Add payments view and update invoice view for app

[supra08]

This PR adds the payments view and updates the invoice view for the app.
This is an initial implementation and has been tested on iOS and Android devices both.

[supra08]

@dashwave can you show the security vulnerabilities in this PR?

[dashwave-ci-dev]

Let’s go step-by-step through the provided Flutter code files, analyzing for potential vulnerabilities and weaknesses.

Vulnerability Assessment

1. Potential Insecure Input Handling

File Path and Line Number(s):

• payment_view.dart (line 7)

Description of the Issue:
The PaymentView class accepts a String itemName, which is passed directly to the UI without any validation or sanitization. If an attacker finds a way to pass malicious data (e.g., special characters, HTML, etc.), it could lead to Cross-Site Scripting (XSS) when displayed in the UI.

Potential Impact:
If XSS is successfully executed, it could allow an attacker to execute arbitrary JavaScript in the context of the user's session, potentially leading to data theft, session hijacking, or redirection to malicious sites.

Code Snippet:

class PaymentView extends StatelessWidget {
  final String itemName;

  const PaymentView({Key? key, required this.itemName}) : super(key: key);

  @override
  Widget build(BuildContext context) {
    return Scaffold(
      appBar: AppBar(
        title: Text('Payment for $itemName'), // XSS Vulnerability
      ),
      ...
    );
  }
}

Exploit PoC:
An attacker could pass a malicious itemName such as <script>alert("XSS")</script>, resulting in the JavaScript being executed when the PaymentView is rendered.

Recommendations to Fix or Mitigate:
Sanitize the input to ensure that it is safe to display. Flutter provides the html package which can be used to sanitize HTML content, or you could implement simple input validation to allow only alphanumeric characters.

2. Navigation Vulnerability

File Path and Line Number(s):

• sample_item_list_view.dart (line 36)

Description of the Issue:
In this code snippet, the Navigator.restorablePushNamed method is used to lead to SampleItemDetailsView, potentially without any proper verification of the item. If sensitive actions depend on the pushed route without authentication or checks, it could lead to unauthorized access.

Potential Impact:
If an attacker manipulates the navigation parameters (for example, going to an item without proper authentication), it could allow accessing restricted data or features.

Code Snippet:

onTap: () {
  Navigator.restorablePushNamed(
    context,
    SampleItemDetailsView.routeName,
  );  // Potentially exposes sensitive item details
},

Exploit PoC:
An attacker could manipulate the client-side navigation to access item details that should not be visible.

Recommendations to Fix or Mitigate:
Use a form of authentication and authorization mechanism before navigating to sensitive views. Validate user roles and permissions before pushing routes to ensure access control.

Summary Table of Vulnerabilities

Vulnerability Name	Vulnerability Description	File Path	CVSS Vector	Confidence Score	Exploitation Steps
Insecure Input Handling	Accepting unvalidated input that could lead to XSS vulnerabilities in the UI.	payment_view.dart (line 7)	AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	Medium	1. Inject malicious script as itemName. 2. Render PaymentView. 3. Execute arbitrary script.
Navigation Vulnerability	Potential unauthorized access to sensitive item details when navigating without proper checks.	sample_item_list_view.dart (line 36)	AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	Medium	1. Access SampleItemDetailsView without authorization. 2. Manipulate navigation parameters to access restricted data.

Additional Comments:

• Ensure that proper error handling mechanisms are in place. A poorly managed error handling setup might leak sensitive information through exception messages.
• Review any dependencies for known vulnerabilities, using tools like pubspec.lock to manage and address versioning concerns. Regularly check Flutter and Dart libraries for known security issues.

This analysis provides a roadmap for improving the security posture of your Flutter application. Implement the provided recommendations to reduce vulnerabilities significantly.

[supra08]

@dashwave can you describe the changes in the PR in detail?

[dashwave-ci-dev]

Title: Add Sample Item List and Payment View Features

What is this?

This pull request introduces a set of features to enhance the functionality of the Flutter application. The primary motivation behind these changes is to provide users with a more interactive experience by allowing them to browse a list of sample items (represented as courses) and proceed to a payment view for selected items. Ultimately, this implementation aims to improve user engagement and facilitate better navigation within the app.

Changes

Added Features:

1. New SampleItemListView class in sample_item_list_view.dart:

   • This widget displays a list of courses as cards in a grid view. Each card includes a circular avatar as a placeholder for course images and the course ID. Users can tap on a card to navigate to the SampleItemDetailsView.

2. New PaymentView class in payment_view.dart:

   • This view presents payment information for the selected item. It includes a button to navigate to the InvoiceView, where users can view detailed payment information.

Code Changes:

1. In main.dart:

   • The entry point of the application initializes the SettingsController and loads user settings. No structural changes were made, but this sets up the app environment for subsequent features.

2. In sample_item_list_view.dart:

   • Implemented a GridView that allows users to scroll through and select items. The app bar includes a settings button that directs users to the settings view.

3. In payment_view.dart:

   • The PaymentView class was created, which takes an itemName parameter and allows users to initiate a payment.

Documentation Updates:

1. In sample_item_list_view.dart:

   • Added comments to explain the purpose of the SampleItemListView widget and its components.

2. In payment_view.dart:

   • Included documentation for the PaymentView class, explaining its purpose and functionality.

Demo

• N/A

Context

• N/A

[ranaaditya]

@dashwave can you tell the code diff to fix the security vulnerabilities in this PR as described by you previsouly ?