Example 1 with FetchStatus
use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.
the class SpiderController method resourceURIFound.
@Override
public void resourceURIFound(HttpMessage responseMessage, int depth, String uri, boolean shouldIgnore) {
log.debug("New resource found: " + uri);
if (uri == null) {
return;
}
// Create the uri
URI uriV = createURI(uri);
if (uriV == null) {
return;
}
// Check if the uri was processed already
String visitedURI;
try {
visitedURI = URLCanonicalizer.buildCleanedParametersURIRepresentation(uriV, spider.getSpiderParam().getHandleParameters(), spider.getSpiderParam().isHandleODataParametersVisited());
} catch (URIException e) {
return;
}
synchronized (visitedGet) {
if (visitedGet.contains(visitedURI)) {
// log.debug("URI already visited: " + visitedURI);
return;
} else {
visitedGet.add(visitedURI);
}
}
// Check if any of the filters disallows this uri
for (FetchFilter f : fetchFilters) {
FetchStatus s = f.checkFilter(uriV);
if (s != FetchStatus.VALID) {
log.debug("URI: " + uriV + " was filtered by a filter with reason: " + s);
spider.notifyListenersFoundURI(uri, HttpRequestHeader.GET, s);
return;
}
}
// Check if should be ignored and not fetched
if (shouldIgnore) {
log.debug("URI: " + uriV + " is valid, but will not be fetched, by parser reccommendation.");
spider.notifyListenersFoundURI(uri, HttpRequestHeader.GET, FetchStatus.VALID);
return;
}
spider.notifyListenersFoundURI(uri, HttpRequestHeader.GET, FetchStatus.VALID);
// Submit the task
SpiderTask task = new SpiderTask(spider, responseMessage.getRequestHeader().getURI(), uriV, depth, HttpRequestHeader.GET);
spider.submitTask(task);
}
Also used :
URIException(org.apache.commons.httpclient.URIException)
FetchFilter(org.zaproxy.zap.spider.filters.FetchFilter)
URI(org.apache.commons.httpclient.URI)
FetchStatus(org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus)
Example 2 with FetchStatus
use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.
the class HttpPrefixFetchFilterUnitTest method shouldFilterUriWithDifferentSchemeAsOutOfScope.
@Test
public void shouldFilterUriWithDifferentSchemeAsOutOfScope() throws Exception {
// Given
URI prefixUri = new URI("http://example.org/", true);
HttpPrefixFetchFilter fetchFilter = new HttpPrefixFetchFilter(prefixUri);
URI uri = new URI("https://example.org/", true);
// When
FetchStatus filterStatus = fetchFilter.checkFilter(uri);
// Then
assertThat(filterStatus, is(equalTo(FetchStatus.OUT_OF_SCOPE)));
}
Also used :
URI(org.apache.commons.httpclient.URI)
FetchStatus(org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus)
Test(org.junit.Test)
Example 3 with FetchStatus
use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.
the class HttpPrefixFetchFilterUnitTest method shouldFilterUriWithMalformedHostAsOutOfScope.
@Test
public void shouldFilterUriWithMalformedHostAsOutOfScope() throws Exception {
// Given
URI prefixUri = new URI("http://example.org/", true);
HttpPrefixFetchFilter fetchFilter = new HttpPrefixFetchFilter(prefixUri);
URI uri = new URI("http://a%0/", true);
// When
FetchStatus filterStatus = fetchFilter.checkFilter(uri);
// Then
assertThat(filterStatus, is(equalTo(FetchStatus.OUT_OF_SCOPE)));
}
Also used :
URI(org.apache.commons.httpclient.URI)
FetchStatus(org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus)
Test(org.junit.Test)
Example 4 with FetchStatus
use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.
the class HttpPrefixFetchFilterUnitTest method shouldFilterUriWithDifferentNonEmptyPathAsOutOfScope.
@Test
public void shouldFilterUriWithDifferentNonEmptyPathAsOutOfScope() throws Exception {
// Given
URI prefixUri = new URI("http://example.org/", true);
HttpPrefixFetchFilter fetchFilter = new HttpPrefixFetchFilter(prefixUri);
URI uri = new URI("http://example.org", true);
// When
FetchStatus filterStatus = fetchFilter.checkFilter(uri);
// Then
assertThat(filterStatus, is(equalTo(FetchStatus.OUT_OF_SCOPE)));
}
Also used :
URI(org.apache.commons.httpclient.URI)
FetchStatus(org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus)
Test(org.junit.Test)
Example 5 with FetchStatus
use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.
the class DefaultFetchFilterUnitTest method shouldFilterNonAlwaysInScopeUriAsOutOfScope.
@Test
public void shouldFilterNonAlwaysInScopeUriAsOutOfScope() throws Exception {
// Given
filter.setDomainsAlwaysInScope(domainsAlwaysInScope("scope.example.com"));
URI uri = createUri("https://example.com");
// When
FetchStatus status = filter.checkFilter(uri);
// Then
assertThat(status, is(equalTo(FetchStatus.OUT_OF_SCOPE)));
}
Also used :
URI(org.apache.commons.httpclient.URI)
FetchStatus(org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus)
Test(org.junit.Test)
Aggregations
URI (org.apache.commons.httpclient.URI)33
FetchStatus (org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus)33
Test (org.junit.Test)31
FetchFilter (org.zaproxy.zap.spider.filters.FetchFilter)2
ArrayList (java.util.ArrayList)1
URIException (org.apache.commons.httpclient.URIException)1
