def analyze_cors_security(self, url):
"""
Send forged HTTP requests in order to test target application behavior.
"""
origin_list = [
self.origin_header_value,
]
# TODO: Does it make any sense to add these Origins? If so, how will it
# affect our tests? And which vulnerabilities are we going to
# detect with them?
# origin_list.append("http://www.google.com/")
# origin_list.append("null")
# origin_list.append("*")
# origin_list.append("")
# origin_list.append( url.url_string )
# Perform check(s)
for origin in origin_list:
# Build request
forged_req = build_cors_request(url, origin)
# Send forged request and retrieve response information
response = self._uri_opener.send_mutant(forged_req)
allow_origin = retrieve_cors_header(response, ACAO)
allow_credentials = retrieve_cors_header(response, ACAC)
allow_methods = retrieve_cors_header(response, ACAM)
self._analyze_server_response(forged_req, url, origin, response,
allow_origin, allow_credentials,
allow_methods)
def analyze_cors_security(self, url):
"""
Send forged HTTP requests in order to test target application behavior.
"""
origin_list = [self.origin_header_value, ]
# TODO: Does it make any sense to add these Origins? If so, how will it
# affect our tests? And which vulnerabilities are we going to
# detect with them?
#origin_list.append("http://www.google.com/")
#origin_list.append("null")
#origin_list.append("*")
#origin_list.append("")
#origin_list.append( url.url_string )
# Perform check(s)
for origin in origin_list:
# Build request
forged_req = build_cors_request(url, origin)
# Send forged request and retrieve response information
response = self._uri_opener.send_mutant(forged_req)
allow_origin = retrieve_cors_header(response, ACAO)
allow_credentials = retrieve_cors_header(response, ACAC)
allow_methods = retrieve_cors_header(response, ACAM)
self._analyze_server_response(forged_req, url, origin, response,
allow_origin, allow_credentials,
allow_methods)
def test_build_cors_request_false(self):
url = URL('http://moth/')
fr = build_cors_request(url, None)
self.assertEquals(fr.get_url(), url)
self.assertEquals(fr.get_method(), 'GET')
self.assertEquals(fr.get_headers(), Headers())
def test_build_cors_request_false(self):
url = URL('http://moth/')
fr = build_cors_request(url, None)
self.assertEquals(fr.get_url(), url)
self.assertEquals(fr.get_method(), 'GET')
self.assertEquals(fr.get_headers(), Headers())
def test_build_cors_request_true(self):
url = URL('http://moth/')
fr = build_cors_request(url, 'http://foo.com/')
self.assertEquals(fr.get_url(), url)
self.assertEquals(fr.get_method(), 'GET')
self.assertEquals(fr.get_headers(), {'Origin': 'http://foo.com/'})
def test_build_cors_request_true(self):
url = URL('http://moth/')
fr = build_cors_request(url, 'http://foo.com/')
self.assertEquals(fr.get_url(), url)
self.assertEquals(fr.get_method(), 'GET')
self.assertEquals(fr.get_headers(), {'Origin': 'http://foo.com/'})
