use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class HttpBreakpointManagementDaemonImpl method setMessage.
@Override
public void setMessage(Message msg, boolean isRequest) {
if (msg instanceof HttpMessage) {
switch(Control.getSingleton().getMode()) {
case safe:
throw new IllegalStateException("Not allowed in safe mode");
case protect:
if (!msg.isInScope()) {
throw new IllegalStateException("Not allowed in protected mode for out of scope message");
}
break;
case standard:
break;
case attack:
break;
}
HttpMessage httpMsg = (HttpMessage) msg;
if (this.msg == null) {
this.msg = httpMsg;
this.request = isRequest;
} else {
if (isRequest) {
this.msg.setRequestHeader(httpMsg.getRequestHeader());
this.msg.setRequestBody(httpMsg.getRequestBody());
} else {
this.msg.setResponseHeader(httpMsg.getResponseHeader());
this.msg.setResponseBody(httpMsg.getResponseBody());
}
}
} else {
throw new IllegalArgumentException("Not an HttpMessage");
}
}
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class HttpBreakpointMessage method match.
@Override
public boolean match(Message aMessage, boolean isRequest, boolean onlyIfInScope) {
if (aMessage instanceof HttpMessage) {
HttpMessage messge = (HttpMessage) aMessage;
try {
String uri = messge.getRequestHeader().getURI().toString();
if (onlyIfInScope) {
if (!Model.getSingleton().getSession().isInScope(uri)) {
return false;
}
}
String src = null;
switch(location) {
case url:
src = uri;
break;
case request_header:
if (!isRequest) {
return false;
}
src = messge.getRequestHeader().toString();
break;
case request_body:
if (!isRequest) {
return false;
}
src = messge.getRequestBody().toString();
break;
case response_header:
if (isRequest) {
return false;
}
src = messge.getResponseHeader().toString();
break;
case response_body:
if (isRequest) {
return false;
}
src = messge.getResponseBody().toString();
break;
}
boolean res;
if (Match.contains.equals(this.match)) {
if (ignoreCase) {
res = src.toLowerCase().contains(string.toLowerCase());
} else {
res = src.contains(string);
}
} else {
res = pattern.matcher(src).find();
}
if (inverse) {
return !res;
} else {
return res;
}
} catch (Exception e) {
logger.error(e.getMessage(), e);
}
}
return false;
}
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class CustomScanDialog method populateRequestField.
private void populateRequestField(SiteNode node) {
try {
if (node == null || node.getHistoryReference() == null || node.getHistoryReference().getHttpMessage() == null) {
this.getRequestField().setText("");
} else {
// Populate the custom vectors http pane
HttpMessage msg = node.getHistoryReference().getHttpMessage();
String header = msg.getRequestHeader().toString();
StringBuilder sb = new StringBuilder();
sb.append(header);
this.headerLength = header.length();
// Ignore <METHOD> http(s)://host:port/
this.urlPathStart = header.indexOf("/", header.indexOf("://") + 2) + 1;
sb.append(msg.getRequestBody().toString());
this.getRequestField().setText(sb.toString());
// Only set the recurse option if the node has children, and disable it otherwise
JCheckBox recurseChk = (JCheckBox) this.getField(FIELD_RECURSE);
recurseChk.setEnabled(node.getChildCount() > 0);
recurseChk.setSelected(node.getChildCount() > 0);
}
this.setFieldStates();
} catch (HttpMalformedHeaderException | DatabaseException e) {
//
this.getRequestField().setText("");
}
}
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class View method displayMessage.
/**
* {@inheritDoc}
* <p>
* <strong>Note:</strong> Current implementation just supports {@link HttpMessage HTTP messages}. Attempting to display
* other message types has no effect.
*/
@Override
public void displayMessage(Message message) {
if (message == null) {
getRequestPanel().clearView(true);
getResponsePanel().clearView(false);
return;
}
if (!(message instanceof HttpMessage)) {
logger.warn("Unable to display message: " + message.getClass().getCanonicalName());
return;
}
HttpMessage httpMessage = (HttpMessage) message;
if (httpMessage.getRequestHeader().isEmpty()) {
getRequestPanel().clearView(true);
} else {
getRequestPanel().setMessage(httpMessage);
}
if (httpMessage.getResponseHeader().isEmpty()) {
getResponsePanel().clearView(false);
} else {
getResponsePanel().setMessage(httpMessage, true);
}
}
use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.
the class SessionStructure method addStructure.
private static RecordStructure addStructure(Session session, String host, HttpMessage msg, List<String> paths, int size, int historyId) throws DatabaseException, URIException {
//String nodeUrl = pathsToUrl(host, paths, size);
String nodeName = getNodeName(session, host, msg, paths, size);
String parentName = pathsToUrl(host, paths, size - 1);
String url = "";
if (msg != null) {
url = msg.getRequestHeader().getURI().toString();
String params = getParams(session, msg);
if (params.length() > 0) {
nodeName = nodeName + " " + params;
}
}
String method = HttpRequestHeader.GET;
if (msg != null) {
method = msg.getRequestHeader().getMethod();
}
RecordStructure msgRs = Model.getSingleton().getDb().getTableStructure().find(session.getSessionId(), nodeName, method);
if (msgRs == null) {
long parentId = -1;
if (!nodeName.equals("Root")) {
HttpMessage tmpMsg = null;
int parentHistoryId = -1;
if (!parentName.equals("Root")) {
tmpMsg = getTempHttpMessage(session, parentName, msg);
parentHistoryId = tmpMsg.getHistoryRef().getHistoryId();
}
RecordStructure parentRs = addStructure(session, host, tmpMsg, paths, size - 1, parentHistoryId);
parentId = parentRs.getStructureId();
}
msgRs = Model.getSingleton().getDb().getTableStructure().insert(session.getSessionId(), parentId, historyId, nodeName, url, method);
}
return msgRs;
}
Aggregations