Example 6 with ConversionException
use of org.apache.commons.configuration.ConversionException in project zaproxy by zaproxy.
the class HttpSessionsParam method parse.
@Override
protected void parse() {
// Parse the default token names
try {
List<HierarchicalConfiguration> fields = ((HierarchicalConfiguration) getConfig()).configurationsAt(ALL_DEFAULT_TOKENS_KEY);
this.defaultTokens = new ArrayList<>(fields.size());
this.defaultTokensEnabled = new ArrayList<>(fields.size());
List<String> tempTokensNames = new ArrayList<>(fields.size());
for (HierarchicalConfiguration sub : fields) {
String name = sub.getString(TOKEN_NAME_KEY, "");
if (!"".equals(name) && !tempTokensNames.contains(name)) {
boolean enabled = sub.getBoolean(TOKEN_ENABLED_KEY, true);
this.defaultTokens.add(new HttpSessionToken(name, enabled));
tempTokensNames.add(name);
if (enabled) {
this.defaultTokensEnabled.add(name);
}
}
}
} catch (ConversionException e) {
this.defaultTokens = new ArrayList<>(DEFAULT_TOKENS.length);
log.error("Error while parsing config file: " + e.getMessage(), e);
}
if (this.defaultTokens.size() == 0) {
for (String tokenName : DEFAULT_TOKENS) {
this.defaultTokens.add(new HttpSessionToken(tokenName));
this.defaultTokensEnabled.add(tokenName);
}
}
try {
this.enabledProxyOnly = getConfig().getBoolean(PROXY_ONLY_KEY, false);
} catch (ConversionException e) {
log.error("Error while parsing config file: " + e.getMessage(), e);
}
try {
this.confirmRemove = getConfig().getBoolean(CONFIRM_REMOVE_TOKEN_KEY, true);
} catch (ConversionException e) {
log.error("Error while parsing config file: " + e.getMessage(), e);
}
}
Also used :
ConversionException(org.apache.commons.configuration.ConversionException)
ArrayList(java.util.ArrayList)
HierarchicalConfiguration(org.apache.commons.configuration.HierarchicalConfiguration)
Example 7 with ConversionException
use of org.apache.commons.configuration.ConversionException in project zaproxy by zaproxy.
the class KeyboardParam method parse.
@Override
protected void parse() {
try {
List<HierarchicalConfiguration> fields = ((HierarchicalConfiguration) getConfig()).configurationsAt(ALL_SHORTCUTS_KEY);
map = new HashMap<String, KeyStroke>(fields.size());
for (HierarchicalConfiguration sub : fields) {
String name = sub.getString(MENU_ITEM_KEY, "");
if (name.length() > 0) {
map.put(name, KeyStroke.getKeyStroke(sub.getInt(KEYCODE_KEY, 0), sub.getInt(MODIFIERS_KEY, 0), false));
}
}
} catch (ConversionException e) {
logger.error("Error while loading keyboard shortcuts " + e.getMessage(), e);
}
}
Also used :
ConversionException(org.apache.commons.configuration.ConversionException)
KeyStroke(javax.swing.KeyStroke)
HierarchicalConfiguration(org.apache.commons.configuration.HierarchicalConfiguration)
Example 8 with ConversionException
use of org.apache.commons.configuration.ConversionException in project zaproxy by zaproxy.
the class ScannerParam method parse.
@Override
protected void parse() {
removeOldOptions();
try {
this.threadPerHost = getConfig().getInt(THREAD_PER_HOST, 1);
} catch (Exception e) {
}
try {
this.hostPerScan = getConfig().getInt(HOST_PER_SCAN, 2);
} catch (Exception e) {
}
try {
this.delayInMs = getConfig().getInt(DELAY_IN_MS, 0);
} catch (Exception e) {
}
try {
this.maxResultsToList = getConfig().getInt(MAX_RESULTS_LIST, 1000);
} catch (Exception e) {
}
try {
this.maxRuleDurationInMins = getConfig().getInt(MAX_RULE_DURATION_IN_MINS, 0);
} catch (Exception e) {
}
try {
this.maxScanDurationInMins = getConfig().getInt(MAX_SCAN_DURATION_IN_MINS, 0);
} catch (Exception e) {
}
try {
this.maxScansInUI = getConfig().getInt(MAX_SCANS_IN_UI, 5);
} catch (Exception e) {
}
try {
this.injectPluginIdInHeader = getConfig().getBoolean(INJECT_PLUGIN_ID_IN_HEADER, false);
} catch (Exception e) {
}
try {
this.handleAntiCSRFTokens = getConfig().getBoolean(HANDLE_ANTI_CSRF_TOKENS, false);
} catch (Exception e) {
}
try {
this.promptInAttackMode = getConfig().getBoolean(PROMPT_IN_ATTACK_MODE, true);
} catch (Exception e) {
}
try {
this.rescanInAttackMode = getConfig().getBoolean(RESCAN_IN_ATTACK_MODE, true);
} catch (Exception e) {
}
try {
this.promptToClearFinishedScans = getConfig().getBoolean(PROMPT_TO_CLEAR_FINISHED, true);
} catch (Exception e) {
}
try {
this.showAdvancedDialog = getConfig().getBoolean(SHOW_ADV_DIALOG, false);
} catch (Exception e) {
}
try {
this.defaultPolicy = getConfig().getString(DEFAULT_POLICY, null);
} catch (Exception e) {
}
try {
this.attackPolicy = getConfig().getString(ATTACK_POLICY, null);
} catch (Exception e) {
}
try {
this.targetParamsInjectable = getConfig().getInt(TARGET_INJECTABLE, TARGET_INJECTABLE_DEFAULT);
} catch (Exception e) {
}
try {
this.targetParamsEnabledRPC = getConfig().getInt(TARGET_ENABLED_RPC, TARGET_ENABLED_RPC_DEFAULT);
} catch (Exception e) {
}
try {
this.allowAttackOnStart = getConfig().getBoolean(ALLOW_ATTACK_ON_START, false);
} catch (Exception e) {
}
try {
this.maxChartTimeInMins = getConfig().getInt(MAX_CHART_TIME_IN_MINS, DEFAULT_MAX_CHART_TIME_IN_MINS);
} catch (Exception e) {
}
try {
this.scanHeadersAllRequests = getConfig().getBoolean(SCAN_HEADERS_ALL_REQUESTS, false);
} catch (Exception e) {
}
// ------------------------------------------------
try {
List<HierarchicalConfiguration> fields = ((HierarchicalConfiguration) getConfig()).configurationsAt(EXCLUDED_PARAMS_KEY);
this.excludedParams.clear();
this.excludedParamsMap.clear();
List<String> tempParamNames = new ArrayList<>(fields.size());
for (HierarchicalConfiguration sub : fields) {
String name = sub.getString(EXCLUDED_PARAM_NAME, "");
if (!name.isEmpty() && !tempParamNames.contains(name)) {
tempParamNames.add(name);
addScannerParamFilter(name, sub.getInt(EXCLUDED_PARAM_TYPE, NameValuePair.TYPE_UNDEFINED), sub.getString(EXCLUDED_PARAM_URL));
}
}
} catch (ConversionException e) {
logger.error("Error while loading the exluded parameter list: " + e.getMessage(), e);
}
// If the list is null probably we've to use defaults!!!
if (this.excludedParams.isEmpty()) {
// OK let's set the Default parameter exclusion list
// Evaluate the possibility to load it from an external file...
addScannerParamFilter("(?i)ASP.NET_SessionId", NameValuePair.TYPE_UNDEFINED, "*");
addScannerParamFilter("(?i)ASPSESSIONID.*", NameValuePair.TYPE_UNDEFINED, "*");
addScannerParamFilter("(?i)PHPSESSID", NameValuePair.TYPE_UNDEFINED, "*");
addScannerParamFilter("(?i)SITESERVER", NameValuePair.TYPE_UNDEFINED, "*");
addScannerParamFilter("(?i)sessid", NameValuePair.TYPE_UNDEFINED, "*");
addScannerParamFilter("__VIEWSTATE", NameValuePair.TYPE_POST_DATA, "*");
addScannerParamFilter("__EVENTVALIDATION", NameValuePair.TYPE_POST_DATA, "*");
addScannerParamFilter("__EVENTTARGET", NameValuePair.TYPE_POST_DATA, "*");
addScannerParamFilter("__EVENTARGUMENT", NameValuePair.TYPE_POST_DATA, "*");
addScannerParamFilter("(?i)jsessionid", NameValuePair.TYPE_UNDEFINED, "*");
addScannerParamFilter("cfid", NameValuePair.TYPE_COOKIE, "*");
addScannerParamFilter("cftoken", NameValuePair.TYPE_COOKIE, "*");
}
}
Also used :
ConversionException(org.apache.commons.configuration.ConversionException)
ArrayList(java.util.ArrayList)
HierarchicalConfiguration(org.apache.commons.configuration.HierarchicalConfiguration)
ConversionException(org.apache.commons.configuration.ConversionException)
Example 9 with ConversionException
use of org.apache.commons.configuration.ConversionException in project zaproxy by zaproxy.
the class GlobalExcludeURLParam method parse.
@Override
protected void parse() {
try {
List<HierarchicalConfiguration> fields = ((HierarchicalConfiguration) getConfig()).configurationsAt(ALL_TOKENS_KEY);
this.tokens = new ArrayList<>(fields.size());
enabledTokensNames = new ArrayList<>(fields.size());
List<String> tempTokensNames = new ArrayList<>(fields.size());
for (HierarchicalConfiguration sub : fields) {
String regex = sub.getString(TOKEN_REGEX_KEY, "");
if (!"".equals(regex) && !tempTokensNames.contains(regex)) {
boolean enabled = sub.getBoolean(TOKEN_ENABLED_KEY, true);
String desc = sub.getString(TOKEN_DESCRIPTION_KEY, "");
this.tokens.add(new GlobalExcludeURLParamToken(regex, desc, enabled));
tempTokensNames.add(regex);
if (enabled) {
enabledTokensNames.add(regex);
}
}
}
} catch (ConversionException e) {
logger.error("Error while loading Global Exclude URL tokens: " + e.getMessage(), e);
this.tokens = new ArrayList<>(defaultList.size());
this.enabledTokensNames = new ArrayList<>(defaultList.size());
}
if (this.tokens.size() == 0) {
for (GlobalExcludeURLParamToken geu : defaultList) {
this.tokens.add(new GlobalExcludeURLParamToken(geu));
}
}
try {
this.confirmRemoveToken = getConfig().getBoolean(CONFIRM_REMOVE_TOKEN_KEY, true);
} catch (ConversionException e) {
logger.error("Error while loading the confirm remove token option: " + e.getMessage(), e);
}
}
Also used :
ConversionException(org.apache.commons.configuration.ConversionException)
ArrayList(java.util.ArrayList)
HierarchicalConfiguration(org.apache.commons.configuration.HierarchicalConfiguration)
Aggregations
ConversionException (org.apache.commons.configuration.ConversionException)9
HierarchicalConfiguration (org.apache.commons.configuration.HierarchicalConfiguration)7
ArrayList (java.util.ArrayList)6
ConfigurationException (org.apache.commons.configuration.ConfigurationException)2
ZapXmlConfiguration (org.zaproxy.zap.utils.ZapXmlConfiguration)2
File (java.io.File)1
IOException (java.io.IOException)1
InvalidParameterException (java.security.InvalidParameterException)1
ParseException (java.text.ParseException)1
HashMap (java.util.HashMap)1
Locale (java.util.Locale)1
NoSuchElementException (java.util.NoSuchElementException)1
KeyStroke (javax.swing.KeyStroke)1
XMLConfiguration (org.apache.commons.configuration.XMLConfiguration)1
FileCopier (org.parosproxy.paros.model.FileCopier)1
RegexAutoTagScanner (org.zaproxy.zap.extension.pscan.scanner.RegexAutoTagScanner)1
I18N (org.zaproxy.zap.utils.I18N)1
