Example 21 with HistoryReference
use of org.parosproxy.paros.model.HistoryReference in project zaproxy by zaproxy.
the class PopupMenuHistoryReference method isEnableForComponent.
@Override
public boolean isEnableForComponent(Component invoker) {
boolean display = false;
if (invoker.getName() == null) {
return false;
}
if (invoker.getName().equals("History Table")) {
this.lastInvoker = Invoker.history;
this.hrefsTableInvoker = (HistoryReferencesTable) invoker;
this.setEnabled(isEnabledForHistoryReferences(getSelectedHistoryReferences()));
display = true;
} else if (invoker instanceof JTree && invoker.getName().equals("treeSite")) {
this.lastInvoker = Invoker.sites;
this.treeInvoker = (JTree) invoker;
this.setEnabled(isEnabledForHistoryReferences(getSelectedHistoryReferences()));
display = true;
} else if (invoker.getName().equals("treeAlert")) {
this.lastInvoker = Invoker.alerts;
this.treeInvoker = (JTree) invoker;
JTree tree = (JTree) invoker;
if (tree.getLastSelectedPathComponent() != null) {
if (tree.getSelectionCount() > 1) {
// Note - the Alerts tree only supports single selections
this.setEnabled(false);
} else {
DefaultMutableTreeNode node = (DefaultMutableTreeNode) tree.getLastSelectedPathComponent();
if (!node.isRoot() && node.getUserObject() != null) {
this.setEnabled(isEnabledForHistoryReference(getSelectedHistoryReferences().get(0)));
} else {
this.setEnabled(false);
}
}
}
display = true;
} else if (invoker.getName().equals(SearchPanel.HTTP_MESSAGE_CONTAINER_NAME)) {
this.lastInvoker = Invoker.search;
this.hrefsTableInvoker = (HistoryReferencesTable) invoker;
this.setEnabled(isEnabledForHistoryReferences(getSelectedHistoryReferences()));
display = true;
} else if (invoker.getName().equals(ActiveScanPanel.MESSAGE_CONTAINER_NAME)) {
this.lastInvoker = Invoker.ascan;
this.hrefsTableInvoker = (HistoryReferencesTable) invoker;
this.setEnabled(isEnabledForHistoryReferences(getSelectedHistoryReferences()));
display = true;
} else if (invoker.getName().equals("HttpFuzzerResultsContentPanel")) {
this.lastInvoker = Invoker.fuzz;
this.hrefsTableInvoker = (HistoryReferencesTable) invoker;
this.setEnabled(isEnabledForHistoryReferences(getSelectedHistoryReferences()));
display = true;
} else if (invoker.getName().equals("ForcedBrowseMessageContainer")) {
this.lastInvoker = Invoker.bruteforce;
this.hrefsTableInvoker = (HistoryReferencesTable) invoker;
this.setEnabled(isEnabledForHistoryReferences(getSelectedHistoryReferences()));
display = true;
} else if (invoker instanceof HistoryReferencesTable) {
this.lastInvoker = Invoker.hreftable;
this.hrefTableInvoker = (HistoryReferencesTable) invoker;
this.setEnabled(isEnabledForHistoryReferences(getSelectedHistoryReferences()));
display = true;
} else {
// Only enable this while testing
/*
log.debug("Popup " + this.getName() +
" not enabled for panel " + invoker.getName() +
" class " + invoker.getClass().getName());
*/
}
if (display) {
if (this.isEnabled() && !this.isSafe() && Control.getSingleton().getMode().equals(Mode.protect)) {
boolean inScope = true;
Session session = Model.getSingleton().getSession();
for (HistoryReference href : getSelectedHistoryReferences()) {
if (!session.isInScope(href)) {
inScope = false;
break;
}
}
if (!inScope) {
// Not safe and not in scope while in protected mode
this.setEnabled(false);
}
}
return this.isEnableForInvoker(lastInvoker);
}
return false;
}
Also used :
HistoryReference(org.parosproxy.paros.model.HistoryReference)
JTree(javax.swing.JTree)
DefaultMutableTreeNode(javax.swing.tree.DefaultMutableTreeNode)
HistoryReferencesTable(org.zaproxy.zap.view.table.HistoryReferencesTable)
Session(org.parosproxy.paros.model.Session)
Example 22 with HistoryReference
use of org.parosproxy.paros.model.HistoryReference in project zaproxy by zaproxy.
the class AlertPanel method getTreeAlert.
/**
* This method initializes treeAlert
*
* @return javax.swing.JTree
*/
JTree getTreeAlert() {
if (treeAlert == null) {
treeAlert = new JTree() {
private static final long serialVersionUID = 1L;
@Override
public Point getPopupLocation(final MouseEvent event) {
if (event != null) {
// Select item on right click
TreePath tp = treeAlert.getPathForLocation(event.getX(), event.getY());
if (tp != null) {
// to be selected
if (!treeAlert.getSelectionModel().isPathSelected(tp)) {
treeAlert.getSelectionModel().setSelectionPath(tp);
}
}
}
return super.getPopupLocation(event);
}
};
treeAlert.setName(ALERT_TREE_PANEL_NAME);
treeAlert.setShowsRootHandles(true);
treeAlert.setBorder(javax.swing.BorderFactory.createEmptyBorder(0, 0, 0, 0));
treeAlert.setComponentPopupMenu(new JPopupMenu() {
private static final long serialVersionUID = 1L;
@Override
public void show(Component invoker, int x, int y) {
final int countSelectedNodes = treeAlert.getSelectionCount();
final ArrayList<HistoryReference> uniqueHistoryReferences = new ArrayList<>(countSelectedNodes);
if (countSelectedNodes > 0) {
SortedSet<Integer> historyReferenceIdsAdded = new TreeSet<>();
for (TreePath path : treeAlert.getSelectionPaths()) {
final AlertNode node = (AlertNode) path.getLastPathComponent();
final Object userObject = node.getUserObject();
if (userObject instanceof Alert) {
HistoryReference historyReference = ((Alert) userObject).getHistoryRef();
if (historyReference != null && !historyReferenceIdsAdded.contains(Integer.valueOf(historyReference.getHistoryId()))) {
historyReferenceIdsAdded.add(Integer.valueOf(historyReference.getHistoryId()));
uniqueHistoryReferences.add(historyReference);
}
}
}
uniqueHistoryReferences.trimToSize();
}
SelectableHistoryReferencesContainer messageContainer = new DefaultSelectableHistoryReferencesContainer(treeAlert.getName(), treeAlert, Collections.<HistoryReference>emptyList(), uniqueHistoryReferences);
view.getPopupMenu().show(messageContainer, x, y);
}
});
treeAlert.addMouseListener(new java.awt.event.MouseAdapter() {
@Override
public void mouseClicked(java.awt.event.MouseEvent e) {
if (SwingUtilities.isLeftMouseButton(e) && e.getClickCount() > 1) {
// Its a double click - edit the alert
editSelectedAlert();
}
}
});
treeAlert.addTreeSelectionListener(new javax.swing.event.TreeSelectionListener() {
@Override
public void valueChanged(javax.swing.event.TreeSelectionEvent e) {
DefaultMutableTreeNode node = (DefaultMutableTreeNode) treeAlert.getLastSelectedPathComponent();
if (node != null && node.getUserObject() != null) {
Object obj = node.getUserObject();
if (obj instanceof Alert) {
Alert alert = (Alert) obj;
setMessage(alert.getMessage(), alert.getEvidence());
treeAlert.requestFocusInWindow();
getAlertViewPanel().displayAlert(alert);
} else {
getAlertViewPanel().clearAlert();
}
} else {
getAlertViewPanel().clearAlert();
}
}
});
treeAlert.setCellRenderer(new AlertTreeCellRenderer());
treeAlert.setExpandsSelectedPaths(true);
}
return treeAlert;
}
Also used :
DefaultSelectableHistoryReferencesContainer(org.zaproxy.zap.view.messagecontainer.http.DefaultSelectableHistoryReferencesContainer)
DefaultMutableTreeNode(javax.swing.tree.DefaultMutableTreeNode)
ArrayList(java.util.ArrayList)
SortedSet(java.util.SortedSet)
TreeSelectionEvent(javax.swing.event.TreeSelectionEvent)
HistoryReference(org.parosproxy.paros.model.HistoryReference)
TreeSelectionListener(javax.swing.event.TreeSelectionListener)
Component(java.awt.Component)
MouseEvent(java.awt.event.MouseEvent)
Point(java.awt.Point)
JPopupMenu(javax.swing.JPopupMenu)
Point(java.awt.Point)
MouseEvent(java.awt.event.MouseEvent)
JTree(javax.swing.JTree)
DefaultSelectableHistoryReferencesContainer(org.zaproxy.zap.view.messagecontainer.http.DefaultSelectableHistoryReferencesContainer)
SelectableHistoryReferencesContainer(org.zaproxy.zap.view.messagecontainer.http.SelectableHistoryReferencesContainer)
TreePath(javax.swing.tree.TreePath)
Alert(org.parosproxy.paros.core.scanner.Alert)
Example 23 with HistoryReference
use of org.parosproxy.paros.model.HistoryReference in project zaproxy by zaproxy.
the class ExtensionAlert method publishAlertEvent.
private void publishAlertEvent(Alert alert, String event) {
HistoryReference historyReference = hrefs.get(alert.getSourceHistoryId());
if (historyReference == null) {
historyReference = Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.class).getHistoryReference(alert.getSourceHistoryId());
}
Map<String, String> map = new HashMap<>();
map.put(AlertEventPublisher.ALERT_ID, Integer.toString(alert.getAlertId()));
map.put(AlertEventPublisher.HISTORY_REFERENCE_ID, Integer.toString(alert.getSourceHistoryId()));
ZAP.getEventBus().publishSyncEvent(AlertEventPublisher.getPublisher(), new Event(AlertEventPublisher.getPublisher(), event, new Target(historyReference.getSiteNode()), map));
}
Also used :
HistoryReference(org.parosproxy.paros.model.HistoryReference)
Target(org.zaproxy.zap.model.Target)
HashMap(java.util.HashMap)
Event(org.zaproxy.zap.eventBus.Event)
Example 24 with HistoryReference
use of org.parosproxy.paros.model.HistoryReference in project zaproxy by zaproxy.
the class ExtensionAntiCSRF method hook.
@Override
public void hook(ExtensionHook extensionHook) {
super.hook(extensionHook);
final ExtensionHistory extensionHistory = (ExtensionHistory) Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.NAME);
if (extensionHistory != null) {
historyReferenceFactory = new HistoryReferenceFactory() {
@Override
public HistoryReference createHistoryReference(int id) {
return extensionHistory.getHistoryReference(id);
}
};
} else {
historyReferenceFactory = new HistoryReferenceFactory() {
@Override
public HistoryReference createHistoryReference(int id) throws HttpMalformedHeaderException, DatabaseException {
return new HistoryReference(id);
}
};
}
AntiCsrfToken.setHistoryReferenceFactory(historyReferenceFactory);
extensionHook.addSessionListener(this);
if (getView() != null) {
extensionHook.getHookView().addOptionPanel(getOptionsAntiCsrfPanel());
extensionHook.getHookMenu().addPopupMenuItem(this.getPopupMenuGenerateForm());
}
ExtensionPassiveScan extensionPassiveScan = (ExtensionPassiveScan) Control.getSingleton().getExtensionLoader().getExtension(ExtensionPassiveScan.NAME);
if (extensionPassiveScan != null) {
extensionPassiveScan.addPassiveScanner(antiCsrfDetectScanner);
}
AntiCsrfAPI api = new AntiCsrfAPI(this);
api.addApiOptions(getParam());
extensionHook.addApiImplementor(api);
}
Also used :
HistoryReference(org.parosproxy.paros.model.HistoryReference)
ExtensionPassiveScan(org.zaproxy.zap.extension.pscan.ExtensionPassiveScan)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
ExtensionHistory(org.parosproxy.paros.extension.history.ExtensionHistory)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Example 25 with HistoryReference
use of org.parosproxy.paros.model.HistoryReference in project zaproxy by zaproxy.
the class ExtensionAlert method refreshAlert.
private void refreshAlert(Session session) throws DatabaseException {
if (Constant.isLowMemoryOptionSet()) {
return;
}
SiteMap siteTree = this.getModel().getSession().getSiteTree();
TableAlert tableAlert = getModel().getDb().getTableAlert();
// TODO this doesnt work, but should be used when its fixed :/
//Vector<Integer> v = tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
Vector<Integer> v = tableAlert.getAlertList();
final ExtensionHistory extensionHistory = (ExtensionHistory) Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.NAME);
for (int i = 0; i < v.size(); i++) {
int alertId = v.get(i).intValue();
RecordAlert recAlert = tableAlert.read(alertId);
int historyId = recAlert.getHistoryId();
HistoryReference historyReference = null;
if (extensionHistory != null) {
historyReference = extensionHistory.getHistoryReference(historyId);
}
if (historyReference == null) {
historyReference = this.hrefs.get(Integer.valueOf(historyId));
}
Alert alert;
if (historyReference != null) {
alert = new Alert(recAlert, historyReference);
} else {
alert = new Alert(recAlert);
}
historyReference = alert.getHistoryRef();
if (historyReference != null) {
// The ref can be null if hrefs are purged
addAlertToTree(alert);
Integer key = Integer.valueOf(historyId);
if (!hrefs.containsKey(key)) {
this.hrefs.put(key, alert.getHistoryRef());
}
}
}
siteTree.nodeStructureChanged((SiteNode) siteTree.getRoot());
}
Also used :
HistoryReference(org.parosproxy.paros.model.HistoryReference)
TableAlert(org.parosproxy.paros.db.TableAlert)
SiteMap(org.parosproxy.paros.model.SiteMap)
ExtensionHistory(org.parosproxy.paros.extension.history.ExtensionHistory)
Alert(org.parosproxy.paros.core.scanner.Alert)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
TableAlert(org.parosproxy.paros.db.TableAlert)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
Aggregations
HistoryReference (org.parosproxy.paros.model.HistoryReference)36
DatabaseException (org.parosproxy.paros.db.DatabaseException)11
SiteNode (org.parosproxy.paros.model.SiteNode)10
HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)7
ArrayList (java.util.ArrayList)6
Alert (org.parosproxy.paros.core.scanner.Alert)6
HttpMessage (org.parosproxy.paros.network.HttpMessage)6
JTree (javax.swing.JTree)5
ExtensionHistory (org.parosproxy.paros.extension.history.ExtensionHistory)5
TreePath (javax.swing.tree.TreePath)4
IOException (java.io.IOException)3
TreeSet (java.util.TreeSet)3
Session (org.parosproxy.paros.model.Session)3
SiteMap (org.parosproxy.paros.model.SiteMap)3
Component (java.awt.Component)2
MalformedURLException (java.net.MalformedURLException)2
DefaultMutableTreeNode (javax.swing.tree.DefaultMutableTreeNode)2
URIException (org.apache.commons.httpclient.URIException)2
Event (org.zaproxy.zap.eventBus.Event)2
AlertNode (org.zaproxy.zap.extension.alert.AlertNode)2
