Class: Arachni::Element::Header

Inherits:

Base

• Object
• Base
• Arachni::Element::Header

Defined in:

lib/arachni/element/header.rb

Constant Summary

Constants included from Capabilities::Auditable

Capabilities::Auditable::OPTIONS

Constants included from Capabilities::Auditable::RDiff

Capabilities::Auditable::RDiff::RDIFF_OPTIONS

Constants included from Capabilities::Auditable::Taint

Capabilities::Auditable::Taint::TAINT_OPTIONS

Constants included from Capabilities::Mutable

Capabilities::Mutable::MUTATION_OPTIONS

Instance Attribute Summary

Attributes inherited from Base

#raw

Attributes included from Capabilities::Auditable

#auditor, #opts, #orig

Attributes included from Capabilities::Mutable

#altered

Class Method Summary

• .decode(header) ⇒ Object
• .encode(header) ⇒ Object

Instance Method Summary

• #decode(header) ⇒ Object
• #encode(header) ⇒ Object
• #initialize(url, raw = {}) ⇒ Header constructor

  A new instance of Header.

• #mutations(injection_str, opts = {}) ⇒ Object
• #simple ⇒ Object
• #type ⇒ Object

Methods inherited from Base

#action, #action=, #dup, #id, #method, #method=, #url, #url=

Methods included from Utilities

#cookie_encode, #cookies_from_document, #cookies_from_file, #cookies_from_response, #exception_jail, #exclude_path?, #extract_domain, #form_decode, #form_encode, #form_parse_request_body, #forms_from_document, #forms_from_response, #get_path, #hash_keys_to_str, #html_decode, #html_encode, #include_path?, #links_from_document, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_query, #parse_set_cookie, #parse_url_vars, #path_in_domain?, #path_too_deep?, #remove_constants, #seed, #skip_path?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parser, #url_sanitize

Methods included from Capabilities::Auditable

#==, #[], #[]=, #audit, #audit_id, #auditable, #auditable=, #changes, #debug?, #has_inputs?, #hash, #http, #info, #orphan?, #override_instance_scope, #override_instance_scope?, #print_bad, #print_debug, #print_debug_backtrace, #print_error, #print_error_backtrace, #print_info, #print_line, #print_ok, #print_status, #provisioned_issue_id, #remove_auditor, #reset, reset, reset_instance_scope, #reset_scope_override, restrict_to_elements, #scope_audit_id, #skip?, #skip_path?, #status_string, #submit, #update

Methods included from Capabilities::Auditable::RDiff

included, #rdiff_analysis

Methods included from Capabilities::Auditable::Timeout

add_timeout_audit_block, add_timeout_candidate, #call_on_timing_blocks, call_on_timing_blocks, current_timeout_audit_operations_cnt, included, on_timing_attacks, #responsive?, running_timeout_attacks?, #timeout_analysis, timeout_analysis_phase_2, timeout_audit_blocks, timeout_audit_operations_cnt, timeout_audit_run, timeout_loaded_modules

Methods included from Capabilities::Auditable::Taint

#taint_analysis

Methods included from Capabilities::Mutable

#altered_value, #altered_value=, #immutables, #mutated?, #mutations_for, #original?, #permutations, #permutations_for

Constructor Details

#initialize(url, raw = {}) ⇒ Header

Returns a new instance of Header.

# File 'lib/arachni/element/header.rb', line 25

def initialize( url, raw = {} )
    super( url, raw )

    self.action    = @url
    self.method    = 'get'
    self.auditable = @raw

    @orig = self.auditable.dup
    @orig.freeze
end

Class Method Details

.decode(header) ⇒ Object

# File 'lib/arachni/element/header.rb', line 71

def self.decode( header )
    ::URI.decode( header )
end

.encode(header) ⇒ Object

# File 'lib/arachni/element/header.rb', line 64

def self.encode( header )
    ::URI.encode( header, "\r\n" )
end

Instance Method Details

#decode(header) ⇒ Object

# File 'lib/arachni/element/header.rb', line 74

def decode( header )
    self.class.decode( header )
end

#encode(header) ⇒ Object

# File 'lib/arachni/element/header.rb', line 67

def encode( header )
    self.class.encode( header )
end

#mutations(injection_str, opts = {}) ⇒ Object

# File 'lib/arachni/element/header.rb', line 40

def mutations( injection_str, opts = {} )
    flip = opts.delete( :param_flip )
    muts = super( injection_str, opts )

    if flip
        elem = self.dup

        # when under HPG mode element auditing is strictly regulated
        # and when we flip params we essentially create a new element
        # which won't be on the whitelist
        elem.override_instance_scope

        elem.altered = 'Parameter flip'
        elem.auditable = { injection_str => seed }
        muts << elem
    end

    muts
end

#simple ⇒ Object

# File 'lib/arachni/element/header.rb', line 36

def simple
    @auditable.dup
end

#type ⇒ Object

# File 'lib/arachni/element/header.rb', line 60

def type
    Arachni::Element::HEADER
end