def processProxyMessage(self,messageIsRequest,message): request_http_service=message.getMessageInfo().getHttpService() request_byte_array=message.getMessageInfo().getRequest() request_object=self._helpers.analyzeRequest(request_http_service, request_byte_array) #Extract hostname from header hostname=webcommon.get_host_header_from_request(self,request_object) #Check if the URL is NOT in scope. We want to look at referers for the requests that are made to OTHER domains. if (hostname) and (hostname[1] not in urls_in_scope): #Extract referer from header referer=webcommon.get_referer_header_from_request(self,request_object) if referer: t1=referer[1].split('/') if t1[2] in urls_in_scope: print referer[1]
def detect_valid_referer(self,messageIsRequest,message): #Only process requests as that's where the valid Referer should be request_http_service=message.getMessageInfo().getHttpService() request_byte_array=message.getMessageInfo().getRequest() requestInfo=self._helpers.analyzeRequest(request_http_service, request_byte_array) request_url=requestInfo.getUrl() if messageIsRequest: #Extract hostname from header hostname=webcommon.get_host_header_from_request(self,requestInfo) #Check if the URL is in scope. This is to eliminate stray traffic. if hostname and hostname[1] in urls_in_scope: #Extract referer. If it's not a referer from the same site - print it out and let the engineer decide if it is unsafe. referer=webcommon.get_referer_header_from_request(self,requestInfo) if not referer[1].startswith(referer_header_value): print str(request_url)+'\t\t'+str(referer[1])