Example 21 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class FilterReplaceRequestHeader method onHttpRequestSend.
@Override
public void onHttpRequestSend(HttpMessage msg) {
if (getPattern() == null || msg.getRequestHeader().isEmpty()) {
return;
}
Matcher matcher = getPattern().matcher(msg.getRequestHeader().toString());
String result = matcher.replaceAll(getReplaceText());
try {
msg.getRequestHeader().setMessage(result);
} catch (HttpMalformedHeaderException e) {
}
}
Also used :
Matcher(java.util.regex.Matcher)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
Example 22 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class CoreAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
ApiResponse result = null;
Session session = Model.getSingleton().getSession();
if (VIEW_HOSTS.equals(name)) {
result = new ApiResponseList(name);
SiteNode root = (SiteNode) session.getSiteTree().getRoot();
@SuppressWarnings("unchecked") Enumeration<SiteNode> en = root.children();
while (en.hasMoreElements()) {
String site = en.nextElement().getNodeName();
if (site.indexOf("//") >= 0) {
site = site.substring(site.indexOf("//") + 2);
}
if (site.indexOf(":") >= 0) {
site = site.substring(0, site.indexOf(":"));
}
((ApiResponseList) result).addItem(new ApiResponseElement("host", site));
}
} else if (VIEW_SITES.equals(name)) {
result = new ApiResponseList(name);
SiteNode root = (SiteNode) session.getSiteTree().getRoot();
@SuppressWarnings("unchecked") Enumeration<SiteNode> en = root.children();
while (en.hasMoreElements()) {
((ApiResponseList) result).addItem(new ApiResponseElement("site", en.nextElement().getNodeName()));
}
} else if (VIEW_URLS.equals(name)) {
result = new ApiResponseList(name);
SiteNode root = (SiteNode) session.getSiteTree().getRoot();
this.getURLs(root, (ApiResponseList) result);
} else if (VIEW_ALERT.equals(name)) {
TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
RecordAlert recordAlert;
try {
recordAlert = tableAlert.read(this.getParam(params, PARAM_ID, -1));
} catch (DatabaseException e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR);
}
if (recordAlert == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
}
result = new ApiResponseElement(alertToSet(new Alert(recordAlert)));
} else if (VIEW_ALERTS.equals(name)) {
final ApiResponseList resultList = new ApiResponseList(name);
processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), new Processor<Alert>() {
@Override
public void process(Alert alert) {
resultList.addItem(alertToSet(alert));
}
});
result = resultList;
} else if (VIEW_NUMBER_OF_ALERTS.equals(name)) {
CounterProcessor<Alert> counter = new CounterProcessor<>();
processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), counter);
result = new ApiResponseElement(name, Integer.toString(counter.getCount()));
} else if (VIEW_MESSAGE.equals(name)) {
TableHistory tableHistory = Model.getSingleton().getDb().getTableHistory();
RecordHistory recordHistory;
try {
recordHistory = tableHistory.read(this.getParam(params, PARAM_ID, -1));
} catch (HttpMalformedHeaderException | DatabaseException e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR);
}
if (recordHistory == null || recordHistory.getHistoryType() == HistoryReference.TYPE_TEMPORARY) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
}
result = new ApiResponseElement(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
} else if (VIEW_MESSAGES.equals(name)) {
final ApiResponseList resultList = new ApiResponseList(name);
processHttpMessages(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), new Processor<RecordHistory>() {
@Override
public void process(RecordHistory recordHistory) {
resultList.addItem(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
}
});
result = resultList;
} else if (VIEW_NUMBER_OF_MESSAGES.equals(name)) {
CounterProcessor<RecordHistory> counter = new CounterProcessor<>();
processHttpMessages(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), counter);
result = new ApiResponseElement(name, Integer.toString(counter.getCount()));
} else if (VIEW_MODE.equals(name)) {
result = new ApiResponseElement(name, Control.getSingleton().getMode().name());
} else if (VIEW_VERSION.equals(name)) {
result = new ApiResponseElement(name, Constant.PROGRAM_VERSION);
} else if (VIEW_EXCLUDED_FROM_PROXY.equals(name)) {
result = new ApiResponseList(name);
List<String> regexs = session.getExcludeFromProxyRegexs();
for (String regex : regexs) {
((ApiResponseList) result).addItem(new ApiResponseElement("regex", regex));
}
} else if (VIEW_HOME_DIRECTORY.equals(name)) {
result = new ApiResponseElement(name, Model.getSingleton().getOptionsParam().getUserDirectory().getAbsolutePath());
} else if (VIEW_SESSION_LOCATION.equals(name)) {
result = new ApiResponseElement(name, session.getFileName());
} else if (VIEW_PROXY_CHAIN_EXCLUDED_DOMAINS.equals(name) || VIEW_OPTION_PROXY_EXCLUDED_DOMAINS.equals(name) || VIEW_OPTION_PROXY_CHAIN_SKIP_NAME.equals(name)) {
result = proxyChainExcludedDomainsToApiResponseList(name, Model.getSingleton().getOptionsParam().getConnectionParam().getProxyExcludedDomains(), false);
} else if (VIEW_OPTION_PROXY_EXCLUDED_DOMAINS_ENABLED.equals(name)) {
result = proxyChainExcludedDomainsToApiResponseList(name, Model.getSingleton().getOptionsParam().getConnectionParam().getProxyExcludedDomains(), true);
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
return result;
}
Also used :
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
List(java.util.List)
ArrayList(java.util.ArrayList)
RecordHistory(org.parosproxy.paros.db.RecordHistory)
SiteNode(org.parosproxy.paros.model.SiteNode)
Enumeration(java.util.Enumeration)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
TableAlert(org.parosproxy.paros.db.TableAlert)
Alert(org.parosproxy.paros.core.scanner.Alert)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
ExtensionAlert(org.zaproxy.zap.extension.alert.ExtensionAlert)
TableAlert(org.parosproxy.paros.db.TableAlert)
TableHistory(org.parosproxy.paros.db.TableHistory)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Session(org.parosproxy.paros.model.Session)
Example 23 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class CoreAPI method processHttpMessages.
private void processHttpMessages(String baseUrl, int start, int count, Processor<RecordHistory> processor) throws ApiException {
try {
TableHistory tableHistory = Model.getSingleton().getDb().getTableHistory();
List<Integer> historyIds = tableHistory.getHistoryIdsExceptOfHistType(Model.getSingleton().getSession().getSessionId(), HistoryReference.TYPE_TEMPORARY);
PaginationConstraintsChecker pcc = new PaginationConstraintsChecker(start, count);
for (Integer id : historyIds) {
RecordHistory recHistory = tableHistory.read(id.intValue());
HttpMessage msg = recHistory.getHttpMessage();
if (msg.getRequestHeader().isImage() || msg.getResponseHeader().isImage()) {
continue;
}
if (baseUrl != null && !msg.getRequestHeader().getURI().toString().startsWith(baseUrl)) {
// Not subordinate to the specified URL
continue;
}
pcc.recordProcessed();
if (!pcc.hasPageStarted()) {
continue;
}
processor.process(recHistory);
if (pcc.hasPageEnded()) {
break;
}
}
} catch (HttpMalformedHeaderException | DatabaseException e) {
logger.error(e.getMessage(), e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR);
}
}
Also used :
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
TableHistory(org.parosproxy.paros.db.TableHistory)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
RecordHistory(org.parosproxy.paros.db.RecordHistory)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Example 24 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class AntiCsrfToken method getMsg.
public HttpMessage getMsg() {
if (msg != null) {
return msg;
}
if (msgReference != null) {
HttpMessage msg = msgReference.get();
if (msg != null) {
return msg;
}
msgReference.clear();
msgReference = null;
}
if (historyReferenceId == -1) {
return null;
}
try {
HttpMessage msg = historyReferenceFactory.createHistoryReference(historyReferenceId).getHttpMessage();
msgReference = new SoftReference<>(msg);
return msg;
} catch (HttpMalformedHeaderException | DatabaseException e) {
LOGGER.error("Failed to load the persisted message: ", e);
}
return null;
}
Also used :
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Example 25 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class ExtensionAntiCSRF method hook.
@Override
public void hook(ExtensionHook extensionHook) {
super.hook(extensionHook);
final ExtensionHistory extensionHistory = (ExtensionHistory) Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.NAME);
if (extensionHistory != null) {
historyReferenceFactory = new HistoryReferenceFactory() {
@Override
public HistoryReference createHistoryReference(int id) {
return extensionHistory.getHistoryReference(id);
}
};
} else {
historyReferenceFactory = new HistoryReferenceFactory() {
@Override
public HistoryReference createHistoryReference(int id) throws HttpMalformedHeaderException, DatabaseException {
return new HistoryReference(id);
}
};
}
AntiCsrfToken.setHistoryReferenceFactory(historyReferenceFactory);
extensionHook.addSessionListener(this);
if (getView() != null) {
extensionHook.getHookView().addOptionPanel(getOptionsAntiCsrfPanel());
extensionHook.getHookMenu().addPopupMenuItem(this.getPopupMenuGenerateForm());
}
ExtensionPassiveScan extensionPassiveScan = (ExtensionPassiveScan) Control.getSingleton().getExtensionLoader().getExtension(ExtensionPassiveScan.NAME);
if (extensionPassiveScan != null) {
extensionPassiveScan.addPassiveScanner(antiCsrfDetectScanner);
}
AntiCsrfAPI api = new AntiCsrfAPI(this);
api.addApiOptions(getParam());
extensionHook.addApiImplementor(api);
}
Also used :
HistoryReference(org.parosproxy.paros.model.HistoryReference)
ExtensionPassiveScan(org.zaproxy.zap.extension.pscan.ExtensionPassiveScan)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
ExtensionHistory(org.parosproxy.paros.extension.history.ExtensionHistory)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Aggregations
HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)28
DatabaseException (org.parosproxy.paros.db.DatabaseException)17
HttpMessage (org.parosproxy.paros.network.HttpMessage)14
RecordHistory (org.parosproxy.paros.db.RecordHistory)7
IOException (java.io.IOException)6
HistoryReference (org.parosproxy.paros.model.HistoryReference)6
Matcher (java.util.regex.Matcher)4
URIException (org.apache.commons.httpclient.URIException)4
TableHistory (org.parosproxy.paros.db.TableHistory)4
Session (org.parosproxy.paros.model.Session)4
PatternSyntaxException (java.util.regex.PatternSyntaxException)3
URI (org.apache.commons.httpclient.URI)3
ApiException (org.zaproxy.zap.extension.api.ApiException)3
HarEntries (edu.umass.cs.benchlab.har.HarEntries)2
HarLog (edu.umass.cs.benchlab.har.HarLog)2
PreparedStatement (java.sql.PreparedStatement)2
ResultSet (java.sql.ResultSet)2
SQLException (java.sql.SQLException)2
ArrayList (java.util.ArrayList)2
List (java.util.List)2
