use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class AlertPanel method getTreeAlert.
/**
* This method initializes treeAlert
*
* @return javax.swing.JTree
*/
JTree getTreeAlert() {
if (treeAlert == null) {
treeAlert = new JTree() {
private static final long serialVersionUID = 1L;
@Override
public Point getPopupLocation(final MouseEvent event) {
if (event != null) {
// Select item on right click
TreePath tp = treeAlert.getPathForLocation(event.getX(), event.getY());
if (tp != null) {
// to be selected
if (!treeAlert.getSelectionModel().isPathSelected(tp)) {
treeAlert.getSelectionModel().setSelectionPath(tp);
}
}
}
return super.getPopupLocation(event);
}
};
treeAlert.setName(ALERT_TREE_PANEL_NAME);
treeAlert.setShowsRootHandles(true);
treeAlert.setBorder(javax.swing.BorderFactory.createEmptyBorder(0, 0, 0, 0));
treeAlert.setComponentPopupMenu(new JPopupMenu() {
private static final long serialVersionUID = 1L;
@Override
public void show(Component invoker, int x, int y) {
final int countSelectedNodes = treeAlert.getSelectionCount();
final ArrayList<HistoryReference> uniqueHistoryReferences = new ArrayList<>(countSelectedNodes);
if (countSelectedNodes > 0) {
SortedSet<Integer> historyReferenceIdsAdded = new TreeSet<>();
for (TreePath path : treeAlert.getSelectionPaths()) {
final AlertNode node = (AlertNode) path.getLastPathComponent();
final Object userObject = node.getUserObject();
if (userObject instanceof Alert) {
HistoryReference historyReference = ((Alert) userObject).getHistoryRef();
if (historyReference != null && !historyReferenceIdsAdded.contains(Integer.valueOf(historyReference.getHistoryId()))) {
historyReferenceIdsAdded.add(Integer.valueOf(historyReference.getHistoryId()));
uniqueHistoryReferences.add(historyReference);
}
}
}
uniqueHistoryReferences.trimToSize();
}
SelectableHistoryReferencesContainer messageContainer = new DefaultSelectableHistoryReferencesContainer(treeAlert.getName(), treeAlert, Collections.<HistoryReference>emptyList(), uniqueHistoryReferences);
view.getPopupMenu().show(messageContainer, x, y);
}
});
treeAlert.addMouseListener(new java.awt.event.MouseAdapter() {
@Override
public void mouseClicked(java.awt.event.MouseEvent e) {
if (SwingUtilities.isLeftMouseButton(e) && e.getClickCount() > 1) {
// Its a double click - edit the alert
editSelectedAlert();
}
}
});
treeAlert.addTreeSelectionListener(new javax.swing.event.TreeSelectionListener() {
@Override
public void valueChanged(javax.swing.event.TreeSelectionEvent e) {
DefaultMutableTreeNode node = (DefaultMutableTreeNode) treeAlert.getLastSelectedPathComponent();
if (node != null && node.getUserObject() != null) {
Object obj = node.getUserObject();
if (obj instanceof Alert) {
Alert alert = (Alert) obj;
setMessage(alert.getMessage(), alert.getEvidence());
treeAlert.requestFocusInWindow();
getAlertViewPanel().displayAlert(alert);
} else {
getAlertViewPanel().clearAlert();
}
} else {
getAlertViewPanel().clearAlert();
}
}
});
treeAlert.setCellRenderer(new AlertTreeCellRenderer());
treeAlert.setExpandsSelectedPaths(true);
}
return treeAlert;
}
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class CoreAPI method handleApiView.
@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
ApiResponse result = null;
Session session = Model.getSingleton().getSession();
if (VIEW_HOSTS.equals(name)) {
result = new ApiResponseList(name);
SiteNode root = (SiteNode) session.getSiteTree().getRoot();
@SuppressWarnings("unchecked") Enumeration<SiteNode> en = root.children();
while (en.hasMoreElements()) {
String site = en.nextElement().getNodeName();
if (site.indexOf("//") >= 0) {
site = site.substring(site.indexOf("//") + 2);
}
if (site.indexOf(":") >= 0) {
site = site.substring(0, site.indexOf(":"));
}
((ApiResponseList) result).addItem(new ApiResponseElement("host", site));
}
} else if (VIEW_SITES.equals(name)) {
result = new ApiResponseList(name);
SiteNode root = (SiteNode) session.getSiteTree().getRoot();
@SuppressWarnings("unchecked") Enumeration<SiteNode> en = root.children();
while (en.hasMoreElements()) {
((ApiResponseList) result).addItem(new ApiResponseElement("site", en.nextElement().getNodeName()));
}
} else if (VIEW_URLS.equals(name)) {
result = new ApiResponseList(name);
SiteNode root = (SiteNode) session.getSiteTree().getRoot();
this.getURLs(root, (ApiResponseList) result);
} else if (VIEW_ALERT.equals(name)) {
TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
RecordAlert recordAlert;
try {
recordAlert = tableAlert.read(this.getParam(params, PARAM_ID, -1));
} catch (DatabaseException e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR);
}
if (recordAlert == null) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
}
result = new ApiResponseElement(alertToSet(new Alert(recordAlert)));
} else if (VIEW_ALERTS.equals(name)) {
final ApiResponseList resultList = new ApiResponseList(name);
processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), new Processor<Alert>() {
@Override
public void process(Alert alert) {
resultList.addItem(alertToSet(alert));
}
});
result = resultList;
} else if (VIEW_NUMBER_OF_ALERTS.equals(name)) {
CounterProcessor<Alert> counter = new CounterProcessor<>();
processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), counter);
result = new ApiResponseElement(name, Integer.toString(counter.getCount()));
} else if (VIEW_MESSAGE.equals(name)) {
TableHistory tableHistory = Model.getSingleton().getDb().getTableHistory();
RecordHistory recordHistory;
try {
recordHistory = tableHistory.read(this.getParam(params, PARAM_ID, -1));
} catch (HttpMalformedHeaderException | DatabaseException e) {
throw new ApiException(ApiException.Type.INTERNAL_ERROR);
}
if (recordHistory == null || recordHistory.getHistoryType() == HistoryReference.TYPE_TEMPORARY) {
throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
}
result = new ApiResponseElement(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
} else if (VIEW_MESSAGES.equals(name)) {
final ApiResponseList resultList = new ApiResponseList(name);
processHttpMessages(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), new Processor<RecordHistory>() {
@Override
public void process(RecordHistory recordHistory) {
resultList.addItem(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
}
});
result = resultList;
} else if (VIEW_NUMBER_OF_MESSAGES.equals(name)) {
CounterProcessor<RecordHistory> counter = new CounterProcessor<>();
processHttpMessages(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), counter);
result = new ApiResponseElement(name, Integer.toString(counter.getCount()));
} else if (VIEW_MODE.equals(name)) {
result = new ApiResponseElement(name, Control.getSingleton().getMode().name());
} else if (VIEW_VERSION.equals(name)) {
result = new ApiResponseElement(name, Constant.PROGRAM_VERSION);
} else if (VIEW_EXCLUDED_FROM_PROXY.equals(name)) {
result = new ApiResponseList(name);
List<String> regexs = session.getExcludeFromProxyRegexs();
for (String regex : regexs) {
((ApiResponseList) result).addItem(new ApiResponseElement("regex", regex));
}
} else if (VIEW_HOME_DIRECTORY.equals(name)) {
result = new ApiResponseElement(name, Model.getSingleton().getOptionsParam().getUserDirectory().getAbsolutePath());
} else if (VIEW_SESSION_LOCATION.equals(name)) {
result = new ApiResponseElement(name, session.getFileName());
} else if (VIEW_PROXY_CHAIN_EXCLUDED_DOMAINS.equals(name) || VIEW_OPTION_PROXY_EXCLUDED_DOMAINS.equals(name) || VIEW_OPTION_PROXY_CHAIN_SKIP_NAME.equals(name)) {
result = proxyChainExcludedDomainsToApiResponseList(name, Model.getSingleton().getOptionsParam().getConnectionParam().getProxyExcludedDomains(), false);
} else if (VIEW_OPTION_PROXY_EXCLUDED_DOMAINS_ENABLED.equals(name)) {
result = proxyChainExcludedDomainsToApiResponseList(name, Model.getSingleton().getOptionsParam().getConnectionParam().getProxyExcludedDomains(), true);
} else {
throw new ApiException(ApiException.Type.BAD_VIEW);
}
return result;
}
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class PopupMenuShowAlerts method isButtonEnabledForHistoryReference.
@Override
public boolean isButtonEnabledForHistoryReference(HistoryReference href) {
List<Alert> alerts;
if (href.getSiteNode() != null) {
alerts = href.getSiteNode().getAlerts();
} else {
alerts = href.getAlerts();
}
URI hrefURI = href.getURI();
List<PopupMenuShowAlert> alertList = new ArrayList<>(alerts.size());
for (Alert alert : alerts) {
// Just show ones for this node
if (hrefURI != null && !alert.getUri().equals(hrefURI.toString())) {
continue;
}
final PopupMenuShowAlert menuItem = new PopupMenuShowAlert(alert.getName(), alert);
menuItem.setIcon(alert.getIcon());
alertList.add(menuItem);
}
Collections.sort(alertList);
for (PopupMenuShowAlert pmsa : alertList) {
this.add(pmsa);
}
return (alertList.size() > 0);
}
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ExtensionAlert method refreshAlert.
private void refreshAlert(Session session) throws DatabaseException {
if (Constant.isLowMemoryOptionSet()) {
return;
}
SiteMap siteTree = this.getModel().getSession().getSiteTree();
TableAlert tableAlert = getModel().getDb().getTableAlert();
// TODO this doesnt work, but should be used when its fixed :/
//Vector<Integer> v = tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
Vector<Integer> v = tableAlert.getAlertList();
final ExtensionHistory extensionHistory = (ExtensionHistory) Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.NAME);
for (int i = 0; i < v.size(); i++) {
int alertId = v.get(i).intValue();
RecordAlert recAlert = tableAlert.read(alertId);
int historyId = recAlert.getHistoryId();
HistoryReference historyReference = null;
if (extensionHistory != null) {
historyReference = extensionHistory.getHistoryReference(historyId);
}
if (historyReference == null) {
historyReference = this.hrefs.get(Integer.valueOf(historyId));
}
Alert alert;
if (historyReference != null) {
alert = new Alert(recAlert, historyReference);
} else {
alert = new Alert(recAlert);
}
historyReference = alert.getHistoryRef();
if (historyReference != null) {
// The ref can be null if hrefs are purged
addAlertToTree(alert);
Integer key = Integer.valueOf(historyId);
if (!hrefs.containsKey(key)) {
this.hrefs.put(key, alert.getHistoryRef());
}
}
}
siteTree.nodeStructureChanged((SiteNode) siteTree.getRoot());
}
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ExtensionAlert method getXml.
@Override
public String getXml(SiteNode site) {
StringBuilder xml = new StringBuilder();
xml.append("<alerts>");
List<Alert> alerts = site.getAlerts();
SortedSet<String> handledAlerts = new TreeSet<String>();
for (int i = 0; i < alerts.size(); i++) {
Alert alert = alerts.get(i);
if (alert.getConfidence() != Alert.CONFIDENCE_FALSE_POSITIVE) {
if (this.getAlertParam().isMergeRelatedIssues()) {
String fingerprint = alertFingerprint(alert);
if (handledAlerts.add(fingerprint)) {
// Its a new one
// Build up the full set of details
StringBuilder sb = new StringBuilder();
sb.append(" <instances>\n");
int count = 0;
for (int j = i; j < alerts.size(); j++) {
// Deliberately include i!
Alert alert2 = alerts.get(j);
if (fingerprint.equals(alertFingerprint(alert2))) {
if (this.getAlertParam().getMaximumInstances() == 0 || count < this.getAlertParam().getMaximumInstances()) {
sb.append(" <instance>\n");
sb.append(alert2.getUrlParamXML());
sb.append(" </instance>\n");
}
count++;
}
}
sb.append(" </instances>\n");
sb.append(" <count>");
sb.append(count);
sb.append("</count>\n");
xml.append(alert.toPluginXML(sb.toString()));
}
} else {
String urlParamXML = alert.getUrlParamXML();
xml.append(alert.toPluginXML(urlParamXML));
}
}
}
xml.append("</alerts>");
return xml.toString();
}
Aggregations