jQuery.nodeName( elem, "table" ) && + jQuery.nodeName( content.nodeType !== 11 ? content : content.firstChild, "tr" ) ? + + elem.getElementsByTagName( "tbody" )[ 0 ] || + elem.appendChild( elem.ownerDocument.createElement( "tbody" ) ) : + elem; +} + +// Replace/restore the type attribute of script elements for safe DOM manipulation +function disableScript( elem ) { + elem.type = ( jQuery.find.attr( elem, "type" ) !== null ) + "/" + elem.type; + return elem; +} +function restoreScript( elem ) { + var match = rscriptTypeMasked.exec( elem.type ); + if ( match ) { + elem.type = match[ 1 ]; + } else { + elem.removeAttribute( "type" ); + } + return elem; +} + +function cloneCopyEvent( src, dest ) { + if ( dest.nodeType !== 1 || !jQuery.hasData( src ) ) { + return; + } + + var type, i, l, + oldData = jQuery._data( src ), + curData = jQuery._data( dest, oldData ), + events = oldData.events; + + if ( events ) { + delete curData.handle; + curData.events = {}; + + for ( type in events ) { + for ( i = 0, l = events[ type ].length; i < l; i++ ) { + jQuery.event.add( dest, type, events[ type ][ i ] ); + } + } + } + + // make the cloned public data object a copy from the original + if ( curData.data ) { + curData.data = jQuery.extend( {}, curData.data ); + } +} + +function fixCloneNodeIssues( src, dest ) { + var nodeName, e, data; + + // We do not need to do anything for non-Elements + if ( dest.nodeType !== 1 ) { + return; + } + + nodeName = dest.nodeName.toLowerCase(); + + // IE6-8 copies events bound via attachEvent when using cloneNode. + if ( !support.noCloneEvent && dest[ jQuery.expando ] ) { + data = jQuery._data( dest ); + + for ( e in data.events ) { + jQuery.removeEvent( dest, e, data.handle ); + } + + // Event data gets referenced instead of copied if the expando gets copied too + dest.removeAttribute( jQuery.expando ); + } + + // IE blanks contents when cloning scripts, and tries to evaluate newly-set text + if ( nodeName === "script" && dest.text !== src.text ) { + disableScript( dest ).text = src.text; + restoreScript( dest ); + + // IE6-10 improperly clones children of object elements using classid. + // IE10 throws NoModificationAllowedError if parent is null, #12132. + } else if ( nodeName === "object" ) { + if ( dest.parentNode ) { + dest.outerHTML = src.outerHTML; + } + + // This path appears unavoidable for IE9. When cloning an object + // element in IE9, the outerHTML strategy above is not sufficient. + // If the src has innerHTML and the destination does not, + // copy the src.innerHTML into the dest.innerHTML. #10324 + if ( support.html5Clone && ( src.innerHTML && !jQuery.trim( dest.innerHTML ) ) ) { + dest.innerHTML = src.innerHTML; + } + + } else if ( nodeName === "input" && rcheckableType.test( src.type ) ) { + + // IE6-8 fails to persist the checked state of a cloned checkbox + // or radio button. Worse, IE6-7 fail to give the cloned element + // a checked appearance if the defaultChecked value isn't also set + + dest.defaultChecked = dest.checked = src.checked; + + // IE6-7 get confused and end up setting the value of a cloned + // checkbox/radio button to an empty string instead of "on" + if ( dest.value !== src.value ) { + dest.value = src.value; + } + + // IE6-8 fails to return the selected option to the default selected + // state when cloning options + } else if ( nodeName === "option" ) { + dest.defaultSelected = dest.selected = src.defaultSelected; + + // IE6-8 fails to set the defaultValue to the correct value when + // cloning other types of input fields + } else if ( nodeName === "input" || nodeName === "textarea" ) { + dest.defaultValue = src.defaultValue; + } +} + +function domManip( collection, args, callback, ignored ) { + + // Flatten any nested arrays + args = concat.apply( [], args ); + + var first, node, hasScripts, + scripts, doc, fragment, + i = 0, + l = collection.length, + iNoClone = l - 1, + value = args[ 0 ], + isFunction = jQuery.isFunction( value ); + + // We can't cloneNode fragments that contain checked, in WebKit + if ( isFunction || + ( l > 1 && typeof value === "string" && + !support.checkClone && rchecked.test( value ) ) ) { + return collection.each( function( index ) { + var self = collection.eq( index ); + if ( isFunction ) { + args[ 0 ] = value.call( this, index, self.html() ); + } + domManip( self, args, callback, ignored ); + } ); + } + + if ( l ) { + fragment = buildFragment( args, collection[ 0 ].ownerDocument, false, collection, ignored ); + first = fragment.firstChild; + + if ( fragment.childNodes.length === 1 ) { + fragment = first; + } + + // Require either new content or an interest in ignored elements to invoke the callback + if ( first || ignored ) { + scripts = jQuery.map( getAll( fragment, "script" ), disableScript ); + hasScripts = scripts.length; + + // Use the original fragment for the last item + // instead of the first because it can end up + // being emptied incorrectly in certain situations (#8070). + for ( ; i < l; i++ ) { + node = fragment; + + if ( i !== iNoClone ) { + node = jQuery.clone( node, true, true ); + + // Keep references to cloned scripts for later restoration + if ( hasScripts ) { + + // Support: Android<4.1, PhantomJS<2 + // push.apply(_, arraylike) throws on ancient WebKit + jQuery.merge( scripts, getAll( node, "script" ) ); + } + } + + callback.call( collection[ i ], node, i ); + } + + if ( hasScripts ) { + doc = scripts[ scripts.length - 1 ].ownerDocument; + + // Reenable scripts + jQuery.map( scripts, restoreScript ); + + // Evaluate executable scripts on first document insertion + for ( i = 0; i < hasScripts; i++ ) { + node = scripts[ i ]; + if ( rscriptType.test( node.type || "" ) && + !jQuery._data( node, "globalEval" ) && + jQuery.contains( doc, node ) ) { + + if ( node.src ) { + + // Optional AJAX dependency, but won't run scripts if not present + if ( jQuery._evalUrl ) { + jQuery._evalUrl( node.src ); + } + } else { + jQuery.globalEval( + ( node.text || node.textContent || node.innerHTML || "" ) + .replace( rcleanScript, "" ) + ); + } + } + } + } + + // Fix #11809: Avoid leaking memory + fragment = first = null; + } + } + + return collection; +} + +function remove( elem, selector, keepData ) { + var node, + elems = selector ? jQuery.filter( selector, elem ) : elem, + i = 0; + + for ( ; ( node = elems[ i ] ) != null; i++ ) { + + if ( !keepData && node.nodeType === 1 ) { + jQuery.cleanData( getAll( node ) ); + } + + if ( node.parentNode ) { + if ( keepData && jQuery.contains( node.ownerDocument, node ) ) { + setGlobalEval( getAll( node, "script" ) ); + } + node.parentNode.removeChild( node ); + } + } + + return elem; +} + +jQuery.extend( { + htmlPrefilter: function( html ) { + return html.replace( rxhtmlTag, "<$1>" ); + }, + + clone: function( elem, dataAndEvents, deepDataAndEvents ) { + var destElements, node, clone, i, srcElements, + inPage = jQuery.contains( elem.ownerDocument, elem ); + + if ( support.html5Clone || jQuery.isXMLDoc( elem ) || + !rnoshimcache.test( "<" + elem.nodeName + ">" ) ) { + + clone = elem.cloneNode( true ); + + // IE<=8 does not properly clone detached, unknown element nodes + } else { + fragmentDiv.innerHTML = elem.outerHTML; + fragmentDiv.removeChild( clone = fragmentDiv.firstChild ); + } + + if ( ( !support.noCloneEvent || !support.noCloneChecked ) && + ( elem.nodeType === 1 || elem.nodeType === 11 ) && !jQuery.isXMLDoc( elem ) ) { + + // We eschew Sizzle here for performance reasons: http://jsperf.com/getall-vs-sizzle/2 + destElements = getAll( clone ); + srcElements = getAll( elem ); + + // Fix all IE cloning issues + for ( i = 0; ( node = srcElements[ i ] ) != null; ++i ) { + + // Ensure that the destination node is not null; Fixes #9587 + if ( destElements[ i ] ) { + fixCloneNodeIssues( node, destElements[ i ] ); + } + } + } + + // Copy the events from the original to the clone + if ( dataAndEvents ) { + if ( deepDataAndEvents ) { + srcElements = srcElements || getAll( elem ); + destElements = destElements || getAll( clone ); + + for ( i = 0; ( node = srcElements[ i ] ) != null; i++ ) { + cloneCopyEvent( node, destElements[ i ] ); + } + } else { + cloneCopyEvent( elem, clone ); + } + } + + // Preserve script evaluation history + destElements = getAll( clone, "script" ); + if ( destElements.length > 0 ) { + setGlobalEval( destElements, !inPage && getAll( elem, "script" ) ); + } + + destElements = srcElements = node = null; + + // Return the cloned set + return clone; + }, + + cleanData: function( elems, /* internal */ forceAcceptData ) { + var elem, type, id, data, + i = 0, + internalKey = jQuery.expando, + cache = jQuery.cache, + attributes = support.attributes, + special = jQuery.event.special; + + for ( ; ( elem = elems[ i ] ) != null; i++ ) { + if ( forceAcceptData || acceptData( elem ) ) { + + id = elem[ internalKey ]; + data = id && cache[ id ]; + + if ( data ) { + if ( data.events ) { + for ( type in data.events ) { + if ( special[ type ] ) { + jQuery.event.remove( elem, type ); + + // This is a shortcut to avoid jQuery.event.remove's overhead + } else { + jQuery.removeEvent( elem, type, data.handle ); + } + } + } + + // Remove cache only if it was not already removed by jQuery.event.remove + if ( cache[ id ] ) { + + delete cache[ id ]; + + // Support: IE<9 + // IE does not allow us to delete expando properties from nodes + // IE creates expando attributes along with the property + // IE does not have a removeAttribute function on Document nodes + if ( !attributes && typeof elem.removeAttribute !== "undefined" ) { + elem.removeAttribute( internalKey ); + + // Webkit & Blink performance suffers when deleting properties + // from DOM nodes, so set to undefined instead + // https://code.google.com/p/chromium/issues/detail?id=378607 + } else { + elem[ internalKey ] = undefined; + } + + deletedIds.push( id ); + } + } + } + } + } +} ); + +jQuery.fn.extend( { + + // Keep domManip exposed until 3.0 (gh-2225) + domManip: domManip, + + detach: function( selector ) { + return remove( this, selector, true ); + }, + + remove: function( selector ) { + return remove( this, selector ); + }, + + text: function( value ) { + return access( this, function( value ) { + return value === undefined ? + jQuery.text( this ) : + this.empty().append( + ( this[ 0 ] && this[ 0 ].ownerDocument || document ).createTextNode( value ) + ); + }, null, value, arguments.length ); + }, + + append: function() { + return domManip( this, arguments, function( elem ) { + if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) { + var target = manipulationTarget( this, elem ); + target.appendChild( elem ); + } + } ); + }, + + prepend: function() { + return domManip( this, arguments, function( elem ) { + if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) { + var target = manipulationTarget( this, elem ); + target.insertBefore( elem, target.firstChild ); + } + } ); + }, + + before: function() { + return domManip( this, arguments, function( elem ) { + if ( this.parentNode ) { + this.parentNode.insertBefore( elem, this ); + } + } ); + }, + + after: function() { + return domManip( this, arguments, function( elem ) { + if ( this.parentNode ) { + this.parentNode.insertBefore( elem, this.nextSibling ); + } + } ); + }, + + empty: function() { + var elem, + i = 0; + + for ( ; ( elem = this[ i ] ) != null; i++ ) { + + // Remove element nodes and prevent memory leaks + if ( elem.nodeType === 1 ) { + jQuery.cleanData( getAll( elem, false ) ); + } + + // Remove any remaining nodes + while ( elem.firstChild ) { + elem.removeChild( elem.firstChild ); + } + + // If this is a select, ensure that it displays empty (#12336) + // Support: IE<9 + if ( elem.options && jQuery.nodeName( elem, "select" ) ) { + elem.options.length = 0; + } + } + + return this; + }, + + clone: function( dataAndEvents, deepDataAndEvents ) { + dataAndEvents = dataAndEvents == null ? false : dataAndEvents; + deepDataAndEvents = deepDataAndEvents == null ? dataAndEvents : deepDataAndEvents; + + return this.map( function() { + return jQuery.clone( this, dataAndEvents, deepDataAndEvents ); + } ); + }, + + html: function( value ) { + return access( this, function( value ) { + var elem = this[ 0 ] || {}, + i = 0, + l = this.length; + + if ( value === undefined ) { + return elem.nodeType === 1 ? + elem.innerHTML.replace( rinlinejQuery, "" ) : + undefined; + } + + // See if we can take a shortcut and just use innerHTML + if ( typeof value === "string" && !rnoInnerhtml.test( value ) && + ( support.htmlSerialize || !rnoshimcache.test( value ) ) && + ( support.leadingWhitespace || !rleadingWhitespace.test( value ) ) && + !wrapMap[ ( rtagName.exec( value ) || [ "", "" ] )[ 1 ].toLowerCase() ] ) { + + value = jQuery.htmlPrefilter( value ); + + try { + for ( ; i < l; i++ ) { + + // Remove element nodes and prevent memory leaks + elem = this[ i ] || {}; + if ( elem.nodeType === 1 ) { + jQuery.cleanData( getAll( elem, false ) ); + elem.innerHTML = value; + } + } + + elem = 0; + + // If using innerHTML throws an exception, use the fallback method + } catch ( e ) {} + } + + if ( elem ) { + this.empty().append( value ); + } + }, null, value, arguments.length ); + }, + + replaceWith: function() { + var ignored = []; + + // Make the changes, replacing each non-ignored context element with the new content + return domManip( this, arguments, function( elem ) { + var parent = this.parentNode; + + if ( jQuery.inArray( this, ignored ) < 0 ) { + jQuery.cleanData( getAll( this ) ); + if ( parent ) { + parent.replaceChild( elem, this ); + } + } + + // Force callback invocation + }, ignored ); + } +} ); + +jQuery.each( { + appendTo: "append", + prependTo: "prepend", + insertBefore: "before", + insertAfter: "after", + replaceAll: "replaceWith" +}, function( name, original ) { + jQuery.fn[ name ] = function( selector ) { + var elems, + i = 0, + ret = [], + insert = jQuery( selector ), + last = insert.length - 1; + + for ( ; i <= last; i++ ) { + elems = i === last ? this : this.clone( true ); + jQuery( insert[ i ] )[ original ]( elems ); + + // Modern browsers can apply jQuery collections as arrays, but oldIE needs a .get() + push.apply( ret, elems.get() ); + } + + return this.pushStack( ret ); + }; +} ); + + +var iframe, + elemdisplay = { + + // Support: Firefox + // We have to pre-define these values for FF (#10227) + HTML: "block", + BODY: "block" + }; + +/** + * Retrieve the actual display of a element + * @param {String} name nodeName of the element + * @param {Object} doc Document object + */ + +// Called only from within defaultDisplay +function actualDisplay( name, doc ) { + var elem = jQuery( doc.createElement( name ) ).appendTo( doc.body ), + + display = jQuery.css( elem[ 0 ], "display" ); + + // We don't have any data stored on the element, + // so use "detach" method as fast way to get rid of the element + elem.detach(); + + return display; +} + +/** + * Try to determine the default display value of an element + * @param {String} nodeName + */ +function defaultDisplay( nodeName ) { + var doc = document, + display = elemdisplay[ nodeName ]; + + if ( !display ) { + display = actualDisplay( nodeName, doc ); + + // If the simple way fails, read from inside an iframe + if ( display === "none" || !display ) { + + // Use the already-created iframe if possible + iframe = ( iframe || jQuery( "