com.subgraph.vega.impl.scanner.forms.FormProcessingState.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.subgraph.vega.impl.scanner.forms.FormProcessingState.java

Introduction

Here is the source code for com.subgraph.vega.impl.scanner.forms.FormProcessingState.java

Source

/*******************************************************************************
 * Copyright (c) 2011 Subgraph.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 * 
 * Contributors:
 *     Subgraph - initial API and implementation
 ******************************************************************************/
package com.subgraph.vega.impl.scanner.forms;

import java.net.URI;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

import org.apache.http.NameValuePair;
import org.apache.http.message.BasicNameValuePair;

import com.subgraph.vega.api.scanner.IFormCredential;

public class FormProcessingState {
    private final static Logger logger = Logger.getLogger("scanner");
    private final static FormHints formHints = new FormHints();

    private final List<IFormCredential> credentials;
    private final URI baseURI;
    private final String action;
    private final String method;

    private final List<NameValuePair> parameters = new ArrayList<NameValuePair>();

    private URI cachedTargetURI;
    private boolean passwordFlag;
    private boolean fileFieldFlag;

    FormProcessingState(URI baseURI, String action, String method, List<IFormCredential> credentials) {
        this.baseURI = baseURI;
        this.action = action;
        this.method = method;
        this.credentials = credentials;
    }

    boolean isValid() {
        return (getTargetURI() != null);
    }

    boolean isPostMethod() {
        return (method != null && method.toLowerCase().equals("post"));
    }

    URI getTargetURI() {
        synchronized (this) {
            if (cachedTargetURI == null)
                cachedTargetURI = createTargetURI();
            return cachedTargetURI;
        }
    }

    private URI createTargetURI() {
        if (baseURI == null)
            return null;
        if (action == null)
            return baseURI;
        try {
            final URI target = baseURI.resolve(action);
            final String scheme = target.getScheme();
            if (scheme.equalsIgnoreCase("http") || scheme.equalsIgnoreCase("https"))
                return target;
            else
                return null;
        } catch (IllegalArgumentException e) {
            logger.log(Level.WARNING, "Failed to create new URI from base: " + baseURI + " and action=" + action,
                    e);
            return null;
        }
    }

    void add(String name, String value) {
        parameters.add(new BasicNameValuePair(name, (value == null) ? ("") : (value)));
    }

    void addGuessedValue(String name) {
        add(name, guessFormValue(name));
    }

    void setPasswordFieldFlag() {
        passwordFlag = true;
    }

    boolean getPasswordFieldFlag() {
        return passwordFlag;
    }

    void setFileFieldFlag() {
        fileFieldFlag = true;
    }

    boolean getFileFieldFlag() {
        return fileFieldFlag;
    }

    private boolean isPossiblePasswordField(String name) {
        final String n = name.toLowerCase();
        return (n.contains("pass") || n.contains("pwd"));
    }

    private boolean isPossibleLoginField(String name) {
        final String n = name.toLowerCase();
        return (n.contains("name") || n.contains("user") || n.contains("log"));
    }

    private String guessFormValue(String name) {
        /*
        if(config.getNtlmPassword() != null && isPossiblePasswordField(name))
           return config.getNtlmPassword();
        if(config.getNtlmUsername() != null && isPossibleLoginField(name))
           return config.getNtlmUsername();
           */
        return formHints.lookupHint(name);
    }

    List<NameValuePair> getParameters() {
        return parameters;
    }

    @Override
    public String toString() {
        if (isPostMethod()) {
            return "POST " + getTargetURI().toString() + parametersAsPostString();
        } else {
            return "GET " + getTargetURI().toString() + parametersAsQueryString();
        }
    }

    private String parametersAsQueryString() {
        final StringBuilder sb = new StringBuilder();
        sb.append("?");
        for (NameValuePair nvp : parameters) {
            if (sb.length() > 1)
                sb.append("&");
            sb.append(nvp.getName());
            if (nvp.getValue() != null) {
                sb.append("=");
                sb.append(nvp.getValue());
            }
        }
        return sb.toString();
    }

    private String parametersAsPostString() {
        final StringBuilder sb = new StringBuilder();
        boolean first = true;
        sb.append(" [");
        for (NameValuePair nvp : parameters) {
            if (first)
                first = false;
            else
                sb.append(", ");
            sb.append(nvp.getName());
            if (nvp.getValue() != null) {
                sb.append("=");
                sb.append(nvp.getValue());
            }
        }
        sb.append("]");
        return sb.toString();
    }
}