Multiple UI/UX improvements

MDA2AV · MDA2AV · commit 5202d1efcd81 · 2026-02-13T15:33:13.000Z
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -11,6 +11,7 @@ All notable changes to Http11Probe are documented in this file.
 - **Collapsible sub-groups** — group headers in result tables are now clickable to collapse/expand, with a chevron indicator and a "Collapse All / Expand All" toggle button
 - **Row-click detail popup** — clicking a server row opens a modal showing that server's results for the current table in a vertical layout (Test, Expected, Got, Description) with section and table name in the header
 - **Truncation notice** — tooltip and modal now show a `[Truncated]` notice at the top when raw request/response data exceeds the 8,192-byte display limit
+- **Filter box** — text input above result tables to filter by server name, language, or test name; supports multiple comma-separated keywords
 
 ### Changed
 - **Horizontal column headers** — test name headers are now displayed horizontally instead of rotated at -55°, improving readability
diff --git a/docs/content/compliance/_index.md b/docs/content/compliance/_index.md
@@ -10,9 +10,12 @@ These tests validate that HTTP/1.1 servers correctly implement the protocol requ
 
 Each test sends a request that violates a specific **MUST** or **MUST NOT** requirement from the RFCs. A compliant server should reject these with a `400 Bad Request` (or close the connection). Accepting the request silently means the server is non-compliant and potentially vulnerable to downstream attacks.
 
-{{< callout type="info" >}}
-Click a **server name** to view its Dockerfile and source code. Click a **row** to expand all results for that server. Click a **result cell** to see the full HTTP request and response.
-{{< /callout >}}
+<style>h1.hx\:mt-2{display:none}.probe-hint{background:#ddf4ff;border:1px solid #54aeff;border-radius:6px;padding:10px 14px;font-size:13px;color:#0969da;font-weight:500}html.dark .probe-hint{background:#1c2333;border-color:#1f6feb;color:#58a6ff}</style>
+<div style="display:grid;grid-template-columns:repeat(3,1fr);gap:10px;margin-bottom:16px;">
+<div class="probe-hint"><strong style="font-size:14px;">Server Name</strong><br>Click to view Dockerfile and source code</div>
+<div class="probe-hint"><strong style="font-size:14px;">Table Row</strong><br>Click to expand all results for that server</div>
+<div class="probe-hint"><strong style="font-size:14px;">Result Cell</strong><br>Click to see the full HTTP request and response</div>
+</div>
 
 <div id="lang-filter"></div>
 <div id="table-compliance"><p><em>Loading...</em></p></div>
diff --git a/docs/content/docs/_index.md b/docs/content/docs/_index.md
@@ -9,6 +9,7 @@ sidebar:
 Reference documentation for every test in Http11Probe, organized by topic. Each page explains the RFC requirement, what the test sends, what response is expected, and why it matters.
 
 {{< cards >}}
+  {{< card link="http-overview" title="Understanding HTTP" subtitle="What HTTP is, how HTTP/1.1 works at the wire level, its history from 0.9 to 3, and alternatives." icon="globe-alt" >}}
   {{< card link="rfc-basics" title="RFC Basics" subtitle="What RFCs are, how to read requirement levels (MUST/SHOULD/MAY), and which RFCs define HTTP/1.1." icon="book-open" >}}
   {{< card link="baseline" title="Baseline" subtitle="Sanity request used to confirm the target is reachable before running negative tests." icon="check-circle" >}}
   {{< card link="line-endings" title="Line Endings" subtitle="CRLF requirements, bare LF handling, and bare CR rejection per RFC 9112 Section 2.2." icon="code" >}}
diff --git a/docs/content/docs/baseline.md b/docs/content/docs/baseline.md
@@ -1,7 +1,7 @@
 ---
 title: "BASELINE"
 description: "BASELINE test documentation"
-weight: 2
+weight: 3
 ---
 
 | | |
diff --git a/docs/content/docs/http-overview/_index.md b/docs/content/docs/http-overview/_index.md
@@ -1,7 +1,7 @@
 ---
 title: Understanding HTTP
 description: "What HTTP is, how HTTP/1.1 works in depth, its history from 0.9 to 3, and alternatives."
-weight: 2
+weight: 1
 sidebar:
   open: false
 ---
diff --git a/docs/content/docs/rfc-basics.md b/docs/content/docs/rfc-basics.md
@@ -1,7 +1,7 @@
 ---
 title: RFC Basics
 description: "RFC Basics — Http11Probe documentation"
-weight: 1
+weight: 2
 ---
 
 ## What is an RFC?
diff --git a/docs/content/malformed-input/_index.md b/docs/content/malformed-input/_index.md
@@ -10,9 +10,12 @@ These tests send pathological, oversized, or completely invalid payloads to veri
 
 A well-implemented server should respond with `400 Bad Request`, `414 URI Too Long`, or `431 Request Header Fields Too Large` depending on the violation, or simply close the connection.
 
-{{< callout type="info" >}}
-Click a **server name** to view its Dockerfile and source code. Click a **row** to expand all results for that server. Click a **result cell** to see the full HTTP request and response.
-{{< /callout >}}
+<style>h1.hx\:mt-2{display:none}.probe-hint{background:#ddf4ff;border:1px solid #54aeff;border-radius:6px;padding:10px 14px;font-size:13px;color:#0969da;font-weight:500}html.dark .probe-hint{background:#1c2333;border-color:#1f6feb;color:#58a6ff}</style>
+<div style="display:grid;grid-template-columns:repeat(3,1fr);gap:10px;margin-bottom:16px;">
+<div class="probe-hint"><strong style="font-size:14px;">Server Name</strong><br>Click to view Dockerfile and source code</div>
+<div class="probe-hint"><strong style="font-size:14px;">Table Row</strong><br>Click to expand all results for that server</div>
+<div class="probe-hint"><strong style="font-size:14px;">Result Cell</strong><br>Click to see the full HTTP request and response</div>
+</div>
 
 <div id="lang-filter"></div>
 <div id="table-malformed"><p><em>Loading...</em></p></div>
diff --git a/docs/content/normalization/_index.md b/docs/content/normalization/_index.md
@@ -16,9 +16,12 @@ Header normalization tests check what happens when a server *accepts* a malforme
 Some tests are **unscored** (marked with `*`). These cover behaviors like case normalization that are RFC-compliant and common across servers.
 {{< /callout >}}
 
-{{< callout type="info" >}}
-Click a **server name** to view its Dockerfile and source code. Click a **row** to expand all results for that server. Click a **result cell** to see the full HTTP request and response.
-{{< /callout >}}
+<style>h1.hx\:mt-2{display:none}.probe-hint{background:#ddf4ff;border:1px solid #54aeff;border-radius:6px;padding:10px 14px;font-size:13px;color:#0969da;font-weight:500}html.dark .probe-hint{background:#1c2333;border-color:#1f6feb;color:#58a6ff}</style>
+<div style="display:grid;grid-template-columns:repeat(3,1fr);gap:10px;margin-bottom:16px;">
+<div class="probe-hint"><strong style="font-size:14px;">Server Name</strong><br>Click to view Dockerfile and source code</div>
+<div class="probe-hint"><strong style="font-size:14px;">Table Row</strong><br>Click to expand all results for that server</div>
+<div class="probe-hint"><strong style="font-size:14px;">Result Cell</strong><br>Click to see the full HTTP request and response</div>
+</div>
 
 <div id="lang-filter"></div>
 <div id="table-normalization"><p><em>Loading...</em></p></div>
diff --git a/docs/content/smuggling/_index.md b/docs/content/smuggling/_index.md
@@ -14,9 +14,12 @@ These tests send requests with ambiguous framing &mdash; conflicting `Content-Le
 Some tests are **unscored** (marked with `*`). These send payloads where the RFC permits multiple valid interpretations &mdash; for example, OWS trimming or case-insensitive TE matching. A `2xx` response is RFC-compliant but shown as a warning since stricter rejection is preferred.
 {{< /callout >}}
 
-{{< callout type="info" >}}
-Click a **server name** to view its Dockerfile and source code. Click a **row** to expand all results for that server. Click a **result cell** to see the full HTTP request and response.
-{{< /callout >}}
+<style>h1.hx\:mt-2{display:none}.probe-hint{background:#ddf4ff;border:1px solid #54aeff;border-radius:6px;padding:10px 14px;font-size:13px;color:#0969da;font-weight:500}html.dark .probe-hint{background:#1c2333;border-color:#1f6feb;color:#58a6ff}</style>
+<div style="display:grid;grid-template-columns:repeat(3,1fr);gap:10px;margin-bottom:16px;">
+<div class="probe-hint"><strong style="font-size:14px;">Server Name</strong><br>Click to view Dockerfile and source code</div>
+<div class="probe-hint"><strong style="font-size:14px;">Table Row</strong><br>Click to expand all results for that server</div>
+<div class="probe-hint"><strong style="font-size:14px;">Result Cell</strong><br>Click to see the full HTTP request and response</div>
+</div>
 
 <div id="lang-filter"></div>
 <div id="table-smuggling"><p><em>Loading...</em></p></div>
diff --git a/docs/static/probe/render.js b/docs/static/probe/render.js
@@ -111,7 +111,15 @@ window.ProbeRender = (function () {
       // Touch-friendly buttons
       + '@media(pointer:coarse){.probe-lang-btn,.probe-cat-btn,.probe-toggle-all{padding:8px 16px;font-size:13px;min-height:36px}}'
       // Stronger sticky shadow on mobile
-      + '@media(max-width:640px){.probe-table .probe-sticky-col{box-shadow:3px 0 6px rgba(0,0,0,0.1)}html.dark .probe-table .probe-sticky-col{box-shadow:3px 0 6px rgba(0,0,0,0.3)}}';
+      + '@media(max-width:640px){.probe-table .probe-sticky-col{box-shadow:3px 0 6px rgba(0,0,0,0.1)}html.dark .probe-table .probe-sticky-col{box-shadow:3px 0 6px rgba(0,0,0,0.3)}}'
+      // Filter input
+      + '.probe-filter-wrap{margin-bottom:8px;display:flex;align-items:center;gap:8px}'
+      + '.probe-filter-input{width:100%;max-width:340px;padding:6px 10px;font-size:13px;border:1px solid #d0d7de;border-radius:6px;background:#fff;color:#24292f;outline:none;transition:border-color 0.15s,box-shadow 0.15s}'
+      + '.probe-filter-input:focus{border-color:#0969da;box-shadow:0 0 0 3px rgba(9,105,218,0.15)}'
+      + '.probe-filter-input::placeholder{color:#8b949e}'
+      + 'html.dark .probe-filter-input{background:#161b22;color:#c9d1d9;border-color:#30363d}'
+      + 'html.dark .probe-filter-input:focus{border-color:#1f6feb;box-shadow:0 0 0 3px rgba(31,111,235,0.2)}'
+      + '.probe-filter-count{font-size:12px;color:#656d76;white-space:nowrap}';
     var style = document.createElement('style');
     style.textContent = css;
     document.head.appendChild(style);
@@ -578,7 +586,7 @@ window.ProbeRender = (function () {
       var opacity = isUnscored ? 'opacity:0.55;' : '';
       var sepCls = i === unscoredStart ? ' probe-unscored-sep' : '';
       var url = testUrl(tid);
-      t += '<th class="' + sepCls + '" style="padding:6px 8px;vertical-align:bottom;white-space:nowrap;' + opacity + '">';
+      t += '<th data-test-label="' + escapeAttr(shortLabels[i]) + '" class="' + sepCls + '" style="padding:6px 8px;vertical-align:bottom;white-space:nowrap;' + opacity + '">';
       if (url) {
         t += '<a href="' + url + '" style="font-size:10.5px;font-weight:600;letter-spacing:0.3px;color:inherit;text-decoration:none;" title="' + escapeAttr(first.description) + '">' + shortLabels[i];
       } else {
@@ -598,16 +606,16 @@ window.ProbeRender = (function () {
       var isUnscored = first.scored === false;
       var opacity = isUnscored ? 'opacity:0.55;' : '';
       var sepCls = i === unscoredStart ? ' probe-unscored-sep' : '';
-      t += '<td class="' + sepCls + '" style="text-align:center;padding:3px 4px;' + opacity + '">' + pill(EXPECT_BG, first.expected.replace(/ or close/g, '/\u2715').replace(/\//g, '/\u200B')) + '</td>';
+      t += '<td data-test-label="' + escapeAttr(shortLabels[i]) + '" class="' + sepCls + '" style="text-align:center;padding:3px 4px;' + opacity + '">' + pill(EXPECT_BG, first.expected.replace(/ or close/g, '/\u2715').replace(/\//g, '/\u200B')) + '</td>';
     });
     t += '</tr>';
 
     // Server rows
     var serverLangs = {};
     if (ctx.servers) ctx.servers.forEach(function (sv) { serverLangs[sv.name] = sv.language; });
     names.forEach(function (n) {
-      t += '<tr class="probe-server-row" data-server="' + escapeAttr(n) + '">';
       var lang = serverLangs[n];
+      t += '<tr class="probe-server-row" data-server="' + escapeAttr(n) + '" data-language="' + escapeAttr(lang || '') + '">';
       var langSuffix = lang ? ' <span class="probe-lang-suffix" style="font-weight:400;color:#656d76;font-size:10px;">(' + lang + ')</span>' : '';
       var srvUrl = serverUrl(n);
       var srvName = srvUrl
@@ -620,10 +628,10 @@ window.ProbeRender = (function () {
         var opacity = isUnscored ? 'opacity:0.55;' : '';
         var sepCls = i === unscoredStart ? ' probe-unscored-sep' : '';
         if (!r) {
-          t += '<td class="' + sepCls + '" style="text-align:center;padding:3px 4px;' + opacity + '">' + pill(SKIP_BG, '\u2014') + '</td>';
+          t += '<td data-test-label="' + escapeAttr(shortLabels[i]) + '" class="' + sepCls + '" style="text-align:center;padding:3px 4px;' + opacity + '">' + pill(SKIP_BG, '\u2014') + '</td>';
           return;
         }
-        t += '<td class="' + sepCls + '" style="text-align:center;padding:3px 4px;' + opacity + '">' + pill(verdictBg(r.verdict), r.got, r.rawResponse, r.behavioralNote, r.rawRequest) + '</td>';
+        t += '<td data-test-label="' + escapeAttr(shortLabels[i]) + '" class="' + sepCls + '" style="text-align:center;padding:3px 4px;' + opacity + '">' + pill(verdictBg(r.verdict), r.got, r.rawResponse, r.behavioralNote, r.rawRequest) + '</td>';
       });
       t += '</tr>';
     });
@@ -814,7 +822,8 @@ window.ProbeRender = (function () {
       allGroups.push({ key: 'other', label: 'Other', testIds: ungrouped });
     }
 
-    var html = '<button class="probe-toggle-all" data-target="' + targetId + '">Collapse All</button>';
+    var html = '<div class="probe-filter-wrap"><input class="probe-filter-input" type="text" placeholder="Filter by server or test name (comma-separated)\u2026"><span class="probe-filter-count"></span></div>';
+    html += '<button class="probe-toggle-all" data-target="' + targetId + '">Collapse All</button>';
     allGroups.forEach(function (g) {
       var divId = targetId + '-' + g.key;
       html += '<h3 class="probe-group-header" data-group="' + divId + '">'
@@ -828,6 +837,70 @@ window.ProbeRender = (function () {
       renderTable(divId, categoryKey, ctx, g.testIds, catLabel + ' \u2014 ' + g.label);
     });
     wireCollapsible(el, targetId);
+
+    // Filter handler
+    var filterInput = el.querySelector('.probe-filter-input');
+    var filterCount = el.querySelector('.probe-filter-count');
+    if (filterInput) {
+      function matchesAny(text, keywords) {
+        for (var k = 0; k < keywords.length; k++) {
+          if (text.indexOf(keywords[k]) !== -1) return true;
+        }
+        return false;
+      }
+
+      filterInput.addEventListener('input', function () {
+        var raw = filterInput.value.toLowerCase();
+        var keywords = raw.split(',').map(function (s) { return s.trim(); }).filter(Boolean);
+        var rows = el.querySelectorAll('.probe-server-row');
+        var allCols = el.querySelectorAll('[data-test-label]');
+        var thCols = el.querySelectorAll('thead [data-test-label]');
+
+        if (keywords.length === 0) {
+          rows.forEach(function (r) { r.style.display = ''; });
+          allCols.forEach(function (c) { c.style.display = ''; });
+          if (filterCount) filterCount.textContent = '';
+          return;
+        }
+
+        // Count matching servers
+        var serverMatches = 0;
+        rows.forEach(function (r) {
+          var name = (r.getAttribute('data-server') || '').toLowerCase();
+          var lang = (r.getAttribute('data-language') || '').toLowerCase();
+          if (matchesAny(name, keywords) || matchesAny(lang, keywords)) serverMatches++;
+        });
+
+        // Count matching test columns
+        var colMatchSet = {};
+        thCols.forEach(function (th) {
+          var label = th.getAttribute('data-test-label').toLowerCase();
+          if (matchesAny(label, keywords)) colMatchSet[th.getAttribute('data-test-label')] = true;
+        });
+        var colMatches = Object.keys(colMatchSet).length;
+
+        // Apply row filter (skip if no server matches — show all)
+        rows.forEach(function (r) {
+          var name = (r.getAttribute('data-server') || '').toLowerCase();
+          var lang = (r.getAttribute('data-language') || '').toLowerCase();
+          r.style.display = (serverMatches === 0 || matchesAny(name, keywords) || matchesAny(lang, keywords)) ? '' : 'none';
+        });
+
+        // Apply column filter (skip if no column matches — show all)
+        allCols.forEach(function (c) {
+          var label = c.getAttribute('data-test-label');
+          c.style.display = (colMatches === 0 || colMatchSet[label]) ? '' : 'none';
+        });
+
+        // Update count label
+        if (filterCount) {
+          var parts = [];
+          if (serverMatches > 0) parts.push(serverMatches + ' server' + (serverMatches !== 1 ? 's' : ''));
+          if (colMatches > 0) parts.push(colMatches + ' test' + (colMatches !== 1 ? 's' : ''));
+          filterCount.textContent = parts.length > 0 ? parts.join(', ') : 'No matches';
+        }
+      });
+    }
   }
 
   // ── Language filter ────────────────────────────────────────────
