Example 11 with RecordHistory
use of org.parosproxy.paros.db.RecordHistory in project zaproxy by zaproxy.
the class SqlTableHistory method read.
/* (non-Javadoc)
* @see org.parosproxy.paros.db.TbleHistoryIf#read(int)
*/
@Override
public RecordHistory read(int historyId) throws HttpMalformedHeaderException, DatabaseException {
SqlPreparedStatementWrapper psRead = null;
try {
psRead = DbSQL.getSingleton().getPreparedStatement("history.ps.read");
psRead.getPs().setInt(1, historyId);
psRead.getPs().execute();
RecordHistory result = null;
try (ResultSet rs = psRead.getPs().getResultSet()) {
result = build(rs);
}
return result;
} catch (SQLException e) {
throw new DatabaseException(e);
} finally {
DbSQL.getSingleton().releasePreparedStatement(psRead);
}
}
Also used :
SQLException(java.sql.SQLException)
ResultSet(java.sql.ResultSet)
RecordHistory(org.parosproxy.paros.db.RecordHistory)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Example 12 with RecordHistory
use of org.parosproxy.paros.db.RecordHistory in project zaproxy by zaproxy.
the class SqlTableHistory method build.
private RecordHistory build(ResultSet rs) throws HttpMalformedHeaderException, DatabaseException {
try {
RecordHistory history = null;
try {
if (rs.next()) {
byte[] reqBody;
byte[] resBody;
if (bodiesAsBytes) {
reqBody = rs.getBytes(REQBODY);
resBody = rs.getBytes(RESBODY);
} else {
reqBody = rs.getString(REQBODY).getBytes();
resBody = rs.getString(RESBODY).getBytes();
}
history = new RecordHistory(rs.getInt(HISTORYID), rs.getInt(HISTTYPE), rs.getLong(SESSIONID), rs.getLong(TIMESENTMILLIS), rs.getInt(TIMEELAPSEDMILLIS), rs.getString(REQHEADER), reqBody, rs.getString(RESHEADER), resBody, rs.getString(TAG), // ZAP: Added note
rs.getString(NOTE), rs.getBoolean(RESPONSE_FROM_TARGET_HOST));
}
} finally {
rs.close();
}
return history;
} catch (SQLException e) {
throw new DatabaseException(e);
}
}
Also used :
SQLException(java.sql.SQLException)
RecordHistory(org.parosproxy.paros.db.RecordHistory)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Example 13 with RecordHistory
use of org.parosproxy.paros.db.RecordHistory in project zaproxy by zaproxy.
the class SqlTableHistory method getHistoryCache.
/* (non-Javadoc)
* @see org.parosproxy.paros.db.TbleHistoryIf#getHistoryCache(org.parosproxy.paros.model.HistoryReference, org.parosproxy.paros.network.HttpMessage)
*/
@Override
public RecordHistory getHistoryCache(HistoryReference ref, HttpMessage reqMsg) throws DatabaseException, HttpMalformedHeaderException {
try {
// get the cache from provided reference.
// naturally, the obtained cache should be AFTER AND NEARBY to the given reference.
// - historyId up to historyId+200
// - match sessionId
// - history type can be MANUEL or hidden (hidden is used by images not explicitly stored in history)
// - match URI
PreparedStatement psReadCache = null;
// TODO
if (isExistStatusCode) {
// psReadCache = getConnection().prepareStatement("SELECT TOP 1 * FROM HISTORY WHERE URI = ? AND METHOD = ? AND REQBODY = ? AND " + HISTORYID + " >= ? AND " + HISTORYID + " <= ? AND SESSIONID = ? AND (HISTTYPE = " + HistoryReference.TYPE_MANUAL + " OR HISTTYPE = " + HistoryReference.TYPE_HIDDEN + ") AND STATUSCODE != 304");
psReadCache = getConnection().prepareStatement("SELECT TOP 1 * FROM HISTORY WHERE URI = ? AND METHOD = ? AND REQBODY = ? AND " + HISTORYID + " >= ? AND " + HISTORYID + " <= ? AND SESSIONID = ? AND STATUSCODE != 304");
} else {
// psReadCache = getConnection().prepareStatement("SELECT * FROM HISTORY WHERE URI = ? AND METHOD = ? AND REQBODY = ? AND " + HISTORYID + " >= ? AND " + HISTORYID + " <= ? AND SESSIONID = ? AND (HISTTYPE = " + HistoryReference.TYPE_MANUAL + " OR HISTTYPE = " + HistoryReference.TYPE_HIDDEN + ")");
psReadCache = getConnection().prepareStatement("SELECT * FROM HISTORY WHERE URI = ? AND METHOD = ? AND REQBODY = ? AND " + HISTORYID + " >= ? AND " + HISTORYID + " <= ? AND SESSIONID = ?)");
}
psReadCache.setString(1, reqMsg.getRequestHeader().getURI().toString());
psReadCache.setString(2, reqMsg.getRequestHeader().getMethod());
if (bodiesAsBytes) {
psReadCache.setBytes(3, reqMsg.getRequestBody().getBytes());
} else {
psReadCache.setString(3, new String(reqMsg.getRequestBody().getBytes()));
}
psReadCache.setInt(4, ref.getHistoryId());
psReadCache.setInt(5, ref.getHistoryId() + 200);
psReadCache.setLong(6, ref.getSessionId());
ResultSet rs = psReadCache.executeQuery();
RecordHistory rec = null;
try {
do {
rec = build(rs);
// and the result should NOT be NOT_MODIFIED for rendering by browser
if (rec != null && rec.getHttpMessage().equals(reqMsg) && rec.getHttpMessage().getResponseHeader().getStatusCode() != HttpStatusCode.NOT_MODIFIED) {
return rec;
}
} while (rec != null);
} finally {
try {
rs.close();
psReadCache.close();
} catch (Exception e) {
// ZAP: Log exceptions
log.warn(e.getMessage(), e);
}
}
// TODO
if (isExistStatusCode) {
psReadCache = getConnection().prepareStatement("SELECT TOP 1 * FROM HISTORY WHERE URI = ? AND METHOD = ? AND REQBODY = ? AND SESSIONID = ? AND STATUSCODE != 304");
} else {
psReadCache = getConnection().prepareStatement("SELECT * FROM HISTORY WHERE URI = ? AND METHOD = ? AND REQBODY = ? AND SESSIONID = ?");
}
psReadCache.setString(1, reqMsg.getRequestHeader().getURI().toString());
psReadCache.setString(2, reqMsg.getRequestHeader().getMethod());
if (bodiesAsBytes) {
psReadCache.setBytes(3, reqMsg.getRequestBody().getBytes());
} else {
psReadCache.setString(3, new String(reqMsg.getRequestBody().getBytes()));
}
psReadCache.setLong(4, ref.getSessionId());
rs = psReadCache.executeQuery();
rec = null;
try {
do {
rec = build(rs);
if (rec != null && rec.getHttpMessage().equals(reqMsg) && rec.getHttpMessage().getResponseHeader().getStatusCode() != HttpStatusCode.NOT_MODIFIED) {
return rec;
}
} while (rec != null);
} finally {
try {
rs.close();
psReadCache.close();
} catch (Exception e) {
// ZAP: Log exceptions
log.warn(e.getMessage(), e);
}
}
return null;
} catch (SQLException e) {
throw new DatabaseException(e);
}
}
Also used :
SQLException(java.sql.SQLException)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
RecordHistory(org.parosproxy.paros.db.RecordHistory)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
SQLException(java.sql.SQLException)
Example 14 with RecordHistory
use of org.parosproxy.paros.db.RecordHistory in project zaproxy by zaproxy.
the class SearchAPI method handleApiView.
@Override
public ApiResponse handleApiView(final String name, JSONObject params) throws ApiException {
final ApiResponseList result = new ApiResponseList(name);
ExtensionSearch.Type searchType;
SearchViewResponseType responseType;
switch(name) {
case VIEW_URLS_BY_URL_REGEX:
searchType = ExtensionSearch.Type.URL;
responseType = SearchViewResponseType.URL;
break;
case VIEW_MESSAGES_BY_URL_REGEX:
searchType = ExtensionSearch.Type.URL;
responseType = SearchViewResponseType.MESSAGE;
break;
case VIEW_URLS_BY_REQUEST_REGEX:
searchType = ExtensionSearch.Type.Request;
responseType = SearchViewResponseType.URL;
break;
case VIEW_MESSAGES_BY_REQUEST_REGEX:
searchType = ExtensionSearch.Type.Request;
responseType = SearchViewResponseType.MESSAGE;
break;
case VIEW_URLS_BY_RESPONSE_REGEX:
searchType = ExtensionSearch.Type.Response;
responseType = SearchViewResponseType.URL;
break;
case VIEW_MESSAGES_BY_RESPONSE_REGEX:
searchType = ExtensionSearch.Type.Response;
responseType = SearchViewResponseType.MESSAGE;
break;
case VIEW_URLS_BY_HEADER_REGEX:
searchType = ExtensionSearch.Type.Header;
responseType = SearchViewResponseType.URL;
break;
case VIEW_MESSAGES_BY_HEADER_REGEX:
searchType = ExtensionSearch.Type.Header;
responseType = SearchViewResponseType.MESSAGE;
break;
default:
throw new ApiException(ApiException.Type.BAD_VIEW);
}
validateRegex(params);
try {
SearchResultsProcessor processor;
if (SearchViewResponseType.MESSAGE == responseType) {
processor = new SearchResultsProcessor() {
@Override
public void processRecordHistory(RecordHistory recordHistory) {
result.addItem(ApiResponseConversionUtils.httpMessageToSet(recordHistory.getHistoryId(), recordHistory.getHistoryType(), recordHistory.getHttpMessage()));
}
};
} else {
processor = new SearchResultsProcessor() {
@Override
public void processRecordHistory(RecordHistory recordHistory) {
final HttpMessage msg = recordHistory.getHttpMessage();
Map<String, String> map = new HashMap<>();
map.put("id", String.valueOf(recordHistory.getHistoryId()));
map.put("type", String.valueOf(recordHistory.getHistoryType()));
map.put("method", msg.getRequestHeader().getMethod());
map.put("url", msg.getRequestHeader().getURI().toString());
map.put("code", String.valueOf(msg.getResponseHeader().getStatusCode()));
map.put("time", String.valueOf(msg.getTimeElapsedMillis()));
result.addItem(new ApiResponseSet<String>(name, map));
}
};
}
search(params, searchType, processor);
} catch (Exception e) {
log.error(e.getMessage(), e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
}
return result;
}
Also used :
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
PatternSyntaxException(java.util.regex.PatternSyntaxException)
ApiException(org.zaproxy.zap.extension.api.ApiException)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
ApiResponseSet(org.zaproxy.zap.extension.api.ApiResponseSet)
ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
RecordHistory(org.parosproxy.paros.db.RecordHistory)
HashMap(java.util.HashMap)
Map(java.util.Map)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Example 15 with RecordHistory
use of org.parosproxy.paros.db.RecordHistory in project zaproxy by zaproxy.
the class SearchAPI method handleApiOther.
@Override
public HttpMessage handleApiOther(HttpMessage msg, String name, JSONObject params) throws ApiException {
byte[] responseBody = {};
ExtensionSearch.Type searchType;
switch(name) {
case OTHER_HAR_BY_URL_REGEX:
searchType = ExtensionSearch.Type.URL;
break;
case OTHER_HAR_BY_REQUEST_REGEX:
searchType = ExtensionSearch.Type.Request;
break;
case OTHER_HAR_BY_RESPONSE_REGEX:
searchType = ExtensionSearch.Type.Response;
break;
case OTHER_HAR_BY_HEADER_REGEX:
searchType = ExtensionSearch.Type.Header;
break;
default:
throw new ApiException(ApiException.Type.BAD_OTHER);
}
validateRegex(params);
try {
final HarEntries entries = new HarEntries();
search(params, searchType, new SearchResultsProcessor() {
@Override
public void processRecordHistory(RecordHistory recordHistory) {
entries.addEntry(HarUtils.createHarEntry(recordHistory.getHttpMessage()));
}
});
HarLog harLog = HarUtils.createZapHarLog();
harLog.setEntries(entries);
responseBody = HarUtils.harLogToByteArray(harLog);
} catch (Exception e) {
log.error(e.getMessage(), e);
ApiException apiException = new ApiException(ApiException.Type.INTERNAL_ERROR, e.getMessage());
responseBody = apiException.toString(API.Format.JSON, incErrorDetails()).getBytes(StandardCharsets.UTF_8);
}
try {
msg.setResponseHeader(API.getDefaultResponseHeader("application/json; charset=UTF-8", responseBody.length));
} catch (HttpMalformedHeaderException e) {
log.error("Failed to create response header: " + e.getMessage(), e);
}
msg.setResponseBody(responseBody);
return msg;
}
Also used :
HarEntries(edu.umass.cs.benchlab.har.HarEntries)
HarLog(edu.umass.cs.benchlab.har.HarLog)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
RecordHistory(org.parosproxy.paros.db.RecordHistory)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
PatternSyntaxException(java.util.regex.PatternSyntaxException)
ApiException(org.zaproxy.zap.extension.api.ApiException)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
ApiException(org.zaproxy.zap.extension.api.ApiException)
Aggregations
RecordHistory (org.parosproxy.paros.db.RecordHistory)15
DatabaseException (org.parosproxy.paros.db.DatabaseException)11
HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)9
SQLException (java.sql.SQLException)5
ResultSet (java.sql.ResultSet)4
TableHistory (org.parosproxy.paros.db.TableHistory)4
HttpMessage (org.parosproxy.paros.network.HttpMessage)4
PatternSyntaxException (java.util.regex.PatternSyntaxException)3
ApiException (org.zaproxy.zap.extension.api.ApiException)3
HarEntries (edu.umass.cs.benchlab.har.HarEntries)2
HarLog (edu.umass.cs.benchlab.har.HarLog)2
IOException (java.io.IOException)2
PreparedStatement (java.sql.PreparedStatement)2
ArrayList (java.util.ArrayList)2
HashMap (java.util.HashMap)2
List (java.util.List)2
Session (org.parosproxy.paros.model.Session)2
ApiResponseList (org.zaproxy.zap.extension.api.ApiResponseList)2
ApiResponseSet (org.zaproxy.zap.extension.api.ApiResponseSet)2
StringWriter (java.io.StringWriter)1
