■ ■ ■ ■ ■ ■
authorization/authorization.py
| skipped 9 lines |
10 | 10 | | |
11 | 11 | | sys.path.append("..") |
12 | 12 | | |
13 | | - | from helpers.http import get_authorization_header_from_message, get_cookie_header_from_message, isStatusCodesReturned, makeMessage, makeRequest, getResponseContentLength, IHttpRequestResponseImplementation |
| 13 | + | from helpers.http import get_authorization_header_from_message, get_cookie_header_from_message, isStatusCodesReturned, makeMessage, makeRequest, getResponseBody, IHttpRequestResponseImplementation |
14 | 14 | | from gui.table import LogEntry, UpdateTableEDT |
15 | 15 | | from javax.swing import SwingUtilities |
16 | 16 | | from java.net import URL |
| skipped 277 lines |
294 | 294 | | auth_enforced = True |
295 | 295 | | return auth_enforced |
296 | 296 | | |
297 | | - | def checkBypass(self, oldStatusCode, newStatusCode, oldContentLen, |
298 | | - | newContentLen, filters, requestResponse, andOrEnforcement): |
| 297 | + | def checkBypass(self, oldStatusCode, newStatusCode, oldContent, |
| 298 | + | newContent, filters, requestResponse, andOrEnforcement): |
299 | 299 | | if oldStatusCode == newStatusCode: |
300 | 300 | | auth_enforced = 0 |
301 | 301 | | if len(filters) > 0: |
302 | 302 | | auth_enforced = auth_enforced_via_enforcement_detectors(self, filters, requestResponse, andOrEnforcement) |
303 | 303 | | if auth_enforced: |
304 | 304 | | return self.ENFORCED_STR |
305 | | - | elif oldContentLen == newContentLen: |
| 305 | + | elif oldContent == newContent: |
306 | 306 | | return self.BYPASSSED_STR |
307 | 307 | | else: |
308 | 308 | | return self.IS_ENFORCED_STR |
| skipped 1 lines |
310 | 310 | | return self.ENFORCED_STR |
311 | 311 | | |
312 | 312 | | def checkAuthorization(self, messageInfo, originalHeaders, checkUnauthorized): |
313 | | - | oldResponse = messageInfo.getResponse() |
314 | 313 | | message = makeMessage(self, messageInfo, True, True) |
315 | 314 | | requestResponse = makeRequest(self, messageInfo, message) |
316 | 315 | | newResponse = requestResponse.getResponse() |
| skipped 1 lines |
318 | 317 | | |
319 | 318 | | oldStatusCode = originalHeaders[0] |
320 | 319 | | newStatusCode = analyzedResponse.getHeaders()[0] |
321 | | - | oldContentLen = getResponseContentLength(self, oldResponse) |
322 | | - | newContentLen = getResponseContentLength(self, newResponse) |
| 320 | + | oldContent = getResponseBody(self, messageInfo) |
| 321 | + | newContent = getResponseBody(self, requestResponse) |
323 | 322 | | |
324 | 323 | | # Check unauthorized request |
325 | 324 | | if checkUnauthorized: |
| skipped 2 lines |
328 | 327 | | unauthorizedResponse = requestResponseUnauthorized.getResponse() |
329 | 328 | | analyzedResponseUnauthorized = self._helpers.analyzeResponse(unauthorizedResponse) |
330 | 329 | | statusCodeUnauthorized = analyzedResponseUnauthorized.getHeaders()[0] |
331 | | - | contentLenUnauthorized = getResponseContentLength(self, unauthorizedResponse) |
| 330 | + | contentUnauthorized = getResponseBody(self, requestResponseUnauthorized) |
332 | 331 | | |
333 | 332 | | EDFilters = self.EDModel.toArray() |
334 | 333 | | |
335 | | - | impression = checkBypass(self, oldStatusCode,newStatusCode,oldContentLen,newContentLen,EDFilters,requestResponse,self.AndOrType.getSelectedItem()) |
| 334 | + | impression = checkBypass(self, oldStatusCode, newStatusCode, oldContent, newContent, EDFilters, requestResponse, self.AndOrType.getSelectedItem()) |
336 | 335 | | |
337 | 336 | | if checkUnauthorized: |
338 | 337 | | EDFiltersUnauth = self.EDModelUnauth.toArray() |
339 | | - | impressionUnauthorized = checkBypass(self, oldStatusCode,statusCodeUnauthorized,oldContentLen,contentLenUnauthorized,EDFiltersUnauth,requestResponseUnauthorized,self.AndOrTypeUnauth.getSelectedItem()) |
| 338 | + | impressionUnauthorized = checkBypass(self, oldStatusCode, statusCodeUnauthorized, oldContent, contentUnauthorized, EDFiltersUnauth, requestResponseUnauthorized, self.AndOrTypeUnauth.getSelectedItem()) |
340 | 339 | | |
341 | 340 | | self._lock.acquire() |
342 | 341 | | |
| skipped 20 lines |