Python NaxsiWhitelist Exemples, spike.model.naxsi_whitelist.NaxsiWhitelist Python Exemples

Exemple #1

0

Afficher le fichier

Fichier : whitelists.py Projet : xianlimei/spike

def new():
    if request.method == "GET":
        _whitelistesets = NaxsiWhitelistSets.query.all()
        return render_template('whitelists/new.html', matchzones=naxsi_mz, whitelistsets=_whitelistesets)

    logging.debug('Posted new request: %s', request.form)

    mz = request.form.getlist("mz") + request.form.getlist("custom_mz_val")
    wid = request.form.get('wl', '')
    whitelistset = request.form.get("whitelistset", '')

    if not wid:
        flash('Please enter a wl', category='error')
        return render_template('whitelists/new.html')
    elif not whitelistset:
        flash('Please enter a whitelistset', category='error')
        return render_template('whitelists/new.html')

    wlist = NaxsiWhitelist(wl=wid, timestamp=int(time()),
                           whitelistset=whitelistset, mz=mz, active=1,
                           negative=request.form.get("negative", "") == 'checked')
    errors, warnings = wlist.validate()

    if errors:
        flash(",".join(errors), 'error')
        return redirect(url_for('whitelists.new'))
    elif warnings:
        flash(",".join(warnings), 'warning')

    wlist.mz = '|'.join(wlist.mz)
    db.session.add(wlist)
    db.session.commit()

    return render_template('whitelists/index.html')

Exemple #2

0

Afficher le fichier

def new():
    if request.method == "GET":
        _whitelistesets = NaxsiWhitelistSets.query.all()
        return render_template('whitelists/new.html', matchzones=naxsi_mz, whitelistsets=_whitelistesets)

    logging.debug('Posted new request: %s', request.form)

    mz = request.form.getlist("mz") + request.form.getlist("custom_mz_val")
    wid = request.form.get('wl', '')
    whitelistset = request.form.get("whitelistset", '')

    if not wid:
        flash('Please enter a wl', category='error')
        return render_template('whitelists/new.html')
    elif not whitelistset:
        flash('Please enter a whitelistset', category='error')
        return render_template('whitelists/new.html')

    wlist = NaxsiWhitelist(wl=wid, timestamp=int(time()),
                           whitelistset=whitelistset, mz=mz, active=1,
                           negative=request.form.get("negative", "") == 'checked')
    errors, warnings = wlist.validate()

    if errors:
        flash(",".join(errors), 'error')
        return redirect(url_for('whitelists.new'))
    elif warnings:
        flash(",".join(warnings), 'warning')

    wlist.mz = '|'.join(wlist.mz)
    db.session.add(wlist)
    db.session.commit()

    return render_template('whitelists/index.html')

Exemple #3

0

Afficher le fichier

Fichier : sandbox.py Projet : query67/spike

def explain_whitelist():
    whitelist_get = request.args.get('whitelist', '')
    whitelist_post = request.form.get('whitelist', '')
    if whitelist_get.isdigit():  # explain a whitelist by id
        _wl = NaxsiWhitelist.query.filter(NaxsiWhitelist.id == whitelist_get).first()
        if _wl is None:
            flash('Not rule with id %s' % whitelist_get)
            return redirect(url_for("sandbox.index"))
    elif whitelist_get is not '':
        flash('Please provide a numeric id')
        return redirect(url_for("sandbox.index"))
    elif not whitelist_post:
        flash('Please provide a whitelist')
        return redirect(url_for("sandbox.index"))
    else:
        _wl = NaxsiWhitelist()
        errors, warnings, rdict = _wl.parse(whitelist_post)
        _wl = NaxsiWhitelist()
        _wl.from_dict(rdict)
        _wl.errors = errors
        _wl.warnings = warnings

    if _wl.errors:
        for error in _wl.errors:
            flash(error, category='error')
            return render_template("misc/sandbox.html", whitelist=_wl)
    if _wl.warnings:
        for warnings in _wl.warnings:
            flash(warnings, category='warning')

    return render_template("misc/sandbox.html", whitelist_explaination=_wl.explain(), whitelist=_wl)

Exemple #4

0

Afficher le fichier

Fichier : sandbox.py Projet : xianlimei/spike

def explain_whitelist():
    whitelist_get = request.args.get("whitelist", "")
    whitelist_post = request.form.get("whitelist", "")
    if whitelist_get.isdigit():  # explain a whitelist by id
        _wl = NaxsiWhitelist.query.filter(NaxsiWhitelist.id == whitelist_get).first()
        if _wl is None:
            flash("Not rule with id %s" % whitelist_get)
            return redirect(url_for("sandbox.index"))
    elif whitelist_get is not "":
        flash("Please provide a numeric id")
        return redirect(url_for("sandbox.index"))
    elif not whitelist_post:
        flash("Please provide a whitelist")
        return redirect(url_for("sandbox.index"))
    else:
        _wl = NaxsiWhitelist()
        errors, warnings, rdict = _wl.parse(whitelist_post)
        _wl = NaxsiWhitelist()
        _wl.from_dict(rdict)
        _wl.errors = errors
        _wl.warnings = warnings

    if _wl.errors:
        for error in _wl.errors:
            flash(error, category="error")
            return render_template("misc/sandbox.html", whitelist=_wl)
    if _wl.warnings:
        for warnings in _wl.warnings:
            flash(warnings, category="warning")

    return render_template("misc/sandbox.html", whitelist_explaination=_wl.explain(), whitelist=_wl)

Exemple #5

0

Afficher le fichier

Fichier : test_whitelists.py Projet : ncmd/spike

 def __create_whitelist():
     _wlist = NaxsiWhitelist(wl='wl:42',
                             timestamp=int(time()),
                             whitelistset='WORDPRESS',
                             mz='BODY',
                             active=1,
                             negative=False)
     db.session.add(_wlist)
     db.session.commit()
     return NaxsiWhitelist.query.order_by(
         NaxsiWhitelist.id.desc()).first().id

Exemple #6

0

Afficher le fichier

Fichier : test_whitelists.py Projet : ncmd/spike

    def test_del(self):
        wlist = NaxsiWhitelist(wl='wl:42',
                               timestamp=int(time()),
                               whitelistset='WORDPRESS',
                               mz='BODY',
                               active=1,
                               negative=False)
        db.session.add(wlist)
        db.session.commit()
        _id = NaxsiWhitelist.query.order_by(
            NaxsiWhitelist.id.desc()).first().id

        rv = self.app.get('/whitelists/del/%d' % (_id + 1))
        self.assertEqual(302, rv.status_code)

        rv = self.app.get('/whitelists/del/%d' % _id, follow_redirects=True)
        self.assertIn('Successfully deleted %d' % _id, str(rv.data))