Class: Arachni::URI::Scope
Overview
Determines the scope status of Arachni::URIs.
Direct Known Subclasses
Element::Capabilities::WithScope::Scope, HTTP::Message::Scope
Defined Under Namespace
Classes: Error
Instance Method Summary collapse
-
#auto_redundant?(update_counters = false) ⇒ Bool
true
if the URL is redundant based on OptionGroups::Scope#auto_redundant_paths,false
otherwise. -
#exclude? ⇒ Bool
true
if the URL matches any OptionGroups::Scope#exclude_path_patterns,false
otherwise. -
#exclude_file_extension? ⇒ Bool
true
if the resource extension is in OptionGroups::Scope#@exclude_file_extensions,false
otherwise. -
#follow_protocol? ⇒ Bool
true
if the protocol is within scope based on OptionGroups::Scope#https_only,false
otherwise. - #in? ⇒ Bool
-
#in_domain? ⇒ Bool
true
if self is in the same domain as Options#url,false
otherwise. -
#include? ⇒ Bool
true
if the URL matches any OptionGroups::Scope#include_path_patterns,false
otherwise. -
#initialize(url) ⇒ Scope
constructor
A new instance of Scope.
-
#out? ⇒ Bool
true
if the URL out of the scan scope,false
otherwise. -
#redundant?(update_counters = false) ⇒ Bool
true
if the URL is redundant,false
otherwise. -
#too_deep? ⇒ Bool
true
if the URL is deeper thandepth
,false
otherwise.
Methods inherited from Scope
Constructor Details
#initialize(url) ⇒ Scope
Returns a new instance of Scope.
26 27 28 |
# File 'lib/arachni/uri/scope.rb', line 26 def initialize( url ) @url = url end |
Instance Method Details
#auto_redundant?(update_counters = false) ⇒ Bool
Will decrease the redundancy counter.
Returns true
if the URL is redundant based on OptionGroups::Scope#auto_redundant_paths,
false
otherwise.
144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 |
# File 'lib/arachni/uri/scope.rb', line 144 def auto_redundant?( update_counters = false ) return false if !.auto_redundant? return false if (params = @url.query_parameters).empty? h = "#{@url.without_query}#{params.keys.sort}".hash if .auto_redundant_counter[h] >= .auto_redundant_paths return true end if update_counters .auto_redundant_counter[h] += 1 end false end |
#exclude? ⇒ Bool
Returns true
if the URL matches any OptionGroups::Scope#exclude_path_patterns,
false
otherwise.
45 46 47 48 49 50 51 |
# File 'lib/arachni/uri/scope.rb', line 45 def exclude? return true if exclude_file_extension? return false if .exclude_path_patterns.empty? s = @url.to_s !!.exclude_path_patterns.find { |pattern| s =~ pattern } end |
#exclude_file_extension? ⇒ Bool
Returns true
if the resource extension is in OptionGroups::Scope#@exclude_file_extensions,
false
otherwise.
58 59 60 61 62 63 |
# File 'lib/arachni/uri/scope.rb', line 58 def exclude_file_extension? .exclude_file_extensions.any? && .exclude_file_extensions.include?( @url.resource_extension.to_s.downcase ) end |
#follow_protocol? ⇒ Bool
Returns true
if the protocol is within scope based on
OptionGroups::Scope#https_only, false
otherwise.
94 95 96 97 98 99 100 101 102 103 104 105 106 107 |
# File 'lib/arachni/uri/scope.rb', line 94 def follow_protocol? return true if !Options.url check_scheme = @url.scheme return false if !check_scheme ref_scheme = Options.parsed_url.scheme return true if ref_scheme != 'https' return true if ref_scheme == check_scheme !.https_only? end |
#in? ⇒ Bool
164 165 166 |
# File 'lib/arachni/uri/scope.rb', line 164 def in? !out? end |
#in_domain? ⇒ Bool
Returns true
if self is in the same domain as Options#url, false
otherwise.
81 82 83 84 85 86 87 |
# File 'lib/arachni/uri/scope.rb', line 81 def in_domain? return true if !Options.url .include_subdomains ? Options.parsed_url.domain == @url.domain : Options.parsed_url.host == @url.host end |
#include? ⇒ Bool
Returns true
if the URL matches any OptionGroups::Scope#include_path_patterns,
false
otherwise.
70 71 72 73 74 75 |
# File 'lib/arachni/uri/scope.rb', line 70 def include? rules = .include_path_patterns return true if rules.empty? !!rules.find { |pattern| @url.to_s =~ pattern } end |
#out? ⇒ Bool
Does not call #redundant?.
Returns true
if the URL out of the scan scope, false
otherwise. The determination is based on:
179 180 181 182 183 184 185 186 187 |
# File 'lib/arachni/uri/scope.rb', line 179 def out? return true if !follow_protocol? return true if !in_domain? return true if too_deep? return true if !include? return true if exclude? false end |
#redundant?(update_counters = false) ⇒ Bool
Will decrease the redundancy counter.
Will first check with #auto_redundant?.
Returns true
if the URL is redundant, false
otherwise.
119 120 121 122 123 124 125 126 127 128 129 130 131 132 |
# File 'lib/arachni/uri/scope.rb', line 119 def redundant?( update_counters = false ) return true if auto_redundant?( update_counters ) url_string = @url.to_s .redundant_path_patterns.each do |regexp, count| next if !(url_string =~ regexp) return true if count == 0 next if !update_counters .redundant_path_patterns[regexp] -= 1 end false end |
#too_deep? ⇒ Bool
Returns true
if the URL is deeper than depth
, false
otherwise.
34 35 36 37 |
# File 'lib/arachni/uri/scope.rb', line 34 def too_deep? depth = .directory_depth_limit depth.to_i > 0 && (depth + 1) <= @url.path.to_s.count( '/' ) end |