Class: Arachni::Parser::Extractors::Scripts

Inherits:

Base

• Object
• Base
• Arachni::Parser::Extractors::Scripts

Defined in:

components/path_extractors/scripts.rb

Overview

Extracts paths from script HTML elements. Both from src and the text inside the scripts.

Author:

• Tasos "Zapotek" Laskos tasos.laskos@arachni-scanner.com

Instance Attribute Summary

Attributes inherited from Base

#downcased_html, #html, #parser

Instance Method Summary

• #from_text(text) ⇒ Object
• #run ⇒ Object

Methods inherited from Base

#check_for?, #document, #initialize

Constructor Details

This class inherits a constructor from Arachni::Parser::Extractors::Base

Instance Method Details

#from_text(text) ⇒ Object

# File 'components/path_extractors/scripts.rb', line 23

def from_text( text )
    text.scan( /[\/a-zA-Z0-9%._-]+/ ).
        select do |s|
        # String looks like a path, but don't get fooled by comments.
        s.include?( '.' ) && s.include?( '/' )  &&
            !s.include?( '*' ) && !s.start_with?( '//' ) &&

            # Require absolute paths, otherwise we may get caught in
            # a loop, this context isn't the most reliable for extracting
            # real paths.
            s.start_with?( '/' )
    end
end

#run ⇒ Object

# File 'components/path_extractors/scripts.rb', line 15

def run
    return [] if !check_for?( 'script' )

    document.nodes_by_name( 'script' ).map do |s|
        [s['src']].flatten.compact | from_text( s.text.to_s )
    end
end