Class: Arachni::HTTP::CookieJar

Inherits:
Object
  • Object
show all
Includes:
Utilities
Defined in:
lib/arachni/http/cookie_jar.rb

Overview

Basic CookieJar implementation.

Author:

  • Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Defined Under Namespace

Classes: Error

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Constructor Details

#initialize(cookie_jar_file = nil) ⇒ CookieJar

Returns a new instance of CookieJar.

Parameters:

  • cookie_jar_file (String) (defaults to: nil)

    Path to a Netscape cookie-jar.



41
42
43
44
# File 'lib/arachni/http/cookie_jar.rb', line 41

def initialize( cookie_jar_file = nil )
    @cookies = {}
    load( cookie_jar_file ) if cookie_jar_file
end

Class Method Details

.from_file(*args) ⇒ Arachni::HTTP::CookieJar

Same as #initialize.



35
36
37
# File 'lib/arachni/http/cookie_jar.rb', line 35

def self.from_file( *args )
    new.load( *args )
end

Instance Method Details

#<<(cookies) ⇒ CookieJar

Returns `self`.

Parameters:

Returns:



69
70
71
72
73
74
75
# File 'lib/arachni/http/cookie_jar.rb', line 69

def <<( cookies )
    [cookies].flatten.each do |cookie|
        next if !cookie
        set_cookie( cookie )
    end
    self
end

#==(other) ⇒ Object

Parameters:



168
169
170
# File 'lib/arachni/http/cookie_jar.rb', line 168

def ==( other )
    hash == other.hash
end

#any?Bool

Returns `true` if cookiejar is not empty, `false` otherwise.

Returns:

  • (Bool)

    `true` if cookiejar is not empty, `false` otherwise.



163
164
165
# File 'lib/arachni/http/cookie_jar.rb', line 163

def any?
    !empty?
end

#clearObject

Empties the cookiejar.



151
152
153
# File 'lib/arachni/http/cookie_jar.rb', line 151

def clear
    @cookies.clear
end

#cookies(include_expired = false) ⇒ Array<Cookie>

Returns All cookies.

Parameters:

  • include_expired (Bool) (defaults to: false)

    Include expired cookies.

Returns:



138
139
140
141
142
143
# File 'lib/arachni/http/cookie_jar.rb', line 138

def cookies( include_expired = false )
    @cookies.values.map do |cookie|
        next if !include_expired && cookie.expired?
        cookie
    end.compact
end

#empty?Bool

Returns `true` if cookiejar is empty, `false` otherwise.

Returns:

  • (Bool)

    `true` if cookiejar is empty, `false` otherwise.



157
158
159
# File 'lib/arachni/http/cookie_jar.rb', line 157

def empty?
    @cookies.empty?
end

#for_url(url) ⇒ Array<Cookie>

Returns URL which should be sent to the resource at `url`.

Parameters:

  • url (String)

    URL for which to retrieve cookies.

Returns:

  • (Array<Cookie>)

    URL which should be sent to the resource at `url`.



111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# File 'lib/arachni/http/cookie_jar.rb', line 111

def for_url( url )
    uri = to_uri( url )
    request_path   = uri.path
    request_domain = uri.host

    return [] if !request_domain || !request_path

    unique_cookies = {}
    @cookies.values.map do |cookie|
        if cookie.expired? || !request_path.start_with?( cookie.path ) ||
            !in_domain?( cookie.domain, request_domain )
            next
        end

        unique_cookies[cookie.name] = cookie
    end

    unique_cookies.values.sort do |lhs, rhs|
        rhs.path.length <=> lhs.path.length
    end
end

#hashObject



172
173
174
# File 'lib/arachni/http/cookie_jar.rb', line 172

def hash
    cookies.map(&:to_s).hash
end

#load(cookie_jar_file, url = '') ⇒ CookieJar

Loads cookies from a Netscape cookiejar file.

Parameters:

  • cookie_jar_file (String)

    Path to a Netscape cookie-jar.

  • url (String) (defaults to: '')

    Cookie owner.

Returns:



54
55
56
57
58
59
60
61
62
# File 'lib/arachni/http/cookie_jar.rb', line 54

def load( cookie_jar_file, url = '' )
    if !File.exist?( cookie_jar_file )
        fail Error::CookieJarFileNotFound,
             "Cookie-jar '#{cookie_jar_file}' doesn't exist."
    end

    update( cookies_from_file( url, cookie_jar_file ) )
    self
end

#merge!(other) ⇒ Object

Parameters:



146
147
148
# File 'lib/arachni/http/cookie_jar.rb', line 146

def merge!( other )
    update other.cookies
end

#update(cookies) ⇒ CookieJar

Updates the jar with `cookies`.

Parameters:

Returns:



83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# File 'lib/arachni/http/cookie_jar.rb', line 83

def update( cookies )
    [cookies].flatten.each do |c|
        next if !c

        self << case c
                    when String
                        Cookie.from_set_cookie( ::Arachni::Options.url.to_s, c )

                    when Hash
                        next if c.empty?

                        if c.size > 1
                            Cookie.new( { url: ::Arachni::Options.url.to_s }.merge( c ) )
                        else
                            Cookie.new( url: ::Arachni::Options.url.to_s, inputs: c )
                        end
                    when Cookie
                        c
                end
    end
    self
end