Example 1 with HistoryFilter
use of org.parosproxy.paros.extension.history.HistoryFilter in project zaproxy by zaproxy.
the class ExtensionAntiCSRF method sessionChanged.
@Override
public void sessionChanged(Session session) {
if (session == null) {
// Closedown
return;
}
synchronized (valueToToken) {
valueToToken.clear();
}
// search for tokens...
try {
List<Integer> list = getModel().getDb().getTableHistory().getHistoryIdsOfHistType(session.getSessionId(), HistoryReference.TYPE_PROXIED, HistoryReference.TYPE_ZAP_USER);
HistoryFilter filter = new HistoryFilter();
filter.setTags(Arrays.asList(new String[] { TAG }));
AntiCsrfDetectScanner antiCsrfDetectScanner = new AntiCsrfDetectScanner(this);
for (Integer i : list) {
HistoryReference hRef = historyReferenceFactory.createHistoryReference(i.intValue());
if (filter.matches(hRef)) {
HttpMessage msg = hRef.getHttpMessage();
String response = msg.getResponseHeader().toString() + msg.getResponseBody().toString();
Source src = new Source(response);
if (msg.isResponseFromTargetHost()) {
antiCsrfDetectScanner.scanHttpResponseReceive(msg, hRef.getHistoryId(), src);
}
}
}
} catch (DatabaseException | HttpMalformedHeaderException e) {
log.error(e.getMessage(), e);
}
}
Also used :
HistoryFilter(org.parosproxy.paros.extension.history.HistoryFilter)
HistoryReference(org.parosproxy.paros.model.HistoryReference)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Source(net.htmlparser.jericho.Source)
Aggregations
Source (net.htmlparser.jericho.Source)1
DatabaseException (org.parosproxy.paros.db.DatabaseException)1
HistoryFilter (org.parosproxy.paros.extension.history.HistoryFilter)1
HistoryReference (org.parosproxy.paros.model.HistoryReference)1
HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)1
HttpMessage (org.parosproxy.paros.network.HttpMessage)1
