Example 11 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class SearchThread method search.
private void search() {
Session session = Model.getSingleton().getSession();
Pattern pattern = Pattern.compile(filter, Pattern.MULTILINE | Pattern.CASE_INSENSITIVE);
Matcher matcher = null;
try {
if (Type.Custom.equals(reqType)) {
if (searchers != null && customSearcherName != null) {
HttpSearcher searcher = searchers.get(customSearcherName);
if (searcher != null) {
List<SearchResult> results;
if (pcc.hasMaximumMatches()) {
results = searcher.search(pattern, inverse, pcc.getMaximumMatches());
} else {
results = searcher.search(pattern, inverse);
}
for (SearchResult sr : results) {
searchListenner.addSearchResult(sr);
}
}
}
return;
}
List<Integer> list = Model.getSingleton().getDb().getTableHistory().getHistoryIdsOfHistType(session.getSessionId(), HistoryReference.TYPE_PROXIED, HistoryReference.TYPE_ZAP_USER, HistoryReference.TYPE_SPIDER, HistoryReference.TYPE_SPIDER_AJAX);
int last = list.size();
int currentRecordId = 0;
for (int index = 0; index < last; index++) {
if (stopSearch) {
break;
}
int historyId = list.get(index).intValue();
try {
currentRecordId = index;
// Create the href to ensure the msg is set up correctly
HistoryReference href = new HistoryReference(historyId);
HttpMessage message = href.getHttpMessage();
if (searchJustInScope && !session.isInScope(message.getRequestHeader().getURI().toString())) {
// Not in scope, so ignore
continue;
}
if (this.baseUrl != null && !message.getRequestHeader().getURI().toString().startsWith(baseUrl)) {
// doesnt start with the specified baseurl
continue;
}
if (Type.URL.equals(reqType)) {
// URL
String url = message.getRequestHeader().getURI().toString();
matcher = pattern.matcher(url);
if (inverse && !pcc.allMatchesProcessed()) {
if (!matcher.find()) {
notifyInverseMatchFound(currentRecordId, message, SearchMatch.Location.REQUEST_HEAD);
}
} else {
int urlStartPos = message.getRequestHeader().getPrimeHeader().indexOf(url);
while (matcher.find() && !pcc.allMatchesProcessed()) {
notifyMatchFound(currentRecordId, matcher.group(), message, SearchMatch.Location.REQUEST_HEAD, urlStartPos + matcher.start(), urlStartPos + matcher.end());
if (!searchAllOccurrences) {
break;
}
}
}
}
if (Type.Header.equals(reqType)) {
// Header
// Request header
matcher = pattern.matcher(message.getRequestHeader().toString());
if (inverse && !pcc.allMatchesProcessed()) {
if (!matcher.find()) {
notifyInverseMatchFound(currentRecordId, message, SearchMatch.Location.REQUEST_HEAD);
}
} else {
while (matcher.find() && !pcc.allMatchesProcessed()) {
notifyMatchFound(currentRecordId, matcher.group(), message, SearchMatch.Location.REQUEST_HEAD, matcher.start(), matcher.end());
if (!searchAllOccurrences) {
break;
}
}
}
// Response header
matcher = pattern.matcher(message.getResponseHeader().toString());
if (inverse && !pcc.allMatchesProcessed()) {
if (!matcher.find()) {
notifyInverseMatchFound(currentRecordId, message, SearchMatch.Location.RESPONSE_HEAD);
}
} else {
while (matcher.find() && !pcc.allMatchesProcessed()) {
notifyMatchFound(currentRecordId, matcher.group(), message, SearchMatch.Location.RESPONSE_HEAD, matcher.start(), matcher.end());
if (!searchAllOccurrences) {
break;
}
}
}
}
if (Type.Request.equals(reqType) || Type.All.equals(reqType)) {
if (inverse && !pcc.allMatchesProcessed()) {
// Check for no matches in either Request Header or Body
if (!pattern.matcher(message.getRequestHeader().toString()).find() && !pattern.matcher(message.getRequestBody().toString()).find()) {
notifyInverseMatchFound(currentRecordId, message, SearchMatch.Location.REQUEST_HEAD);
}
} else {
// Request Header
matcher = pattern.matcher(message.getRequestHeader().toString());
while (matcher.find() && !pcc.allMatchesProcessed()) {
notifyMatchFound(currentRecordId, matcher.group(), message, SearchMatch.Location.REQUEST_HEAD, matcher.start(), matcher.end());
if (!searchAllOccurrences) {
break;
}
}
// Request Body
matcher = pattern.matcher(message.getRequestBody().toString());
while (matcher.find() && !pcc.allMatchesProcessed()) {
notifyMatchFound(currentRecordId, matcher.group(), message, SearchMatch.Location.REQUEST_BODY, matcher.start(), matcher.end());
if (!searchAllOccurrences) {
break;
}
}
}
}
if (Type.Response.equals(reqType) || Type.All.equals(reqType)) {
if (inverse && !pcc.allMatchesProcessed()) {
// Check for no matches in either Response Header or Body
if (!pattern.matcher(message.getResponseHeader().toString()).find() && !pattern.matcher(message.getResponseBody().toString()).find()) {
notifyInverseMatchFound(currentRecordId, message, SearchMatch.Location.RESPONSE_HEAD);
}
} else {
// Response header
matcher = pattern.matcher(message.getResponseHeader().toString());
while (matcher.find() && !pcc.allMatchesProcessed()) {
notifyMatchFound(currentRecordId, matcher.group(), message, SearchMatch.Location.RESPONSE_HEAD, matcher.start(), matcher.end());
if (!searchAllOccurrences) {
break;
}
}
// Response body
matcher = pattern.matcher(message.getResponseBody().toString());
while (matcher.find() && !pcc.allMatchesProcessed()) {
notifyMatchFound(currentRecordId, matcher.group(), message, SearchMatch.Location.RESPONSE_BODY, matcher.start(), matcher.end());
if (!searchAllOccurrences) {
break;
}
}
}
}
} catch (HttpMalformedHeaderException e1) {
log.error(e1.getMessage(), e1);
}
if (pcc.hasPageEnded()) {
break;
}
}
} catch (DatabaseException e) {
log.error(e.getMessage(), e);
}
}
Also used :
Pattern(java.util.regex.Pattern)
Matcher(java.util.regex.Matcher)
HistoryReference(org.parosproxy.paros.model.HistoryReference)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Session(org.parosproxy.paros.model.Session)
Example 12 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class ResponseStringHttpPanelViewModel method setData.
@Override
public void setData(String data) {
String[] parts = data.split(HttpHeader.LF + HttpHeader.LF);
String header = parts[0].replaceAll("(?<!\r)\n", HttpHeader.CRLF);
try {
httpMessage.setResponseHeader(header);
} catch (HttpMalformedHeaderException e) {
logger.warn("Could not Save Header: " + header, e);
}
if (parts.length > 1) {
String body = data.substring(parts[0].length() + 2);
if (HttpHeader.GZIP.equals(httpMessage.getResponseHeader().getHeader(HttpHeader.CONTENT_ENCODING))) {
// Recompress gziped content
try {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
GZIPOutputStream gis = new GZIPOutputStream(baos);
BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(gis, "UTF-8"));
bw.write(body);
bw.close();
gis.close();
baos.close();
httpMessage.getResponseBody().setBody(baos.toByteArray());
HttpPanelViewModelUtils.updateResponseContentLength(httpMessage);
} catch (IOException e) {
//this.log.error(e.getMessage(), e);
System.out.println(e);
}
} else {
httpMessage.setResponseBody(body);
}
} else {
httpMessage.setResponseBody("");
}
HttpPanelViewModelUtils.updateResponseContentLength(httpMessage);
}
Also used :
GZIPOutputStream(java.util.zip.GZIPOutputStream)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
OutputStreamWriter(java.io.OutputStreamWriter)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
BufferedWriter(java.io.BufferedWriter)
Example 13 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class SearchAPI method search.
private void search(JSONObject params, ExtensionSearch.Type searchType, SearchResultsProcessor processor) throws InterruptedException {
ApiSearchListener searchListener = new ApiSearchListener();
// The search kicks off a background thread
extension.search(params.getString(PARAM_REGEX), searchListener, searchType, false, false, this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), false);
while (!searchListener.isSearchComplete()) {
Thread.sleep(100);
}
TableHistory tableHistory = Model.getSingleton().getDb().getTableHistory();
for (Integer hRefId : searchListener.getHistoryReferencesIds()) {
try {
processor.processRecordHistory(tableHistory.read(hRefId.intValue()));
} catch (DatabaseException | HttpMalformedHeaderException e) {
log.error(e.getMessage(), e);
}
}
}
Also used :
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
TableHistory(org.parosproxy.paros.db.TableHistory)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
Example 14 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class VariantCookieUnitTest method createMessageWithCookies.
private static HttpMessage createMessageWithCookies(String... cookieHeaders) {
HttpMessage message = new HttpMessage();
try {
StringBuilder requestHeaderBuilder = new StringBuilder("GET / HTTP/1.1\r\nHost: example.com\r\n");
for (String cookieHeader : cookieHeaders) {
requestHeaderBuilder.append("Cookie: ");
requestHeaderBuilder.append(cookieHeader);
requestHeaderBuilder.append("\r\n");
}
message.setRequestHeader(requestHeaderBuilder.toString());
} catch (HttpMalformedHeaderException e) {
throw new RuntimeException(e);
}
return message;
}
Also used :
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Example 15 with HttpMalformedHeaderException
use of org.parosproxy.paros.network.HttpMalformedHeaderException in project zaproxy by zaproxy.
the class HttpPanelSender method handleSendMessage.
@Override
public void handleSendMessage(Message aMessage) throws IllegalArgumentException, IOException {
final HttpMessage httpMessage = (HttpMessage) aMessage;
try {
final ModeRedirectionValidator redirectionValidator = new ModeRedirectionValidator();
if (getButtonFollowRedirects().isSelected()) {
getDelegate().sendAndReceive(httpMessage, redirectionValidator);
} else {
getDelegate().sendAndReceive(httpMessage, false);
}
EventQueue.invokeAndWait(new Runnable() {
@Override
public void run() {
if (!httpMessage.getResponseHeader().isEmpty()) {
// Indicate UI new response arrived
responsePanel.updateContent();
try {
Session session = Model.getSingleton().getSession();
HistoryReference ref = new HistoryReference(session, HistoryReference.TYPE_ZAP_USER, httpMessage);
final ExtensionHistory extHistory = getHistoryExtension();
if (extHistory != null) {
extHistory.addHistory(ref);
}
SessionStructure.addPath(session, ref, httpMessage);
} catch (final Exception e) {
logger.error(e.getMessage(), e);
}
if (!redirectionValidator.isRequestValid()) {
View.getSingleton().showWarningDialog(Constant.messages.getString("manReq.outofscope.redirection.warning", redirectionValidator.getInvalidRedirection()));
}
}
}
});
ZapGetMethod method = (ZapGetMethod) httpMessage.getUserObject();
notifyPersistentConnectionListener(httpMessage, null, method);
} catch (final HttpMalformedHeaderException mhe) {
throw new IllegalArgumentException("Malformed header error.", mhe);
} catch (final UnknownHostException uhe) {
throw new IOException("Error forwarding to an Unknown host: " + uhe.getMessage(), uhe);
} catch (final SSLException sslEx) {
throw sslEx;
} catch (final IOException ioe) {
throw new IOException("IO error in sending request: " + ioe.getClass() + ": " + ioe.getMessage(), ioe);
} catch (final Exception e) {
logger.error(e.getMessage(), e);
}
}
Also used :
ZapGetMethod(org.zaproxy.zap.ZapGetMethod)
UnknownHostException(java.net.UnknownHostException)
ExtensionHistory(org.parosproxy.paros.extension.history.ExtensionHistory)
IOException(java.io.IOException)
SSLException(javax.net.ssl.SSLException)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
IOException(java.io.IOException)
UnknownHostException(java.net.UnknownHostException)
SSLException(javax.net.ssl.SSLException)
HistoryReference(org.parosproxy.paros.model.HistoryReference)
HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Session(org.parosproxy.paros.model.Session)
Aggregations
HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)28
DatabaseException (org.parosproxy.paros.db.DatabaseException)17
HttpMessage (org.parosproxy.paros.network.HttpMessage)14
RecordHistory (org.parosproxy.paros.db.RecordHistory)7
IOException (java.io.IOException)6
HistoryReference (org.parosproxy.paros.model.HistoryReference)6
Matcher (java.util.regex.Matcher)4
URIException (org.apache.commons.httpclient.URIException)4
TableHistory (org.parosproxy.paros.db.TableHistory)4
Session (org.parosproxy.paros.model.Session)4
PatternSyntaxException (java.util.regex.PatternSyntaxException)3
URI (org.apache.commons.httpclient.URI)3
ApiException (org.zaproxy.zap.extension.api.ApiException)3
HarEntries (edu.umass.cs.benchlab.har.HarEntries)2
HarLog (edu.umass.cs.benchlab.har.HarLog)2
PreparedStatement (java.sql.PreparedStatement)2
ResultSet (java.sql.ResultSet)2
SQLException (java.sql.SQLException)2
ArrayList (java.util.ArrayList)2
List (java.util.List)2
