예제 #1
0
 async def test_full_matches_only(self):
     limiter = RedirectLimiter(sequence_matching=False)
     await limiter.after_headers(
         redirect("http://example.com/foobar",
                  redirect_to="http://example.com/foobar/1404"))
     await limiter.after_headers(
         redirect("http://example.com/foobar",
                  redirect_to="http://example.com/foobar/4041"))
예제 #2
0
파일: config.py 프로젝트: ouaibe/tachyon 
def setup_hammertime_heuristics(hammertime,
                                *,
                                user_agent=default_user_agent,
                                vhost=None,
                                confirmation_factor=1,
                                har_output_dir=None):
    global heuristics_with_child
    dead_host_detection = DeadHostDetection(threshold=200)
    detect_soft_404 = DetectSoft404(distance_threshold=6,
                                    confirmation_factor=confirmation_factor)
    follow_redirects = FollowRedirects()
    heuristics_with_child = [
        RejectCatchAllRedirect(), follow_redirects,
        RejectIgnoredQuery()
    ]
    hosts = (vhost,
             conf.target_host) if vhost is not None else conf.target_host

    init_heuristics = [
        SetHeader("User-Agent", user_agent),
        SetHeader("Host", vhost if vhost is not None else conf.target_host),
        ContentHashSampling(),
        ContentSampling(),
        ContentSimhashSampling(), dead_host_detection,
        RejectStatusCode({503, 508}, exception_class=StopRequest),
        StripTag('input'),
        StripTag('script')
    ]

    global_heuristics = [
        RejectStatusCode({404, 406, 502}),
        RejectWebApplicationFirewall(),
        DynamicTimeout(1.0, 5),
        RedirectLimiter(),
        FilterRequestFromURL(allowed_urls=hosts),
        IgnoreLargeBody(initial_limit=initial_limit)
    ]

    # Dead host detection must be first to make sure there is no skipped after_headers
    hammertime.heuristics.add_multiple(init_heuristics)

    # General
    hammertime.heuristics.add_multiple(global_heuristics)
    hammertime.heuristics.add_multiple(heuristics_with_child)
    hammertime.heuristics.add_multiple([
        detect_soft_404,
        MatchString(),
        ValidateEntry(),
        DetectBehaviorChange(buffer_size=100),
        LogBehaviorChange(),
        ValidateEntry(),
    ])
    detect_soft_404.child_heuristics.add_multiple(init_heuristics)
    detect_soft_404.child_heuristics.add_multiple(heuristics_with_child)

    for heuristic in heuristics_with_child:
        heuristic.child_heuristics.add_multiple(init_heuristics)
        heuristic.child_heuristics.add_multiple(global_heuristics)

    if har_output_dir is not None:
        from tachyon.har import StoreHAR, FileWriter
        hammertime.heuristics.add(StoreHAR(writer=FileWriter(har_output_dir)))
예제 #3
0
 async def test_with_relative_paths(self):
     limiter = RedirectLimiter()
     await limiter.after_headers(
         redirect("http://example.com/foobar", redirect_to="foobar/"))
     await limiter.after_headers(
         redirect("http://example.com/foobar", redirect_to="/foobar/"))
예제 #4
0
 async def test_accept_similar_paths(self):
     limiter = RedirectLimiter()
     await limiter.after_headers(
         redirect("http://example.com/foobar",
                  redirect_to="http://example.com/foobar/"))
예제 #5
0
 async def test_reject_wildely_different_paths(self):
     limiter = RedirectLimiter()
     with self.assertRaises(RejectRequest):
         await limiter.after_headers(
             redirect("http://example.com/foobar",
                      redirect_to="http://example.com/hello-world"))
예제 #6
0
 async def test_obvious_redirect_to_not_found(self):
     limiter = RedirectLimiter(sequence_matching=False)
     with self.assertRaises(RejectRequest):
         entry = redirect("http://example.com/foobar",
                          redirect_to="http://example.com/not-found")
         await limiter.after_headers(entry)