Examples with HttpRequestBody org.zaproxy.zap.network.HttpRequestBody used on opensource projects

Example 1 with HttpRequestBody

use of org.zaproxy.zap.network.HttpRequestBody in project zaproxy by zaproxy.

the class ProxyThread method processHttp.

protected void processHttp(HttpRequestHeader requestHeader, boolean isSecure) throws IOException {
    // ZAP: Replaced the class HttpBody with the class HttpRequestBody.
    HttpRequestBody reqBody = null;
    boolean isFirstRequest = true;
    HttpMessage msg = null;
    // reduce socket timeout after first read
    inSocket.setSoTimeout(2500);
    do {
        if (isFirstRequest) {
            isFirstRequest = false;
        } else {
            try {
                requestHeader = httpIn.readRequestHeader(isSecure);
                requestHeader.setSenderAddress(inSocket.getInetAddress());
            } catch (SocketTimeoutException e) {
                // ZAP: Log the exception
                if (log.isDebugEnabled()) {
                    log.debug("Timed out while reading a new HTTP request.");
                }
                return;
            }
        }
        if (parentServer.isEnableApi() && API.getInstance().handleApiRequest(requestHeader, httpIn, httpOut, isRecursive(requestHeader))) {
            // It was an API request
            return;
        }
        msg = new HttpMessage();
        msg.setRequestHeader(requestHeader);
        if (msg.getRequestHeader().getContentLength() > 0) {
            // ZAP: Changed to call the method readRequestBody.
            reqBody = httpIn.readRequestBody(requestHeader);
            msg.setRequestBody(reqBody);
        }
        if (proxyParam.isRemoveUnsupportedEncodings()) {
            removeUnsupportedEncodings(msg);
        }
        if (isProcessCache(msg)) {
            continue;
        }
        if (parentServer.isSerialize()) {
            semaphore = semaphoreSingleton;
        } else {
            semaphore = this;
        }
        boolean send = true;
        synchronized (semaphore) {
            if (notifyOverrideListenersRequestSend(msg)) {
                send = false;
            } else if (!notifyListenerRequestSend(msg)) {
                // One of the listeners has told us to drop the request
                return;
            }
            try {
                //					getHttpSender().sendAndReceive(msg, httpOut, buffer);
                if (send) {
                    if (msg.getResponseHeader().isEmpty()) {
                        // Normally the response is empty.
                        // The only reason it wont be is if a script or other ext has deliberately 'hijacked' this request
                        // We dont jsut set send=false as this then means it wont appear in the History tab
                        getHttpSender().sendAndReceive(msg);
                    }
                    decodeResponseIfNeeded(msg);
                    if (!notifyOverrideListenersResponseReceived(msg)) {
                        if (!notifyListenerResponseReceive(msg)) {
                            // One of the listeners has told us to drop the response
                            return;
                        }
                    }
                }
            //			        notifyWrittenToForwardProxy();
            } catch (HttpException e) {
                //			    	System.out.println("HttpException");
                throw e;
            } catch (SocketTimeoutException e) {
                String message = Constant.messages.getString("proxy.error.readtimeout", msg.getRequestHeader().getURI(), connectionParam.getTimeoutInSecs());
                log.warn(message);
                setErrorResponse(msg, GATEWAY_TIMEOUT_RESPONSE_STATUS, message);
                notifyListenerResponseReceive(msg);
            } catch (IOException e) {
                setErrorResponse(msg, BAD_GATEWAY_RESPONSE_STATUS, e);
                notifyListenerResponseReceive(msg);
            //throw e;
            }
            try {
                writeHttpResponse(msg, httpOut);
            } catch (IOException e) {
                StringBuilder strBuilder = new StringBuilder(200);
                strBuilder.append("Failed to write/forward the HTTP response to the client: ");
                strBuilder.append(e.getClass().getName());
                if (e.getMessage() != null) {
                    strBuilder.append(": ").append(e.getMessage());
                }
                log.warn(strBuilder.toString());
            }
        }
        // release semaphore
        ZapGetMethod method = (ZapGetMethod) msg.getUserObject();
        keepSocketOpen = notifyPersistentConnectionListener(msg, inSocket, method);
        if (keepSocketOpen) {
            // do not wait for close
            break;
        }
    } while (!isConnectionClose(msg) && !inSocket.isClosed());
}

Example 2 with HttpRequestBody

use of org.zaproxy.zap.network.HttpRequestBody in project zaproxy by zaproxy.

the class HarUtils method createHttpMessage.

public static HttpMessage createHttpMessage(HarRequest harRequest) throws HttpMalformedHeaderException {
    StringBuilder strBuilderReqHeader = new StringBuilder();
    strBuilderReqHeader.append(harRequest.getMethod()).append(' ').append(harRequest.getUrl()).append(' ').append(harRequest.getHttpVersion()).append("\r\n");
    for (HarHeader harHeader : harRequest.getHeaders().getHeaders()) {
        strBuilderReqHeader.append(harHeader.getName()).append(": ").append(harHeader.getValue()).append("\r\n");
    }
    strBuilderReqHeader.append("\r\n");
    StringBuilder strBuilderReqBody = new StringBuilder();
    final HarPostData harPostData = harRequest.getPostData();
    if (harPostData != null) {
        final String text = harPostData.getText();
        if (text != null && !text.isEmpty()) {
            strBuilderReqBody.append(harRequest.getPostData().getText());
        } else if (harPostData.getParams() != null && !harPostData.getParams().getPostDataParams().isEmpty()) {
            for (HarPostDataParam param : harRequest.getPostData().getParams().getPostDataParams()) {
                if (strBuilderReqBody.length() > 0) {
                    strBuilderReqBody.append('&');
                }
                strBuilderReqBody.append(param.getName()).append('=').append(param.getValue());
            }
        }
    }
    return new HttpMessage(new HttpRequestHeader(strBuilderReqHeader.toString()), new HttpRequestBody(strBuilderReqBody.toString()));
}

Example 3 with HttpRequestBody

use of org.zaproxy.zap.network.HttpRequestBody in project zaproxy by zaproxy.

the class HarUtils method createHarRequest.

public static HarRequest createHarRequest(HttpMessage httpMessage) {
    HttpRequestHeader requestHeader = httpMessage.getRequestHeader();
    HarCookies harCookies = new HarCookies();
    try {
        for (HttpCookie cookie : requestHeader.getHttpCookies()) {
            harCookies.addCookie(new HarCookie(cookie.getName(), cookie.getValue()));
        }
    } catch (IllegalArgumentException e) {
        LOGGER.warn("Ignoring cookies for HAR (\"request\") \"cookies\" list. Request contains invalid cookie: " + e.getMessage());
    }
    HarQueryString harQueryString = new HarQueryString();
    for (HtmlParameter param : httpMessage.getUrlParams()) {
        harQueryString.addQueryParam(new HarQueryParam(param.getName(), param.getValue()));
    }
    HarPostData harPostData = null;
    HttpRequestBody requestBody = httpMessage.getRequestBody();
    if (requestBody.length() >= 0) {
        HarPostDataParams params = new HarPostDataParams();
        String text = "";
        String contentType = requestHeader.getHeader(HttpHeader.CONTENT_TYPE);
        if (contentType == null) {
            contentType = "";
            text = requestBody.toString();
        } else {
            if (StringUtils.startsWithIgnoreCase(contentType.trim(), HttpHeader.FORM_URLENCODED_CONTENT_TYPE)) {
                for (HtmlParameter param : httpMessage.getFormParams()) {
                    params.addPostDataParam(new HarPostDataParam(param.getName(), param.getValue()));
                }
            } else {
                text = requestBody.toString();
            }
        }
        harPostData = new HarPostData(contentType, params, text, null);
    }
    return new HarRequest(requestHeader.getMethod(), requestHeader.getURI().toString(), requestHeader.getVersion(), harCookies, createHarHeaders(requestHeader), harQueryString, harPostData, requestHeader.toString().length(), httpMessage.getRequestBody().length(), null);
}

Example 4 with HttpRequestBody

use of org.zaproxy.zap.network.HttpRequestBody in project zaproxy by zaproxy.

the class HttpInputStream method readRequestBody.

/**
	 * Read Http body from input stream as a string basing on the content length on the method.
	 * @param httpHeader
	 * @return Http body
	 */
public synchronized HttpRequestBody readRequestBody(HttpHeader httpHeader) {
    // -1 = default to unlimited length until connection close
    int contentLength = httpHeader.getContentLength();
    HttpRequestBody body = (contentLength > 0) ? new HttpRequestBody(contentLength) : new HttpRequestBody();
    readBody(contentLength, body);
    return body;
}