Examples with SpiderResourceFound org.zaproxy.zap.spider.parser.SpiderResourceFound used on opensource projects

Search in sources :

Example 1 with SpiderResourceFound

use of org.zaproxy.zap.spider.parser.SpiderResourceFound in project zaproxy by zaproxy.

the class SpiderController method addSeed.

/**
 * Adds a new seed, if it wasn't already processed.
 *
 * @param uri the uri
 * @param method the http method used for fetching the resource
 */
protected void addSeed(URI uri, String method) {
    SpiderResourceFound resourceFound = SpiderResourceFound.builder().setUri(uri.toString()).setMethod(method).build();
    // Check if the uri was processed already
    String resourceIdentifier = "";
    try {
        resourceIdentifier = buildCanonicalResourceIdentifier(uri, resourceFound);
    } catch (URIException e) {
        return;
    }
    synchronized (visitedResources) {
        if (visitedResources.contains(resourceIdentifier)) {
            log.debug("URI already visited: " + uri);
            return;
        } else {
            visitedResources.add(resourceIdentifier);
        }
    }
    // Create and submit the new task
    SpiderTask task = new SpiderTask(spider, resourceFound, uri);
    spider.submitTask(task);
    // Add the uri to the found list
    spider.notifyListenersFoundURI(uri.toString(), method, FetchStatus.SEED);
}
Also used : SpiderResourceFound(org.zaproxy.zap.spider.parser.SpiderResourceFound) URIException(org.apache.commons.httpclient.URIException)

Example 2 with SpiderResourceFound

use of org.zaproxy.zap.spider.parser.SpiderResourceFound in project zaproxy by zaproxy.

the class SpiderControllerUnitTest method shouldNotSubmitSamePostTaskWithDifferentDepthAndIgnore.

@Test
void shouldNotSubmitSamePostTaskWithDifferentDepthAndIgnore() {
    // Given
    SpiderResourceFound spiderResourceFoundDepth1 = createPostSpiderResourceFoundWithHeaders("https://example.com/test.html", "body", 1, false, Collections.emptyList());
    SpiderResourceFound spiderResourceFoundDepth2Ignore = createPostSpiderResourceFoundWithHeaders("https://example.com/test.html", "body", 2, true, Collections.emptyList());
    // When
    spiderController.resourceFound(spiderResourceFoundDepth1);
    spiderController.resourceFound(spiderResourceFoundDepth1);
    spiderController.resourceFound(spiderResourceFoundDepth2Ignore);
    // Then
    verify(spider).submitTask(any());
}
Also used : SpiderResourceFound(org.zaproxy.zap.spider.parser.SpiderResourceFound) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest)

Example 3 with SpiderResourceFound

use of org.zaproxy.zap.spider.parser.SpiderResourceFound in project zaproxy by zaproxy.

the class SpiderControllerUnitTest method shouldNotSubmitSameGetTaskWithDifferentHeaderWhitespaces.

@Test
void shouldNotSubmitSameGetTaskWithDifferentHeaderWhitespaces() {
    // Given
    List<HttpHeaderField> requestHeadersWithoutWS = new ArrayList<>();
    requestHeadersWithoutWS.add(new HttpHeaderField("X-Custom-Header-1", "xyz"));
    List<HttpHeaderField> requestHeadersWithWS = new ArrayList<>();
    requestHeadersWithWS.add(new HttpHeaderField("\tX-Custom-Header-1  ", "\nxyz "));
    SpiderResourceFound spiderResourceFound1 = createGetSpiderResourceFoundWithHeaders("https://example.com/test.html", 2, false, requestHeadersWithoutWS);
    SpiderResourceFound spiderResourceFound2 = createGetSpiderResourceFoundWithHeaders("https://example.com/test.html", 2, false, requestHeadersWithWS);
    // When
    spiderController.resourceFound(spiderResourceFound1);
    spiderController.resourceFound(spiderResourceFound2);
    // Then
    verify(spider).submitTask(any());
}
Also used : HttpHeaderField(org.parosproxy.paros.network.HttpHeaderField) SpiderResourceFound(org.zaproxy.zap.spider.parser.SpiderResourceFound) ArrayList(java.util.ArrayList) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest)

Example 4 with SpiderResourceFound

use of org.zaproxy.zap.spider.parser.SpiderResourceFound in project zaproxy by zaproxy.

the class SpiderControllerUnitTest method shouldNotSubmitSameGetTaskWithDifferentHeaderCases.

@Test
void shouldNotSubmitSameGetTaskWithDifferentHeaderCases() {
    // Given
    List<HttpHeaderField> requestHeadersUpperCase = new ArrayList<>();
    requestHeadersUpperCase.add(new HttpHeaderField("X-CUSTOM-HEADER-1", "XYZ"));
    List<HttpHeaderField> requestHeadersLowerCase = new ArrayList<>();
    requestHeadersLowerCase.add(new HttpHeaderField("x-custom-header-1", "xyz"));
    SpiderResourceFound spiderResourceFound1 = createGetSpiderResourceFoundWithHeaders("https://example.com/test.html", 2, false, requestHeadersUpperCase);
    SpiderResourceFound spiderResourceFound2 = createGetSpiderResourceFoundWithHeaders("https://example.com/test.html", 2, false, requestHeadersLowerCase);
    // When
    spiderController.resourceFound(spiderResourceFound1);
    spiderController.resourceFound(spiderResourceFound2);
    // Then
    verify(spider).submitTask(any());
}
Also used : HttpHeaderField(org.parosproxy.paros.network.HttpHeaderField) SpiderResourceFound(org.zaproxy.zap.spider.parser.SpiderResourceFound) ArrayList(java.util.ArrayList) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest)

Example 5 with SpiderResourceFound

use of org.zaproxy.zap.spider.parser.SpiderResourceFound in project zaproxy by zaproxy.

the class SpiderControllerUnitTest method shouldNotSubmitSameGetTaskWithDifferentDepthAndIgnore.

@Test
void shouldNotSubmitSameGetTaskWithDifferentDepthAndIgnore() {
    // Given
    SpiderResourceFound spiderResourceFoundDepth1 = createGetSpiderResourceFoundWithHeaders("https://example.com/test.html", 1, false, Collections.emptyList());
    SpiderResourceFound spiderResourceFoundDepth2Ignore = createGetSpiderResourceFoundWithHeaders("https://example.com/test.html", 2, true, Collections.emptyList());
    // When
    spiderController.resourceFound(spiderResourceFoundDepth1);
    spiderController.resourceFound(spiderResourceFoundDepth1);
    spiderController.resourceFound(spiderResourceFoundDepth2Ignore);
    // Then
    verify(spider).submitTask(any());
}
Also used : SpiderResourceFound(org.zaproxy.zap.spider.parser.SpiderResourceFound) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest)

Aggregations

SpiderResourceFound (org.zaproxy.zap.spider.parser.SpiderResourceFound)8 Test (org.junit.jupiter.api.Test)7 WithConfigsTest (org.zaproxy.zap.WithConfigsTest)7 ArrayList (java.util.ArrayList)4 HttpHeaderField (org.parosproxy.paros.network.HttpHeaderField)4 URIException (org.apache.commons.httpclient.URIException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial