Class: Arachni::URI::Scope

Inherits:
Scope show all
Defined in:
lib/arachni/uri/scope.rb

Overview

Determines the scope status of Arachni::URIs.

Author:

Defined Under Namespace

Classes: Error

Instance Method Summary collapse

Methods inherited from Scope

#options

Constructor Details

#initialize(url) ⇒ Scope

Returns a new instance of Scope.

Parameters:



26
27
28
 
# File 'lib/arachni/uri/scope.rb', line 26

def initialize( url )
    @url = url
end

Instance Method Details

#auto_redundant?(update_counters = false) ⇒ Bool

Note:

Will decrease the redundancy counter.

Returns ‘true` if the URL is redundant based on OptionGroups::Scope#auto_redundant_paths, `false` otherwise.

Parameters:

  • update_counters (Bool) (defaults to: false)

    Whether or not to increment the counters if ‘self` is redundant.

Returns:

See Also:



131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
 
# File 'lib/arachni/uri/scope.rb', line 131

def auto_redundant?( update_counters = false )
    return false if !options.auto_redundant?
    return false if (params = @url.query_parameters).empty?

    h = "#{@url.without_query}#{params.keys.sort}".hash

    if options.auto_redundant_counter[h] >= options.auto_redundant_paths
        return true
    end

    if update_counters
        options.auto_redundant_counter[h] += 1
    end

    false
end

#exclude?Bool

Returns ‘true` if the URL matches any OptionGroups::Scope#exclude_path_patterns, `false` otherwise.

Returns:

See Also:



44
45
46
 
# File 'lib/arachni/uri/scope.rb', line 44

def exclude?
    !!options.exclude_path_patterns.find { |pattern| @url.to_s =~ pattern }
end

#follow_protocol?Bool

Returns ‘true` if the protocol is within scope based on OptionGroups::Scope#https_only, `false` otherwise.

Returns:

See Also:



78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'lib/arachni/uri/scope.rb', line 78

def follow_protocol?
    return true if !Options.url

    check_scheme = @url.scheme.to_s

    return false if !%(http https).include?( check_scheme )

    parsed_ref = Arachni::URI( Options.url )
    return false if !parsed_ref

    ref_scheme = parsed_ref.scheme

    return true if ref_scheme != 'https'
    return true if ref_scheme == check_scheme

    !options.https_only?
end

#in?Bool

Returns ‘true` if the URL is not #out? of the scan scope, `false` otherwise.

Returns:

  • (Bool)

    ‘true` if the URL is not #out? of the scan scope, `false` otherwise.



151
152
153
 
# File 'lib/arachni/uri/scope.rb', line 151

def in?
    !out?
end

#in_domain?Bool

Returns ‘true` if self is in the same domain as Options#url, `false` otherwise.

Returns:

  • (Bool)

    ‘true` if self is in the same domain as Options#url, `false` otherwise.

See Also:



64
65
66
67
68
69
70
71
 
# File 'lib/arachni/uri/scope.rb', line 64

def in_domain?
    return true if !Options.url

    reference = Arachni::URI( Options.url )

    options.include_subdomains ?
        reference.domain == @url.domain : reference.host == @url.host
end

#include?Bool

Returns ‘true` if the URL matches any OptionGroups::Scope#include_path_patterns, `false` otherwise.

Returns:

See Also:



53
54
55
56
57
58
 
# File 'lib/arachni/uri/scope.rb', line 53

def include?
    rules = options.include_path_patterns
    return true if rules.empty?

    !!rules.find { |pattern| @url.to_s =~ pattern }
end

#out?Bool

Note:

Does not call #redundant?.

Returns ‘true` if the URL out of the scan scope, `false` otherwise. The determination is based on:

Returns:



166
167
168
169
170
171
172
173
174
 
# File 'lib/arachni/uri/scope.rb', line 166

def out?
    return true if !follow_protocol?
    return true if !in_domain?
    return true if too_deep?
    return true if !include?
    return true if exclude?

    false
end

#redundant?(update_counters = false) ⇒ Bool

Note:

Will decrease the redundancy counter.

Note:

Will first check with #auto_redundant?.

Returns ‘true` if the URL is redundant, `false` otherwise.

Parameters:

  • update_counters (Bool) (defaults to: false)

    Whether or not to decrement the counters if ‘self` is redundant.

Returns:

  • (Bool)

    ‘true` if the URL is redundant, `false` otherwise.

See Also:



106
107
108
109
110
111
112
113
114
115
116
117
118
119
 
# File 'lib/arachni/uri/scope.rb', line 106

def redundant?( update_counters = false )
    return true if auto_redundant?( update_counters )
    url_string = @url.to_s

    options.redundant_path_patterns.each do |regexp, count|
        next if !(url_string =~ regexp)
        return true if count == 0

        next if !update_counters
        options.redundant_path_patterns[regexp] -= 1
    end

    false
end

#too_deep?Bool

Returns ‘true` if the URL is deeper than `depth`, `false` otherwise.

Returns:

  • (Bool)

    ‘true` if the URL is deeper than `depth`, `false` otherwise.

See Also:



34
35
36
37
 
# File 'lib/arachni/uri/scope.rb', line 34

def too_deep?
    depth = options.directory_depth_limit
    depth.to_i > 0 && (depth + 1) <= @url.path.to_s.count( '/' )
end