Examples with FetchStatus org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus used on opensource projects

Example 21 with FetchStatus

use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.

the class SpiderController method resourceURIFound.

@Override
public void resourceURIFound(HttpMessage responseMessage, int depth, String uri, boolean shouldIgnore) {
    log.debug("New resource found: " + uri);
    if (uri == null) {
        return;
    }
    // Create the uri
    URI uriV = createURI(uri);
    if (uriV == null) {
        return;
    }
    // Check if the uri was processed already
    String visitedURI;
    try {
        visitedURI = URLCanonicalizer.buildCleanedParametersURIRepresentation(uriV, spider.getSpiderParam().getHandleParameters(), spider.getSpiderParam().isHandleODataParametersVisited());
    } catch (URIException e) {
        return;
    }
    synchronized (visitedGet) {
        if (visitedGet.contains(visitedURI)) {
            // log.debug("URI already visited: " + visitedURI);
            return;
        } else {
            visitedGet.add(visitedURI);
        }
    }
    // Check if any of the filters disallows this uri
    for (FetchFilter f : fetchFilters) {
        FetchStatus s = f.checkFilter(uriV);
        if (s != FetchStatus.VALID) {
            log.debug("URI: " + uriV + " was filtered by a filter with reason: " + s);
            spider.notifyListenersFoundURI(uri, HttpRequestHeader.GET, s);
            return;
        }
    }
    // Check if should be ignored and not fetched
    if (shouldIgnore) {
        log.debug("URI: " + uriV + " is valid, but will not be fetched, by parser reccommendation.");
        spider.notifyListenersFoundURI(uri, HttpRequestHeader.GET, FetchStatus.VALID);
        return;
    }
    spider.notifyListenersFoundURI(uri, HttpRequestHeader.GET, FetchStatus.VALID);
    // Submit the task
    SpiderTask task = new SpiderTask(spider, responseMessage.getRequestHeader().getURI(), uriV, depth, HttpRequestHeader.GET);
    spider.submitTask(task);
}

Example 22 with FetchStatus

use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.

the class SpiderController method resourcePostURIFound.

@Override
public void resourcePostURIFound(HttpMessage responseMessage, int depth, String uri, String requestBody) {
    log.debug("New POST resource found: " + uri);
    // Check if the uri was processed already
    synchronized (visitedPost) {
        if (arrayKeyValueExists(uri, requestBody)) {
            log.debug("URI already visited: " + uri);
            return;
        } else {
            if (visitedPost.containsKey(uri)) {
                visitedPost.get(uri).add(requestBody);
            } else {
                ArrayList<String> l = new ArrayList<String>();
                l.add(requestBody);
                visitedPost.put(uri, l);
            }
        }
    }
    // Create the uri
    URI uriV = createURI(uri);
    if (uriV == null) {
        return;
    }
    // Check if any of the filters disallows this uri
    for (FetchFilter f : fetchFilters) {
        FetchStatus s = f.checkFilter(uriV);
        if (s != FetchStatus.VALID) {
            log.debug("URI: " + uriV + " was filtered by a filter with reason: " + s);
            spider.notifyListenersFoundURI(uri, HttpRequestHeader.POST, s);
            return;
        }
    }
    spider.notifyListenersFoundURI(uri, HttpRequestHeader.POST, FetchStatus.VALID);
    // Submit the task
    SpiderTask task = new SpiderTask(spider, responseMessage.getRequestHeader().getURI(), uriV, depth, HttpRequestHeader.POST, requestBody);
    spider.submitTask(task);
}

Example 23 with FetchStatus

use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.

the class HttpPrefixFetchFilterUnitTest method shouldFilterUriWithDifferentSchemeButSamePortAsOutOfScope.

@Test
public void shouldFilterUriWithDifferentSchemeButSamePortAsOutOfScope() throws Exception {
    // Given
    URI prefixUri = new URI("http://example.org/", true);
    HttpPrefixFetchFilter fetchFilter = new HttpPrefixFetchFilter(prefixUri);
    URI uri = new URI("https://example.org:80/", true);
    // When
    FetchStatus filterStatus = fetchFilter.checkFilter(uri);
    // Then
    assertThat(filterStatus, is(equalTo(FetchStatus.OUT_OF_SCOPE)));
}

Example 24 with FetchStatus

use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.

the class HttpPrefixFetchFilterUnitTest method shouldFilterUriAsValidWhenPathPrefixIsEmpty.

@Test
public void shouldFilterUriAsValidWhenPathPrefixIsEmpty() throws Exception {
    // Given
    URI prefixUri = new URI("http://example.org", true);
    HttpPrefixFetchFilter fetchFilter = new HttpPrefixFetchFilter(prefixUri);
    URI uri = new URI("http://example.org/path/subtree", true);
    // When
    FetchStatus filterStatus = fetchFilter.checkFilter(uri);
    // Then
    assertThat(filterStatus, is(equalTo(FetchStatus.VALID)));
}

Example 25 with FetchStatus

use of org.zaproxy.zap.spider.filters.FetchFilter.FetchStatus in project zaproxy by zaproxy.

the class HttpPrefixFetchFilterUnitTest method shouldFilterUriWithSamePathPrefixEvenIfHasQueryOrFragmentAsValid.

@Test
public void shouldFilterUriWithSamePathPrefixEvenIfHasQueryOrFragmentAsValid() throws Exception {
    // Given
    URI prefixUri = new URI("http://example.org/path", true);
    HttpPrefixFetchFilter fetchFilter = new HttpPrefixFetchFilter(prefixUri);
    URI uri = new URI("http://example.org/path/subtree/a?query#fragment", true);
    // When
    FetchStatus filterStatus = fetchFilter.checkFilter(uri);
    // Then
    assertThat(filterStatus, is(equalTo(FetchStatus.VALID)));
}