crash.software
Projects
Pull Requests
Issues
Builds
autorize
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY autorize Commits 9937b9de
🤬
  • ■ ■ ■ ■ ■ ■
    authorization/authorization.py
    skipped 9 lines
    10 10   
    11 11  sys.path.append("..")
    12 12   
    13  -from helpers.http import get_authorization_header_from_message, get_cookie_header_from_message, isStatusCodesReturned, makeMessage, makeRequest, getResponseContentLength, IHttpRequestResponseImplementation
     13 +from helpers.http import get_authorization_header_from_message, get_cookie_header_from_message, isStatusCodesReturned, makeMessage, makeRequest, getResponseBody, IHttpRequestResponseImplementation
    14 14  from gui.table import LogEntry, UpdateTableEDT
    15 15  from javax.swing import SwingUtilities
    16 16  from java.net import URL
    skipped 277 lines
    294 294   auth_enforced = True
    295 295   return auth_enforced
    296 296   
    297  -def checkBypass(self, oldStatusCode, newStatusCode, oldContentLen,
    298  - newContentLen, filters, requestResponse, andOrEnforcement):
     297 +def checkBypass(self, oldStatusCode, newStatusCode, oldContent,
     298 + newContent, filters, requestResponse, andOrEnforcement):
    299 299   if oldStatusCode == newStatusCode:
    300 300   auth_enforced = 0
    301 301   if len(filters) > 0:
    302 302   auth_enforced = auth_enforced_via_enforcement_detectors(self, filters, requestResponse, andOrEnforcement)
    303 303   if auth_enforced:
    304 304   return self.ENFORCED_STR
    305  - elif oldContentLen == newContentLen:
     305 + elif oldContent == newContent:
    306 306   return self.BYPASSSED_STR
    307 307   else:
    308 308   return self.IS_ENFORCED_STR
    skipped 1 lines
    310 310   return self.ENFORCED_STR
    311 311   
    312 312  def checkAuthorization(self, messageInfo, originalHeaders, checkUnauthorized):
    313  - oldResponse = messageInfo.getResponse()
    314 313   message = makeMessage(self, messageInfo, True, True)
    315 314   requestResponse = makeRequest(self, messageInfo, message)
    316 315   newResponse = requestResponse.getResponse()
    skipped 1 lines
    318 317  
    319 318   oldStatusCode = originalHeaders[0]
    320 319   newStatusCode = analyzedResponse.getHeaders()[0]
    321  - oldContentLen = getResponseContentLength(self, oldResponse)
    322  - newContentLen = getResponseContentLength(self, newResponse)
     320 + oldContent = getResponseBody(self, messageInfo)
     321 + newContent = getResponseBody(self, requestResponse)
    323 322   
    324 323   # Check unauthorized request
    325 324   if checkUnauthorized:
    skipped 2 lines
    328 327   unauthorizedResponse = requestResponseUnauthorized.getResponse()
    329 328   analyzedResponseUnauthorized = self._helpers.analyzeResponse(unauthorizedResponse)
    330 329   statusCodeUnauthorized = analyzedResponseUnauthorized.getHeaders()[0]
    331  - contentLenUnauthorized = getResponseContentLength(self, unauthorizedResponse)
     330 + contentUnauthorized = getResponseBody(self, requestResponseUnauthorized)
    332 331   
    333 332   EDFilters = self.EDModel.toArray()
    334 333   
    335  - impression = checkBypass(self, oldStatusCode,newStatusCode,oldContentLen,newContentLen,EDFilters,requestResponse,self.AndOrType.getSelectedItem())
     334 + impression = checkBypass(self, oldStatusCode, newStatusCode, oldContent, newContent, EDFilters, requestResponse, self.AndOrType.getSelectedItem())
    336 335   
    337 336   if checkUnauthorized:
    338 337   EDFiltersUnauth = self.EDModelUnauth.toArray()
    339  - impressionUnauthorized = checkBypass(self, oldStatusCode,statusCodeUnauthorized,oldContentLen,contentLenUnauthorized,EDFiltersUnauth,requestResponseUnauthorized,self.AndOrTypeUnauth.getSelectedItem())
     338 + impressionUnauthorized = checkBypass(self, oldStatusCode, statusCodeUnauthorized, oldContent, contentUnauthorized, EDFiltersUnauth, requestResponseUnauthorized, self.AndOrTypeUnauth.getSelectedItem())
    340 339   
    341 340   self._lock.acquire()
    342 341  
    skipped 20 lines
  • ■ ■ ■ ■
    helpers/http.py
    skipped 83 lines
    84 84   
    85 85  def getResponseBody(self, requestResponse):
    86 86   analyzedResponse = self._helpers.analyzeResponse(requestResponse.getResponse())
    87  - self._helpers.bytesToString(requestResponse.getResponse()[analyzedResponse.getBodyOffset():])
     87 + return self._helpers.bytesToString(requestResponse.getResponse()[analyzedResponse.getBodyOffset():])
    88 88   
    89 89  def getResponseContentLength(self, response):
    90 90   return len(response) - self._helpers.analyzeResponse(response).getBodyOffset()
    skipped 53 lines
Please wait...
Page is in error, reload to recover