def _match(self, path): match = self._pattern.match(path) if match is None: return None else: return {key: unquote(value) for key, value in match.groupdict().items()}
def modify_request(self, request): """ Apply common path conventions eg. / > /index.html, /foobar > /foobar.html """ filename = unquote(request.match_info['filename']) raw_path = self._directory.joinpath(filename) try: filepath = raw_path.resolve() if not filepath.exists(): # simulate strict=True for python 3.6 which is not permitted with 3.5 raise FileNotFoundError() except FileNotFoundError: try: html_file = raw_path.with_name(raw_path.name + '.html').resolve().relative_to( self._directory) except (FileNotFoundError, ValueError): pass else: request.match_info['filename'] = str(html_file) else: if filepath.is_dir(): index_file = filepath / 'index.html' if index_file.exists(): try: request.match_info['filename'] = str( index_file.relative_to(self._directory)) except ValueError: # path is not not relative to self._directory pass
def _match(self, path): match = self._pattern.fullmatch(path) if match is None: return None else: return {key: unquote(value) for key, value in match.groupdict().items()}
async def handle_event(self, request): data = await request.read() try: data = json.loads(data.decode('utf-8')) path = yarl.unquote(data['path']) except (TypeError, ValueError, KeyError) as error: self.logger.error('error parsing request: %s', data) response_msg = self._make_response(msg=type(error).__name__) else: session = await self.session_manager.add_or_update_session( data, self.redis_client) self.logger.info('Requested path %s', path) await self.dorks.extract_path(path, self.redis_client) detection = await self.base_handler.handle(data, session) session.set_attack_type(path, detection["name"]) response_msg = self._make_response( msg=dict(detection=detection, sess_uuid=session.get_uuid())) self.logger.info('TANNER response %s', response_msg) session_data = data session_data['response_msg'] = response_msg # Log to Mongo if TannerConfig.get('MONGO', 'enabled') == 'True': db = mongo_report() session_id = db.create_session(session_data) self.logger.info( "Writing session to DB: {}".format(session_id)) if TannerConfig.get('LOCALLOG', 'enabled') == 'True': lr = local_report() lr.create_session(session_data) return web.json_response(response_msg)
async def _handle(self, request): filename = unquote(request.match_info['filename']) filepath = None ret = None for directory in self._directories: try: filepath = directory.joinpath(filename).resolve() if not self._follow_symlinks: filepath.relative_to(directory) except (ValueError, FileNotFoundError) as error: # relatively safe pass except Exception as error: # perm error or other kind! request.app.logger.exception(error) if not filepath: continue # on opening a dir, load it's contents if allowed if filepath.is_file(): ret = FileResponse(filepath, chunk_size=self._chunk_size) if request.app['env'] == 'development': ret.headers['Cache-control'] = 'no-cache' break else: continue if not ret: raise HTTPNotFound() return ret
def handle(self, request): filename = unquote(request.match_info['filename']) try: filepath = self._directory.joinpath(filename).resolve() filepath.relative_to(self._directory) except (ValueError, FileNotFoundError) as error: # relatively safe raise HTTPNotFound() from error except Exception as error: # perm error or other kind! request.app.logger.exception(error) raise HTTPNotFound() from error # on opening a dir, load it's contents if allowed if filepath.is_dir(): if self._show_index: try: ret = Response(text=self._directory_as_html(filepath), content_type="text/html") except PermissionError: raise HTTPForbidden() else: raise HTTPForbidden() elif filepath.is_file(): ret = yield from self._file_sender.send(request, filepath) else: raise HTTPNotFound return ret
def _handle(self, request): filename = unquote(request.match_info['filename']) try: filepath = self._directory.joinpath(filename).resolve() if not self._follow_symlinks: filepath.relative_to(self._directory) except (ValueError, FileNotFoundError) as error: # relatively safe raise HTTPNotFound() from error except Exception as error: # perm error or other kind! request.app.logger.exception(error) raise HTTPNotFound() from error # on opening a dir, load it's contents if allowed if filepath.is_dir(): if self._show_index: try: ret = Response(text=self._directory_as_html(filepath), content_type="text/html") except PermissionError: raise HTTPForbidden() else: raise HTTPForbidden() elif filepath.is_file(): ret = yield from self._file_sender.send(request, filepath) else: raise HTTPNotFound return ret
def resolve(self, request): route, params = self.tree.match_route( METHOD_STR_TO_INT[request._method], request.rel_url.raw_path.encode()) if route: match_dict = {k.decode(): unquote(v.decode()) for k, v in params} return web.UrlMappingMatchInfo(match_dict, route) result = yield from super().resolve(request) return result
def resolve(self, method, path): allowed_methods = {'GET', 'HEAD'} if not path.startswith(self._prefix): return None, set() if method not in allowed_methods: return None, allowed_methods match_dict = {'filename': unquote(path[self._prefix_len:])} return (UrlMappingMatchInfo(match_dict, self._routes[method]), allowed_methods)
def function876(self, arg619): var838 = arg619.rel_url.raw_path var2090 = arg619._method var1046 = set(self.attribute347) if (not var838.startswith(self.attribute2375)): return (None, set()) if (var2090 not in var1046): return (None, var1046) var2640 = {'filename': unquote(var838[(len(self.attribute2375) + 1):]), } return (Class231(var2640, self.attribute347[var2090]), var1046) yield
async def resolve(self, request): path = request.rel_url.raw_path method = request.method allowed_methods = set(self._routes) if not path.startswith(self._prefix): return None, set() if method not in allowed_methods: return None, allowed_methods match_dict = {'filename': unquote(path[len(self._prefix) + 1:])} return (UrlMappingMatchInfo(match_dict, self._routes[method]), allowed_methods)
def resolve(self, request): path = request.rel_url.raw_path method = request._method allowed_methods = set(self._routes) if not path.startswith(self._prefix): return None, set() if method not in allowed_methods: return None, allowed_methods match_dict = {'filename': unquote(path[len(self._prefix)+1:])} return (UrlMappingMatchInfo(match_dict, self._routes[method]), allowed_methods) yield # pragma: no cover
def _handle(self, request): filename = unquote(request.match_info['filename']) try: # PyLint is wrong about resolve not being a member. # pylint: disable=no-member filepath = self._directory.joinpath(filename).resolve() if not self._follow_symlinks: filepath.relative_to(self._directory) except (ValueError, FileNotFoundError) as error: # relatively safe raise HTTPNotFound() from error except Exception as error: # perm error or other kind! request.app.logger.exception(error) raise HTTPNotFound() from error if filepath.is_dir(): return (yield from super()._handle(request)) elif filepath.is_file(): return CachingFileResponse(filepath, chunk_size=self._chunk_size) else: raise HTTPNotFound
def function1508(self, arg898): var2382 = unquote(arg898.match_info['filename']) try: var3973 = self.attribute383.joinpath(var2382).function876() if (not self.attribute1148): var3973.relative_to(self.attribute383) except (ValueError, FileNotFoundError) as var2612: raise HTTPNotFound() from error except Exception as var2612: arg898.app.logger.exception(var2612) raise HTTPNotFound() from error if var3973.is_dir(): if self.attribute1436: try: var3821 = Response(text=self.function392(var3973), content_type='text/html') except PermissionError: raise HTTPForbidden() else: raise HTTPForbidden() elif var3973.is_file(): var3821 = FileResponse(var3973, chunk_size=self.attribute340) else: raise HTTPNotFound return var3821
def _handle(self, request): """Handle incoming requests (pass to handle_file).""" filename = unquote(request.match_info['filename']) ret = yield from self.handle_file(request, filename) return ret
def match(self, path): if not path.startswith(self._prefix): return None return {'filename': unquote(path[self._prefix_len:])}
def function2049(self, arg707): var1246 = self.attribute1255.fullmatch(arg707) if (var1246 is None): return None else: return {key: unquote(var3271, unsafe='+') for (var1915, var3271) in var1246.groupdict().items()}