Module: Arachni::Element::Capabilities::Submittable

Overview

Author:

  • Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Instance Method Summary collapse

Instance Method Details

#actionString

Note:

Ex. 'href' for links, 'action' for forms, etc.

Returns URI to which the element points and should be audited against.

Returns:

  • (String)

    URI to which the element points and should be audited against.



51
52
53
# File 'lib/arachni/element/capabilities/submittable.rb', line 51

def action
    @action.freeze
end

#action=(url) ⇒ Object

See Also:



56
57
58
# File 'lib/arachni/element/capabilities/submittable.rb', line 56

def action=( url )
    @action = self.url ? to_absolute( url, self.url ) : normalize_url( url )
end

#dupObject



114
115
116
117
118
119
# File 'lib/arachni/element/capabilities/submittable.rb', line 114

def dup
    new = super
    new.method = self.method
    new.action = self.action
    new
end

#httpArachni::HTTP

Returns:



102
103
104
# File 'lib/arachni/element/capabilities/submittable.rb', line 102

def http
    HTTP::Client
end

#http_request(opts, &block) ⇒ HTTP::Request

This method is abstract.

Must be implemented by the including class and perform the appropriate HTTP request (get/post/whatever) for the current element.

Invoked by #submit to submit the object.

Parameters:

  • opts (Hash)
  • block (Block)

    Callback to be passed the HTTP response.

Returns:

See Also:



97
98
99
# File 'lib/arachni/element/capabilities/submittable.rb', line 97

def http_request( opts, &block )
    fail NotImplementedError
end

#idString

Note:

Differences in input values will be taken into consideration.

Returns String uniquely identifying self.

Returns:

  • (String)

    String uniquely identifying self.



110
111
112
# File 'lib/arachni/element/capabilities/submittable.rb', line 110

def id
    "#{type}:#{method}:#{action}:#{inputtable_id}"
end

#initialize(options) ⇒ Object



15
16
17
18
19
# File 'lib/arachni/element/capabilities/submittable.rb', line 15

def initialize( options )
    super
    self.method ||= options[:method] || :get
    self.action ||= options[:action] || self.url
end

#method(*args) ⇒ Symbol Also known as: http_method

Should represent a method in Check::HTTP.

Ex. get, post, cookie, header

Returns:

  • (Symbol)

    HTTP request method for the element.

See Also:

  • Check::HTTP


35
36
37
38
# File 'lib/arachni/element/capabilities/submittable.rb', line 35

def method( *args )
    return super( *args ) if args.any?
    @method.freeze
end

#method=(method) ⇒ Object Also known as: http_method=

See Also:



42
43
44
# File 'lib/arachni/element/capabilities/submittable.rb', line 42

def method=( method )
    @method = method.to_s.downcase.to_sym
end

#platformsPlatform

Returns Applicable platforms for the #action resource.

Returns:



23
24
25
# File 'lib/arachni/element/capabilities/submittable.rb', line 23

def platforms
    Platform::Manager[@action]
end

#submit(options = {}, &block) ⇒ Object

Note:

Sets `self` as the HTTP::Request#performer.

Submits `self` to the #action URL with the appropriate parameters.

Parameters:

  • options (Hash) (defaults to: {})
  • block (Block)

    Callback to be passed the HTTP::Response.

See Also:



70
71
72
73
74
75
76
77
78
79
80
81
82
# File 'lib/arachni/element/capabilities/submittable.rb', line 70

def submit( options = {}, &block )
    options                   = options.dup
    options[:parameters]      = @inputs.dup
    options[:follow_location] = true if !options.include?( :follow_location )

    @auditor ||= options.delete( :auditor )

    options[:performer] ||= self

    options[:raw_parameters] ||= raw_inputs

    http_request( options, &block )
end

#to_hObject



121
122
123
124
125
126
127
# File 'lib/arachni/element/capabilities/submittable.rb', line 121

def to_h
    (defined?( super ) ? super : {}).merge(
        url:    url,
        action: action,
        method: method
    )
end