Class: Arachni::Element::UIForm::DOM

Overview

Author:

  • Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Constant Summary collapse

INPUTS =
Set.new([:input, :textarea])

Constants included from Capabilities::Auditable

Capabilities::Auditable::OPTIONS

Constants included from DOM::Capabilities::Inputtable

DOM::Capabilities::Inputtable::INVALID_INPUT_DATA

Constants included from Capabilities::Inputtable

Capabilities::Inputtable::INPUTTABLE_CACHE

Constants included from Capabilities::Mutable

Capabilities::Mutable::EXTRA_NAME, Capabilities::Mutable::FUZZ_NAME, Capabilities::Mutable::FUZZ_NAME_VALUE, Capabilities::Mutable::MUTATION_OPTIONS

Constants inherited from Base

Base::MAX_SIZE

Instance Attribute Summary

Attributes included from Capabilities::Auditable

#audit_options

Attributes included from Capabilities::WithAuditor

#auditor

Attributes included from Capabilities::Inputtable

#default_inputs, #inputs, #raw_inputs

Attributes included from Capabilities::Mutable

#affected_input_name, #format, #seed

Attributes included from Capabilities::WithSource

#source

Attributes inherited from DOM

#action, #browser, #parent

Attributes inherited from Base

#page

Class Method Summary collapse

Instance Method Summary collapse

Methods included from DOM::Capabilities::Auditable

audit_handle_submit, audit_handle_submit_cb, handle_submission_result, #submit_and_process, #with_browser, #with_browser_cluster

Methods included from Capabilities::Auditable

#audit, #audit_id, #audit_status_message, #audit_status_message_action, #audit_verbose_message, #coverage_hash, #dup, #matches_skip_like_blocks?, reset, #reset, #skip?, skip_like

Methods included from Capabilities::WithAuditor

#dup, #orphan?, #prepare_for_report, #remove_auditor

Methods included from Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Methods included from DOM::Capabilities::Submittable

prepare_browser, prepare_callback, #submit, submit_with_browser

Methods included from Capabilities::Submittable

#action, #action=, #dup, #http, #http_request, #method, #method=, #platforms, #submit, #to_h

Methods included from DOM::Capabilities::Inputtable

#valid_input_data?

Methods included from Capabilities::Inputtable

#[], #[]=, #changes, #dup, #has_inputs?, #inputtable_id, inputtable_id, #raw_input?, #reset, #to_h, #try_input, #update, #updated?, #valid_input_data?, #valid_input_name_data?, #valid_input_value?, #valid_input_value_data?

Methods included from Capabilities::Mutable

#affected_input_value, #affected_input_value=, #dup, #each_mutation, #immutables, #inspect, #mutation?, #mutations, #parameter_name_audit?, #reset, #switch_method, #to_h, #to_rpc_data, #with_raw_payload, #with_raw_payload?

Methods included from DOM::Capabilities::Locatable

#locate, #locator

Methods included from Capabilities::WithNode

#node

Methods included from Capabilities::WithSource

#dup, #to_h, #to_rpc_data

Methods inherited from DOM

#decode, decode, #dup, #encode, encode, #page, #prepare_for_report, #url=

Methods inherited from Base

#==, #action, #dup, from_rpc_data, #hash, #marshal_load, #persistent_hash, #prepare_for_report, #reset, #to_h, #to_hash, #to_rpc_data, too_big?, #url, #url=

Methods included from Capabilities::WithScope

#scope

Constructor Details

#initialize(options) ⇒ DOM

Returns a new instance of DOM.



26
27
28
29
30
31
32
33
34
35
36
37
38
39
# File 'lib/arachni/element/ui_form/dom.rb', line 26

def initialize( options )
    super

    @opening_tags = (options[:opening_tags] || parent.opening_tags).dup

    self.method = options[:method] || self.parent.method

    inputs = (options[:inputs] || self.parent.inputs ).dup

    @valid_input_names = Set.new(inputs.keys)
    self.inputs        = inputs

    @default_inputs = self.inputs.dup.freeze
end

Class Method Details

.typeObject



69
70
71
# File 'lib/arachni/element/ui_form/dom.rb', line 69

def self.type
    :ui_form_dom
end

Instance Method Details

#coverage_idObject



58
59
60
# File 'lib/arachni/element/ui_form/dom.rb', line 58

def coverage_id
    "#{super}:#{@method}:#{locator}"
end

#idObject



62
63
64
# File 'lib/arachni/element/ui_form/dom.rb', line 62

def id
    "#{super}:#{@method}:#{locator}"
end

#initialization_optionsObject



73
74
75
76
77
78
79
# File 'lib/arachni/element/ui_form/dom.rb', line 73

def initialization_options
    super.merge(
        inputs:       inputs.dup,
        method:       @method,
        opening_tags: @opening_tags.dup
    )
end

#marshal_dumpObject



81
82
83
# File 'lib/arachni/element/ui_form/dom.rb', line 81

def marshal_dump
    super.tap { |h| h.delete :@valid_input_names }
end

#triggerObject

Submits the form using the configured Capabilities::Inputtable#inputs.



42
43
44
45
46
47
48
49
50
51
52
# File 'lib/arachni/element/ui_form/dom.rb', line 42

def trigger
    transitions = fill_in_inputs

    print_debug "Submitting: #{self.source}"
    submission_transition = browser.fire_event( locate, @method )
    print_debug "Submitted: #{self.source}"

    return [] if !submission_transition

    transitions + [submission_transition]
end

#typeObject



66
67
68
# File 'lib/arachni/element/ui_form/dom.rb', line 66

def type
    self.class.type
end

#valid_input_name?(name) ⇒ Boolean

Returns:

  • (Boolean)


54
55
56
# File 'lib/arachni/element/ui_form/dom.rb', line 54

def valid_input_name?( name )
    @valid_input_names.include? name.to_s
end