def generate_trigger_urls(app):
for name, triggers in TRIGGER_MAP.items():
for trigger in triggers:
view_name = get_trigger_name(name, trigger)
view_func = get_trigger_view(name, trigger)
app.route(view_name, ["GET", "POST"], callback=view_func)
def _get_trigger_info(environ):
"""
This method is essentially the router for this application. It gets
the vulnerability name and trigger function from the request path.
These two values are returned in a 2-tuple.
If we find an invalid path, raise a NotFound exception.
If we find a vulnerability name homepage, such as /vulnpy/cmdi/, the
second element of the return value will be None.
"""
path_components = [s for s in environ["PATH_INFO"].split("/") if s != ""]
if (
len(path_components) < 1
or len(path_components) > 3
or path_components[0] != "vulnpy"
):
raise NotFound()
if len(path_components) == 1:
return "home", None
name = path_components[1]
if name not in TRIGGER_MAP:
raise NotFound()
# we need to do this to avoid path traversal during template resolution
sanitized_name = [s for s in TRIGGER_MAP.keys() if s == name][0]
if len(path_components) == 2:
return sanitized_name, None
return sanitized_name, _get_trigger_func(sanitized_name, path_components[2])
def generate_trigger_urls(config):
for name, triggers in TRIGGER_MAP.items():
for trigger in triggers:
view_name = get_trigger_name(name, trigger)
view_pattern = get_trigger_pattern(name, trigger)
view_func = get_trigger_view(name, trigger)
_add_route(config, view_name, view_pattern, view_func)
def generate_trigger_urls(app):
for name, triggers in TRIGGER_MAP.items():
for trigger in triggers:
view_name = get_trigger_name(name, trigger)
view_cls = get_trigger_view(name, trigger)
app.add_route(view_name, view_cls())
def _make_trigger_list():
arglist = []
for vuln_name, trigger_names in TRIGGER_MAP.items():
if not trigger_names:
continue
for trigger in trigger_names:
arglist.append((vuln_name, trigger))
return arglist
def generate_trigger_urls():
trigger_urls = []
for name, triggers in TRIGGER_MAP.items():
for trigger in triggers:
view_name = get_trigger_name(name, trigger)
view_func = get_trigger_view(name, trigger)
trigger_urls.append(compat_url(view_name, view_func))
return trigger_urls
def generate_trigger_urls():
for name, triggers in TRIGGER_MAP.items():
for trigger in triggers:
get_trigger_view(name, trigger)