This repository has been archived by the owner on Jun 1, 2021. It is now read-only.
/
basic.sh
executable file
·127 lines (113 loc) · 2.78 KB
/
basic.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
#!/usr/bin/env bash
set -e
read -d '' classifyExpandedParts <<-'EOF' || true
def isSameDomain(domain):
domain as $domain
| . == $domain;
# TODO: compare subdomain with Public Suffix List for verification?
def isSubdomain(domain):
domain as $domain
| endswith("." + $domain);
# TODO: compare superdomain with Public Suffix List for verification?
def isSuperdomain(domain):
. as $original
| domain as $domain
| $domain
| isSubdomain($original);
def isSamePrimaryDomain(originDomain):
originDomain as $originDomain
| ."primary-domain" == $originDomain."primary-domain";
def isSecure:
. == "https";
def classifyUrl(origin):
origin as $origin
# TODO: work on .domain.components, not .domain.value?
| (.domain.value and $origin.domain.value) as $hasDomainValue
| (if $hasDomainValue then (.domain.value | isSameDomain($origin.domain.value)) else false end) as $isSameDomain
| (if $hasDomainValue then (.domain.value | isSubdomain($origin.domain.value)) else false end) as $isSubdomain
| (if $hasDomainValue then (.domain.value | isSuperdomain($origin.domain.value)) else false end) as $isSuperdomain
| (if $hasDomainValue then (.domain | isSamePrimaryDomain($origin.domain)) else false end) as $isSamePrimaryDomain
| ($isSameDomain or $isSubdomain or $isSuperdomain or $isSamePrimaryDomain) as $isInternalDomain
| (if (.scheme and .scheme.valid and .scheme.value) then (.scheme.value | isSecure) else false end) as $isSecure
| {
isSameDomain: $isSameDomain,
isSubdomain: $isSubdomain,
isSuperdomain: $isSuperdomain,
isSamePrimaryDomain: $isSamePrimaryDomain,
isInternalDomain: $isInternalDomain,
isExternalDomain: ($isInternalDomain | not),
isSecure: $isSecure,
isInsecure: ($isSecure | not)
};
def statusIsSuccessful:
type == "object"
and
(
.code
| (
type == "number"
and
(
(. >= 200 and . < 300)
or
(. == 304)
)
)
);
def statusIsUnsuccessful:
type == "object"
and
(
.code
| (
type == "number"
and
(
(. >= 100 and . < 200)
or
(. >= 300 and . < 304)
or
(. >= 305 and . < 600)
)
)
);
def statusIsFailed:
type != "object"
or
(
.code
| (
type != "number"
or
(
(. < 100)
or
(. >= 600)
)
)
);
def classifyStatus:
{
isSuccessful: statusIsSuccessful,
isUnsuccessful: statusIsUnsuccessful,
# TODO: distinguish between software and network/external errors?
# Would require checking the HAR data for .log.creator.name == "heedless"?
isFailed: statusIsFailed
};
def classify(origin):
origin as $origin
| {}
+
(.url | classifyUrl($origin))
+
(.status | classifyStatus);
def mangle(origin):
origin as $origin
| . + {
classification: classify($origin)
};
.origin.url as $origin
| .origin |= mangle($origin)
| .requestedUrls |= map(mangle($origin))
EOF
cat | jq "$classifyExpandedParts"