-
Notifications
You must be signed in to change notification settings - Fork 43
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Major: Add HTTP Server for serving content (fixes #2)
restructure files Rework Authentication core.
- Loading branch information
Showing
55 changed files
with
185 additions
and
79 deletions.
There are no files selected for viewing
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
Submodule closure-library
updated
from 000000 to fa54e9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,16 @@ | |||
(function(){ | |||
|
|||
|
|||
Config = function(data){ | |||
this.storage = {}; //localStorage might leak sensitive information | |||
$.extend(this.storage, data); | |||
}; | |||
Config.prototype.get = function(id){ | |||
return this.storage[id]; | |||
}; | |||
Config.prototype.set = function(id,val){ | |||
this.storage[id] = val; | |||
} | |||
HoneyProxy.config = new Config( | |||
JSON.parse(decodeURIComponent(location.hash).replace("#",""))); | |||
})(); |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,51 @@ | |||
from twisted.web.resource import Resource | |||
from libhproxy.honey import HoneyProxy | |||
#serve request content via HTTP | |||
class ContentAPI(Resource): | |||
isLeaf = True | |||
def render_GET(self, request): | |||
if self.isAuthenticated(request): | |||
try: | |||
if(len(request.postpath) != 3): | |||
raise Exception("invalid parameter length") | |||
flow = HoneyProxy.getProxyMaster().getFlowCollection().getFlow(int(request.postpath[0])) | |||
isResponse = request.postpath[1] == "response" | |||
|
|||
obj = getattr(flow,request.postpath[1]) | |||
|
|||
isView = request.postpath[2] == "inline" | |||
if (isResponse): | |||
#add important headers from original request | |||
headers = ["Content-Type","Content-Encoding","Transfer-Encoding"] | |||
for h in headers: | |||
if(h in obj.headers): | |||
request.setHeader(h,obj.headers.get(h)[0]) | |||
|
|||
#this would fail on 301 redirects | |||
#fix responsecode | |||
#request.setResponseCode(obj.code) | |||
|
|||
#fix content disposition for attachment download | |||
cdisp = obj.headers.get("Content-Disposition") | |||
if(cdisp == None): | |||
#do minimal file name guessing | |||
cdisp = 'inline; filename="'+flow.request.path.split("?")[0].split("/")[-1]+'"' | |||
if isView: | |||
request.setHeader("Content-Disposition",cdisp.replace("attachment", "inline")) | |||
else: | |||
request.setHeader("Content-Disposition",cdisp.replace("inline", "attachment")) | |||
|
|||
return obj.content | |||
except Exception as e: | |||
print e | |||
return "<html><body>Invalid request.</body></html>" | |||
else: | |||
request.setResponseCode(402) | |||
return "<html><body>Please authenticate.</body></html>" | |||
|
|||
|
|||
def isAuthenticated(self,request): | |||
try: | |||
return request.args["auth"][0] == HoneyProxy.getAuthKey() | |||
except: | |||
return False |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -1,38 +1,35 @@ | |||
from libmproxy import encoding | |||
from libmproxy.flow import ODictCaseless | |||
class FlowCollection: | class FlowCollection: | ||
def __init__(self): | def __init__(self): | ||
#self._flows = [] | self._flows_serialized = [] | ||
self._flows_json = [] | self._flows = [] | ||
|
|||
|
|||
# def getFlow(self,i): | |||
# if(i < len(self._flows)): | |||
# return self._flows[i] | |||
# return None | |||
|
|
||
def getLastFlow(self): | def getLastFlow(self): | ||
return self._flows_json[-1] | return self._flows_serialized[-1] | ||
|
|||
def getFlowsAsJSON(self): | def getFlow(self,flowId): | ||
return self._flows_json | return self._flows[flowId] | ||
|
|
||
def getFlowsAsSingleJSON(self): | def getFlowsSerialized(self): | ||
return self._flows_json | return self._flows_serialized | ||
#return ''.join(["[",','.join(self._flows_json),"]"]) | |||
|
|
||
def addFlow(self, flow): | def addFlow(self, flow): | ||
flowRepr = flow._get_state() | flowRepr = flow._get_state() | ||
flowRepr["id"] = len(self._flows_json) | flowRepr["id"] = len(self._flows_serialized) | ||
|
|
||
|
#remove content out of the flowRepr | ||
enc = flow.response.headers.get("content-encoding") | for i in ["request","response"]: | ||
if enc and enc[0] != "identity": | flowRepr[i]["contentLength"] = len(flowRepr[i]["content"]) | ||
decoded = encoding.decode(enc[0], flow.response.content) | del flowRepr[i]["content"] | ||
if decoded: |
|
||
flowRepr["response"]["content"] = decoded | #store unencoded | ||
#from libmproxy import encoding | |||
#enc = flow.response.headers.get("content-encoding") | |||
#if enc and enc[0] != "identity": | |||
# decoded = encoding.decode(enc[0], content) | |||
# if decoded: | |||
# content = decoded | |||
|
|
||
#self._flows_json.append(json.dumps(flowRepr,ensure_ascii=None)) | self._flows.append(flow) | ||
self._flows_json.append(flowRepr) | self._flows_serialized.append(flowRepr) | ||
return len(self._flows_json)-1 | return len(self._flows_serialized)-1 | ||
|
|
File renamed without changes.
Oops, something went wrong.