Search in sources :

Example 21 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class HttpPanelSender method handleSendMessage.

@Override
public void handleSendMessage(Message aMessage) throws IllegalArgumentException, IOException {
    final HttpMessage httpMessage = (HttpMessage) aMessage;
    try {
        final ModeRedirectionValidator redirectionValidator = new ModeRedirectionValidator();
        if (getButtonFollowRedirects().isSelected()) {
            getDelegate().sendAndReceive(httpMessage, redirectionValidator);
        } else {
            getDelegate().sendAndReceive(httpMessage, false);
        }
        EventQueue.invokeAndWait(new Runnable() {

            @Override
            public void run() {
                if (!httpMessage.getResponseHeader().isEmpty()) {
                    // Indicate UI new response arrived
                    responsePanel.updateContent();
                    try {
                        Session session = Model.getSingleton().getSession();
                        HistoryReference ref = new HistoryReference(session, HistoryReference.TYPE_ZAP_USER, httpMessage);
                        final ExtensionHistory extHistory = getHistoryExtension();
                        if (extHistory != null) {
                            extHistory.addHistory(ref);
                        }
                        SessionStructure.addPath(session, ref, httpMessage);
                    } catch (final Exception e) {
                        logger.error(e.getMessage(), e);
                    }
                    if (!redirectionValidator.isRequestValid()) {
                        View.getSingleton().showWarningDialog(Constant.messages.getString("manReq.outofscope.redirection.warning", redirectionValidator.getInvalidRedirection()));
                    }
                }
            }
        });
        ZapGetMethod method = (ZapGetMethod) httpMessage.getUserObject();
        notifyPersistentConnectionListener(httpMessage, null, method);
    } catch (final HttpMalformedHeaderException mhe) {
        throw new IllegalArgumentException("Malformed header error.", mhe);
    } catch (final UnknownHostException uhe) {
        throw new IOException("Error forwarding to an Unknown host: " + uhe.getMessage(), uhe);
    } catch (final SSLException sslEx) {
        throw sslEx;
    } catch (final IOException ioe) {
        throw new IOException("IO error in sending request: " + ioe.getClass() + ": " + ioe.getMessage(), ioe);
    } catch (final Exception e) {
        logger.error(e.getMessage(), e);
    }
}
Also used : ZapGetMethod(org.zaproxy.zap.ZapGetMethod) UnknownHostException(java.net.UnknownHostException) ExtensionHistory(org.parosproxy.paros.extension.history.ExtensionHistory) IOException(java.io.IOException) SSLException(javax.net.ssl.SSLException) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException) SSLException(javax.net.ssl.SSLException) HistoryReference(org.parosproxy.paros.model.HistoryReference) HttpMalformedHeaderException(org.parosproxy.paros.network.HttpMalformedHeaderException) HttpMessage(org.parosproxy.paros.network.HttpMessage) Session(org.parosproxy.paros.model.Session)

Example 22 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class SpiderTextParserUnitTest method shouldNotParseTextResponseIfAlreadyParsed.

@Test
public void shouldNotParseTextResponseIfAlreadyParsed() {
    // Given
    SpiderTextParser spiderParser = new SpiderTextParser();
    HttpMessage messageHtmlResponse = createMessageWith(EMPTY_BODY);
    boolean parsed = true;
    // When
    boolean canParse = spiderParser.canParseResource(messageHtmlResponse, ROOT_PATH, parsed);
    // Then
    assertThat(canParse, is(equalTo(false)));
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.Test)

Example 23 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class SpiderTextParserUnitTest method createMessageWith.

private static HttpMessage createMessageWith(String statusCodeMessage, String contentType, String body) {
    HttpMessage message = new HttpMessage();
    try {
        message.setRequestHeader("GET / HTTP/1.1\r\nHost: example.com\r\n");
        message.setResponseHeader("HTTP/1.1 " + statusCodeMessage + "\r\n" + "Content-Type: " + contentType + "; charset=UTF-8\r\n" + "Content-Length: " + body.length());
        message.setResponseBody(body);
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
    return message;
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage)

Example 24 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class SpiderTextParserUnitTest method shouldFindUrlsInCommentsWithoutElements.

@Test
public void shouldFindUrlsInCommentsWithoutElements() {
    // Given
    SpiderTextParser spiderParser = new SpiderTextParser();
    TestSpiderParserListener listener = createTestSpiderParserListener();
    spiderParser.addSpiderParserListener(listener);
    HttpMessage messageHtmlResponse = createMessageWith(body("Body with HTTP/S URLs", " - http://plaincomment.example.com some text not part of URL", "- \"https://plaincomment.example.com/z.php?x=y\" more text not part of URL", "- 'http://plaincomment.example.com/c.pl?x=y' even more text not part of URL", "- <https://plaincomment.example.com/d.asp?x=y> ...", "- http://plaincomment.example.com/e/e1/e2.html?x=y#stop fragment should be ignored", "- (https://plaincomment.example.com/surrounded/with/parenthesis) parenthesis should not be included", "- [https://plaincomment.example.com/surrounded/with/brackets] brackets should not be included", "- {https://plaincomment.example.com/surrounded/with/curly/brackets} curly brackets should not be included", "- mixed case URLs HtTpS://ExAmPlE.CoM/path/ should also be found"));
    Source source = createSource(messageHtmlResponse);
    // When
    boolean completelyParsed = spiderParser.parseResource(messageHtmlResponse, source, BASE_DEPTH);
    // Then
    assertThat(completelyParsed, is(equalTo(false)));
    assertThat(listener.getNumberOfUrlsFound(), is(equalTo(9)));
    assertThat(listener.getUrlsFound(), contains("http://plaincomment.example.com/", "https://plaincomment.example.com/z.php?x=y", "http://plaincomment.example.com/c.pl?x=y", "https://plaincomment.example.com/d.asp?x=y", "http://plaincomment.example.com/e/e1/e2.html?x=y", "https://plaincomment.example.com/surrounded/with/parenthesis", "https://plaincomment.example.com/surrounded/with/brackets", "https://plaincomment.example.com/surrounded/with/curly/brackets", "https://example.com/path/"));
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage) Source(net.htmlparser.jericho.Source) Test(org.junit.Test)

Example 25 with HttpMessage

use of org.parosproxy.paros.network.HttpMessage in project zaproxy by zaproxy.

the class SpiderTextParserUnitTest method shouldNotFindUrlsIfThereIsNone.

@Test
public void shouldNotFindUrlsIfThereIsNone() {
    // Given
    SpiderTextParser spiderParser = new SpiderTextParser();
    TestSpiderParserListener listener = createTestSpiderParserListener();
    spiderParser.addSpiderParserListener(listener);
    HttpMessage message = createMessageWith(body("Body with no HTTP/S URLs", " ://example.com/ ", "More text...  ftp://ftp.example.com/ ", "Even more text... //noscheme.example.com "));
    Source source = createSource(message);
    // When
    boolean completelyParsed = spiderParser.parseResource(message, source, BASE_DEPTH);
    // Then
    assertThat(completelyParsed, is(equalTo(false)));
    assertThat(listener.getNumberOfUrlsFound(), is(equalTo(0)));
    assertThat(listener.getUrlsFound(), is(empty()));
}
Also used : HttpMessage(org.parosproxy.paros.network.HttpMessage) Source(net.htmlparser.jericho.Source) Test(org.junit.Test)

Aggregations

HttpMessage (org.parosproxy.paros.network.HttpMessage)205 Test (org.junit.Test)144 Source (net.htmlparser.jericho.Source)73 SpiderParam (org.zaproxy.zap.spider.SpiderParam)29 HttpMalformedHeaderException (org.parosproxy.paros.network.HttpMalformedHeaderException)22 DatabaseException (org.parosproxy.paros.db.DatabaseException)19 IOException (java.io.IOException)14 URI (org.apache.commons.httpclient.URI)10 URIException (org.apache.commons.httpclient.URIException)10 HttpException (org.apache.commons.httpclient.HttpException)7 HistoryReference (org.parosproxy.paros.model.HistoryReference)6 HttpRequestHeader (org.parosproxy.paros.network.HttpRequestHeader)6 WithConfigsTest (org.zaproxy.zap.WithConfigsTest)6 DefaultValueGenerator (org.zaproxy.zap.model.DefaultValueGenerator)6 SocketTimeoutException (java.net.SocketTimeoutException)5 RecordHistory (org.parosproxy.paros.db.RecordHistory)4 HttpResponseHeader (org.parosproxy.paros.network.HttpResponseHeader)4 File (java.io.File)3 SocketException (java.net.SocketException)3 UnknownHostException (java.net.UnknownHostException)3