Module: Arachni::Element::DOM::Capabilities::Submittable

Includes:
Capabilities::Submittable
Included in:
Cookie::DOM, Form::DOM, Link::DOM::Capabilities::Submittable, LinkTemplate::DOM::Capabilities::Submittable, UIForm::DOM, UIInput::DOM
Defined in:
lib/arachni/element/dom/capabilities/submittable.rb

Overview

Author:

  • Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Capabilities::Submittable

#action, #action=, #dup, #http, #http_request, #id, #initialize, #method, #method=, #platforms, #to_h

Class Method Details

.prepare_browser(browser, options) ⇒ Object 



50
51
52
53
54
 
# File 'lib/arachni/element/dom/capabilities/submittable.rb', line 50

def self.prepare_browser( browser, options )
    browser.javascript.custom_code = options[:custom_code]
    browser.javascript.taint       = options[:taint]
    browser.load options[:page]
end

.prepare_callback(&block) ⇒ Object 



43
44
45
46
47
48
 
# File 'lib/arachni/element/dom/capabilities/submittable.rb', line 43

def self.prepare_callback( &block )
    lambda do |browser, options|
        Submittable.prepare_browser( browser, options )
        Submittable.submit_with_browser( browser, options, &block )
    end
end

.submit_with_browser(browser, options, &cb) ⇒ Object 



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
# File 'lib/arachni/element/dom/capabilities/submittable.rb', line 56

def self.submit_with_browser( browser, options, &cb )
    element = options[:element]
    element.browser = browser
    element.auditor = options[:auditor]
    element.page    = options[:page]

    # If we've wandered to an out-of-scope resource don't bother calling.
    # Can be caused by a JS redirect or something akin to that.
    if (transitions = element.trigger.compact).any?
        page = browser.to_page
        page.dom.transitions  += transitions
        page.request.performer = element

        # Auditable.handle_submission_result page
        cb.call( page ) if block_given?
        return page
    end

    nil
end

Instance Method Details

#submit(options = {}, method = nil, &block) ⇒ Object 



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/arachni/element/dom/capabilities/submittable.rb', line 17

def submit( options = {}, method = nil, &block )
    # Remove references to the Auditor instance (the check instance) to
    # remove references to the associated pages and HTTP responses etc.
    #
    # We don't know how long we'll be waiting in the queue so keeping these
    # objects in memory can result in big leaks -- which is why we're also
    # moving to class-level callbacks, to avoid closures capturing context.

    auditor  = @auditor
    @auditor = nil

    options = options.merge(
        element: self,
        auditor: auditor.class,
        page:    page
    )

    if method
        auditor.with_browser( options, method )
    else
        auditor.with_browser( options, &Submittable.prepare_callback( &block ) )
    end

    nil
end