Class: Arachni::HTTP::CookieJar

Inherits:

Object

• Object
• Arachni::HTTP::CookieJar

Includes:

Utilities

Defined in:

lib/arachni/http/cookie_jar.rb

Overview

Basic CookieJar implementation.

Author:

• Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Defined Under Namespace

Classes: Error

Class Method Summary

• .from_file(*args) ⇒ Arachni::HTTP::CookieJar

  Same as #initialize.

Instance Method Summary

• #<<(cookies) ⇒ CookieJar

  ‘self`.

• #==(other) ⇒ Object
• #any? ⇒ Bool

  ‘true` if cookiejar is not empty, `false` otherwise.

• #clear ⇒ Object

  Empties the cookiejar.

• #cookies(include_expired = false) ⇒ Array<Cookie>

  All cookies.

• #empty? ⇒ Bool

  ‘true` if cookiejar is empty, `false` otherwise.

• #for_url(url) ⇒ Array<Cookie>

  URL which should be sent to the resource at ‘url`.

• #hash ⇒ Object
• #initialize(cookie_jar_file = nil) ⇒ CookieJar constructor

  A new instance of CookieJar.

• #load(cookie_jar_file, url = '') ⇒ CookieJar

  Loads cookies from a Netscape cookiejar file.

• #merge!(other) ⇒ Object
• #update(cookies) ⇒ CookieJar

  Updates the jar with ‘cookies`.

Methods included from Utilities

#available_port, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_document, #cookies_from_file, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_document, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_document, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Constructor Details

#initialize(cookie_jar_file = nil) ⇒ CookieJar

Returns a new instance of CookieJar.

Parameters:

• cookie_jar_file (String) (defaults to: nil) —

  Path to a Netscape cookie-jar.

# File 'lib/arachni/http/cookie_jar.rb', line 41

def initialize( cookie_jar_file = nil )
    @domains = {}
    load( cookie_jar_file ) if cookie_jar_file
end

Class Method Details

.from_file(*args) ⇒ Arachni::HTTP::CookieJar

Same as #initialize.

Returns:

• (Arachni::HTTP::CookieJar)

# File 'lib/arachni/http/cookie_jar.rb', line 35

def self.from_file( *args )
    new.load( *args )
end

Instance Method Details

#<<(cookies) ⇒ CookieJar

Returns ‘self`.

Parameters:

• cookies (Cookie, Array<Cookie>) —

  Cookies with which to update the cookie-jar.

Returns:

• (CookieJar) —

  ‘self`

# File 'lib/arachni/http/cookie_jar.rb', line 68

def <<( cookies )
    [cookies].flatten.compact.each do |cookie|
        ((@domains[cookie.domain] ||= {})[cookie.path] ||= {})[cookie.name] = cookie.dup
    end
    self
end

#==(other) ⇒ Object

Parameters:

• other (CookieJar)

# File 'lib/arachni/http/cookie_jar.rb', line 171

def ==( other )
    hash == other.hash
end

#any? ⇒ Bool

Returns ‘true` if cookiejar is not empty, `false` otherwise.

Returns:

• (Bool) —

  ‘true` if cookiejar is not empty, `false` otherwise.

# File 'lib/arachni/http/cookie_jar.rb', line 166

def any?
    !empty?
end

#clear ⇒ Object

Empties the cookiejar.

# File 'lib/arachni/http/cookie_jar.rb', line 154

def clear
    @domains.clear
end

#cookies(include_expired = false) ⇒ Array<Cookie>

Returns All cookies.

Parameters:

• include_expired (Bool) (defaults to: false) —

  Include expired cookies.

Returns:

• (Array<Cookie>) —

  All cookies.

# File 'lib/arachni/http/cookie_jar.rb', line 136

def cookies( include_expired = false )
    @domains.values.map do |paths|
        paths.values.map do |cookies|
            if !include_expired
                cookies.values.reject{ |c| c.expired? }
            else
                cookies.values
            end
        end
    end.flatten.compact
end

#empty? ⇒ Bool

Returns ‘true` if cookiejar is empty, `false` otherwise.

Returns:

• (Bool) —

  ‘true` if cookiejar is empty, `false` otherwise.

# File 'lib/arachni/http/cookie_jar.rb', line 160

def empty?
    @domains.empty?
end

#for_url(url) ⇒ Array<Cookie>

Returns URL which should be sent to the resource at ‘url`.

Parameters:

• url (String) —

  URL for which to retrieve cookies.

Returns:

• (Array<Cookie>) —

  URL which should be sent to the resource at ‘url`.

# File 'lib/arachni/http/cookie_jar.rb', line 111

def for_url( url )
    uri = to_uri( url )
    request_path   = uri.path
    request_domain = uri.host

    return [] if !request_domain || !request_path

    @domains.map do |domain, paths|
        next if !in_domain?( domain, request_domain )

        paths.map do |path, cookies|
            next if !request_path.start_with?( path )

            cookies.values.reject{ |c| c.expired? }
        end
    end.flatten.compact.sort do |lhs, rhs|
        rhs.path.length <=> lhs.path.length
    end
end

#hash ⇒ Object

# File 'lib/arachni/http/cookie_jar.rb', line 175

def hash
    cookies.map(&:to_s).hash
end

#load(cookie_jar_file, url = '') ⇒ CookieJar

Loads cookies from a Netscape cookiejar file.

Parameters:

• cookie_jar_file (String) —

  Path to a Netscape cookie-jar.

• url (String) (defaults to: '') —

  Cookie owner.

Returns:

• (CookieJar) —

  self

# File 'lib/arachni/http/cookie_jar.rb', line 54

def load( cookie_jar_file, url = '' )
    # make sure that the provided cookie-jar file exists
    if !File.exist?( cookie_jar_file )
        fail Error::CookieJarFileNotFound, "Cookie-jar '#{cookie_jar_file}' doesn't exist."
    end
    update( cookies_from_file( url, cookie_jar_file ) )
    self
end

#merge!(other) ⇒ Object

Parameters:

• other (CookieJar)

# File 'lib/arachni/http/cookie_jar.rb', line 149

def merge!( other )
    update other.cookies
end

#update(cookies) ⇒ CookieJar

Updates the jar with ‘cookies`.

Parameters:

• cookies (Array<String, Hash, Cookie>) —

  Cookies with which to update the cookie-jar.

Returns:

• (CookieJar) —

  self

# File 'lib/arachni/http/cookie_jar.rb', line 81

def update( cookies )
    [cookies].flatten.compact.each do |c|
        self << case c
                    when String
                        begin
                            Cookie.from_string( ::Arachni::Options.url.to_s, c )
                        rescue
                            Cookie.from_set_cookie( ::Arachni::Options.url.to_s, c )
                        end

                    when Hash
                        next if c.empty?

                        if c.size > 1
                            Cookie.new( { url: ::Arachni::Options.url.to_s }.merge( c ) )
                        else
                            Cookie.new( url: ::Arachni::Options.url.to_s, inputs: c )
                        end
                    when Cookie
                        c
                end
    end
    self
end