def test_str(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) str_dc = str(dc) self.assertEqual(str_dc, 'a=1&b=2&b=3') self.assertIsInstance(str_dc, str) dc = KeyValueContainer([(u'aaa', [''])]) self.assertEqual(str(dc), 'aaa=') dc = KeyValueContainer([(u'aaa', ('', ''))]) self.assertEqual(str(dc), 'aaa=&aaa=')
def test_iter_bound_tokens(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) dcc_tokens = [(dcc, t) for dcc, t in dc.iter_bound_tokens()] EXPECTED_TOKENS = [('a', '1'), ('b', '2'), ('b', '3')] token_data = [(t.get_name(), t.get_value()) for dcc, t in dcc_tokens] self.assertEqual(EXPECTED_TOKENS, token_data) for dcc, _ in dcc_tokens: self.assertIsInstance(dcc, KeyValueContainer) self.assertEquals(dcc, dc) self.assertEqual(str(dcc), 'a=1&b=2&b=3') only_dcc = [dcc for dcc, t in dcc_tokens] dcc = only_dcc[0] token = dcc.get_token() token.set_value('5') self.assertEqual(str(dcc), 'a=5&b=2&b=3') dcc = only_dcc[1] token = dcc.get_token() token.set_value('5') self.assertEqual(str(dcc), 'a=1&b=5&b=3') dcc = only_dcc[2] token = dcc.get_token() token.set_value('5') self.assertEqual(str(dcc), 'a=1&b=2&b=5')
def test_iter_tokens(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) tokens = [t for t in dc.iter_tokens()] EXPECTED_TOKENS = [('a', '1'), ('b', '2'), ('b', '3')] token_data = [(t.get_name(), t.get_value()) for t in tokens] self.assertEqual(EXPECTED_TOKENS, token_data)
def test_get_short_printable_repr_unicode_value_unicode(self): dc = KeyValueContainer([(u'aéb', [u'céd']), (u'b', ['2', '3'])]) dc.MAX_PRINTABLE = 7 token = DataToken(u'aéb', u'céd', (u'aéb', 0)) dc.set_token(token) self.assertEqual(dc.get_short_printable_repr(), '...a.b=c.d...')
def test_get_short_printable_repr_unicode_value(self): dc = KeyValueContainer([(u'a', ['x']), (u'b', ['2', '3'])]) dc.MAX_PRINTABLE = 5 token = DataToken('a', 'é', ('a', 0)) dc.set_token(token) self.assertEqual(dc.get_short_printable_repr(), '...a=....')
def __init__(self, uri, method='GET', headers=None, cookie=None, post_data=None): super(FuzzableRequest, self).__init__() # Note: Do not check for the URI/Headers type here, since I'm doing it # in set_uri() and set_headers() already. if cookie is not None and not isinstance(cookie, Cookie): raise TypeError(TYPE_ERROR % ('cookie', 'Cookie')) if post_data is not None and not isinstance(post_data, DataContainer): raise TypeError(TYPE_ERROR % ('post_data', 'DataContainer')) # Internal variables self._method = method self._cookie = Cookie() if cookie is None else cookie self._post_data = KeyValueContainer( ) if post_data is None else post_data # Set the headers self._headers = None pheaders = Headers() if headers is None else headers self.set_headers(pheaders) # Set the URL self._uri = None self._url = None self.set_uri(uri) # Set the internal variables self._sent_info_comp = None
def test_get_short_printable_repr_token_obj(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) token = DataToken('a', '1', ('a', 0)) dc.set_token(token) self.assertIsNotNone(dc.get_token()) self.assertEqual(dc.get_short_printable_repr(), 'a=1&b=2&b=3')
def test_double_data_token_wrap(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['c', '3'])]) dc.set_token(('b', 1)) for dcc, token in dc.iter_bound_tokens(): self.assertIsInstance(token, DataToken) self.assertIsInstance(token.get_value(), basestring)
def get_fuzzable_request(self): headers = Headers([(u'Hello', u'World')]) post_data = KeyValueContainer(init_val=[('a', ['b'])]) url = URL('http://w3af.org') return FuzzableRequest(url, method='GET', post_data=post_data, headers=headers)
def test_get_short_printable_repr_token_obj_reduce_printable(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) dc.MAX_PRINTABLE = 5 token = DataToken('a', '1', ('a', 0)) dc.set_token(token) self.assertIsNotNone(dc.get_token()) self.assertEqual(dc.get_short_printable_repr(), '...a=1...')
def test_clean_form_fuzzable_request(self): fr = FuzzableRequest(URL("http://www.w3af.com/"), headers=Headers([('Host', 'www.w3af.com')]), method='POST', post_data=KeyValueContainer(init_val=[('data', ['23'])])) expected = u'(POST)-http://www.w3af.com/!data=number' self.assertEqual(clean_fuzzable_request(fr), expected)
def test_basic(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) self.assertIn('a', dc) self.assertIn('b', dc) self.assertEqual(dc['a'], ['1']) self.assertEqual(dc['b'], ['2', '3'])
def test_export_import_with_post_data(self): dc = KeyValueContainer(init_val=[('a', ['1'])]) fr = FuzzableRequest(URL("http://www.w3af.com/"), post_data=dc) self.assertEqual(fr.to_csv(), '"GET","http://www.w3af.com/","a=1"') raise SkipTest('Failing because we do NOT export headers') imported_fr = fr.from_csv(fr.to_csv()) self.assertEqual(imported_fr, fr)
def test_copy_with_token(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) dc.set_token(('a', 0)) dc_copy = copy.deepcopy(dc) self.assertEqual(dc.get_token(), dc_copy.get_token()) self.assertIsNotNone(dc.get_token()) self.assertIsNotNone(dc_copy.get_token())
def create_simple_fuzzable_request(unique_id): unique_id = str(unique_id) url = URL('http://w3af.com/') headers = Headers([(u'Hello', u'World')]) post_data = KeyValueContainer(init_val=[('a', [unique_id])]) return FuzzableRequest(url, method='GET', post_data=post_data, headers=headers)
def test_set_token_using_data_token(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) token = DataToken('a', '1', ('a', 0)) set_token = dc.set_token(token) self.assertEqual(dc.get_token().get_name(), 'a') self.assertEqual(dc.get_token().get_value(), '1') self.assertEqual(dc.get_token().get_path(), ('a', 0)) self.assertIs(dc.get_token(), token) self.assertIs(set_token, token)
def test_dump_case02(self): expected = u'\r\n'.join([u'GET http://w3af.com/a/b/c.php HTTP/1.1', u'Hola: Múndo', u'', u'a=b']) headers = Headers([(u'Hola', u'Múndo')]) post_data = KeyValueContainer(init_val=[('a', ['b'])]) fr = FuzzableRequest(self.url, method='GET', post_data=post_data, headers=headers) self.assertEqual(fr.dump(), expected.encode('utf-8'))
def test_dump_case03(self): header_value = ''.join(chr(i) for i in xrange(256)) expected = u'\r\n'.join([u'GET http://w3af.com/a/b/c.php HTTP/1.1', u'Hola: %s' % smart_unicode(header_value), u'', u'a=b']) headers = Headers([(u'Hola', header_value)]) post_data = KeyValueContainer(init_val=[('a', ['b'])]) fr = FuzzableRequest(self.url, method='GET', post_data=post_data, headers=headers) self.assertEqual(fr.dump(), expected)
def test_dump_mangle(self): fr = FuzzableRequest(URL('http://www.w3af.com/'), headers=Headers([('Host', 'www.w3af.com')])) expected = u'\r\n'.join([ u'GET http://www.w3af.com/ HTTP/1.1', u'Host: www.w3af.com', u'', u'' ]) self.assertEqual(fr.dump(), expected) fr.set_method('POST') fr.set_data(KeyValueContainer(init_val=[('data', ['23'])])) expected = u'\r\n'.join([ u'POST http://www.w3af.com/ HTTP/1.1', u'Host: www.w3af.com', u'', u'data=23' ]) self.assertEqual(fr.dump(), expected)
def test_iter_setters(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) kv_setter = [(k, v, p, s) for (k, v, p, s) in dc.iter_setters()] EXPECTED_KEY_VALUES = [('a', '1', ('a', 0)), ('b', '2', ('b', 0)), ('b', '3', ('b', 1))] kvp = [(key, value, path) for (key, value, path, _) in kv_setter] self.assertEqual(EXPECTED_KEY_VALUES, kvp) for idx, (key, value, path, setter) in enumerate(kv_setter): if idx == 2: setter('w') self.assertEqual(str(dc), 'a=1&b=2&b=w') SET_VALUES = ['x', 'y', 'z'] for idx, (key, value, path, setter) in enumerate(kv_setter): setter(SET_VALUES[idx]) self.assertEqual(str(dc), 'a=x&b=y&b=z')
def test_unicode(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', u'3'])]) udc = unicode(dc) self.assertEqual(udc, u'a=1&b=2&b=3') self.assertIsInstance(udc, unicode)
def test_get_short_printable_repr_no_token(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) self.assertEqual(dc.get_short_printable_repr(), 'a=1&b=2&b=3')
def test_export_import_with_post_data(self): dc = KeyValueContainer(init_val=[('a', ['1'])]) fr = FuzzableRequest(URL('http://www.w3af.com/'), post_data=dc) imported_fr = FuzzableRequest.from_base64(fr.to_base64()) self.assertEqual(imported_fr, fr)
def test_is_variant_of_eq_keys_neq_value_types(self): dc1 = KeyValueContainer([(u'a', ['1']), (u'b', ['c', '3'])]) dc2 = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) self.assertFalse(dc1.is_variant_of(dc2))
def test_set_token(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['2', '3'])]) token = dc.set_token(('a', 0)) self.assertEqual(token.get_name(), 'a') self.assertEqual(token, dc['a'][0])
def test_str_special_chars(self): dc = KeyValueContainer([(u'a', ['1']), (u'u', [u'Ú-ú-Ü-ü'])], 'latin1') decoded_str = urllib.unquote(str(dc)).decode('latin-1') self.assertEquals(u'a=1&u=Ú-ú-Ü-ü', decoded_str)
def test_double_data_token_wrap_set_set(self): dc = KeyValueContainer([(u'a', ['1']), (u'b', ['c', '3'])]) token_1 = dc.set_token(('b', 1)) token_2 = dc.set_token(('b', 1)) self.assertIs(token_1, token_2)