Codebase list ruby-cms-scanner / upstream/0.5.2
New upstream version 0.5.2 Sophie Brun 4 years ago
7 changed file(s) with 44 addition(s) and 19 deletion(s). Raw diff Collapse all Expand all
+1
-0
.rubocop.yml less more
0 require: rubocop-performance
01 AllCops:
12 TargetRubyVersion: 2.4
23 Exclude:
+1
-0
.travis.yml less more
1616 - 2.6.0
1717 - 2.6.1
1818 - 2.6.2
19 - 2.6.3
1920 - ruby-head
2021 before_install:
2122 - "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
+11
-10
cms_scanner.gemspec less more
1919 s.require_paths = ['lib']
2020
2121 s.add_dependency 'nokogiri', '~> 1.10.0'
22 s.add_dependency 'opt_parse_validator', '~> 1.7.2'
23 s.add_dependency 'public_suffix', '~> 3.0.0'
22 s.add_dependency 'opt_parse_validator', '~> 1.7.3'
23 s.add_dependency 'public_suffix', '>= 3.0', '< 3.2'
2424 s.add_dependency 'ruby-progressbar', '~> 1.10.0'
2525 s.add_dependency 'typhoeus', '~> 1.3.0'
2626 s.add_dependency 'xmlrpc', '~> 0.3'
2727 s.add_dependency 'yajl-ruby', '~> 1.4.1' # Better JSON parser regarding memory usage
2828
29 s.add_development_dependency 'bundler', '>= 1.6'
30 s.add_development_dependency 'coveralls', '~> 0.8.0'
31 s.add_development_dependency 'rake', '~> 12.3'
32 s.add_development_dependency 'rspec', '~> 3.8.0'
33 s.add_development_dependency 'rspec-its', '~> 1.3.0'
34 s.add_development_dependency 'rubocop', '~> 0.67.2'
35 s.add_development_dependency 'simplecov', '~> 0.16.1'
36 s.add_development_dependency 'webmock', '~> 3.5.1'
29 s.add_development_dependency 'bundler', '>= 1.6'
30 s.add_development_dependency 'coveralls', '~> 0.8.0'
31 s.add_development_dependency 'rake', '~> 12.3'
32 s.add_development_dependency 'rspec', '~> 3.8.0'
33 s.add_development_dependency 'rspec-its', '~> 1.3.0'
34 s.add_development_dependency 'rubocop', '~> 0.71.0'
35 s.add_development_dependency 'rubocop-performance', '~> 1.3.0'
36 s.add_development_dependency 'simplecov', '~> 0.16.1'
37 s.add_development_dependency 'webmock', '~> 3.6.0'
3738 end
+11
-1
lib/cms_scanner/target/scope.rb less more
4242 #
4343 # @return [ Regexp ] The pattern related to the target url and in scope domains,
4444 # it also matches escaped /, such as in JSON JS data: http:\/\/t.com\/
45 # rubocop:disable Metrics/AbcSize
4546 def scope_url_pattern
4647 return @scope_url_pattern if @scope_url_pattern
4748
48 domains = [uri.host + uri.path] + scope.domains[1..-1]&.map(&:to_s) + scope.invalid_domains
49 domains = [uri.host + uri.path]
50
51 domains += if scope.domains.empty?
52 [*scope.invalid_domains[1..-1]]
53 else
54 [*scope.domains[1..-1]].map(&:to_s) + scope.invalid_domains
55 end
4956
5057 domains.map! { |d| Regexp.escape(d.gsub(%r{/$}, '')).gsub('\*', '.*').gsub('/', '\\\\\?/') }
5158
59 domains[0].gsub!(Regexp.escape(uri.host), Regexp.escape(uri.host) + '(?::\\d+)?') if uri.port
60
5261 @scope_url_pattern = %r{https?:\\?/\\?/(?:#{domains.join('|')})\\?/?}i
5362 end
63 # rubocop:enable Metrics/AbcSize
5464
5565 # Scope Implementation
5666 class Scope
+1
-4
lib/cms_scanner/target/server/generic.rb less more
5050 #
5151 # @return [ Array<String> ] The first level of directories/files listed,
5252 # or an empty array if none
53 def directory_listing_entries(
54 path = nil, params = {},
55 selector = 'pre a', ignore = /parent directory/i
56 )
53 def directory_listing_entries(path = nil, params = {}, selector = 'pre a', ignore = /parent directory/i)
5754 return [] unless directory_listing?(path, params)
5855
5956 found = []
+1
-1
lib/cms_scanner/version.rb less more
11
22 # Version
33 module CMSScanner
4 VERSION = '0.5.0'
4 VERSION = '0.5.2'
55 end
+18
-3
spec/lib/target/scope_spec.rb less more
111111 describe '#scope_url_pattern' do
112112 context 'when no scope given' do
113113 its(:scope_url_pattern) { should eql %r{https?:\\?/\\?/(?:e\.org)\\?/?}i }
114
115 context 'when target is an invalid domain for PublicSuffix' do
116 let(:url) { 'http://wp-lab/' }
117
118 its(:scope_url_pattern) { should eql %r{https?:\\?/\\?/(?:wp\-lab)\\?/?}i }
119 end
120
121 context 'when a port is present in the target URL' do
122 let(:url) { 'http://wp.lab:82/aa' }
123
124 its(:scope_url_pattern) { should eql %r{https?:\\?/\\?/(?:wp\.lab(?::\d+)?\\?/aa)\\?/?}i }
125 its(:scope_url_pattern) { should match 'https://wp.lab:82/aa' }
126 end
114127 end
115128
116129 context 'when scope given' do
117 let(:opts) { super().merge(scope: ['*.cdn.org', 'wp-lamp']) }
130 let(:opts) { super().merge(scope: ['*.cdn.org', 'wp-lamp', '192.168.1.1']) }
118131
119 its(:scope_url_pattern) { should eql %r{https?:\\?/\\?/(?:e\.org|.*\.cdn\.org|wp\-lamp)\\?/?}i }
132 its(:scope_url_pattern) { should eql %r{https?:\\?/\\?/(?:e\.org|.*\.cdn\.org|192\.168\.1\.1|wp\-lamp)\\?/?}i }
120133
121134 context 'when target URL has a subdir' do
122135 let(:url) { 'https://e.org/blog/test' }
123136
124 its(:scope_url_pattern) { should eql %r{https?:\\?/\\?/(?:e\.org\\?/blog\\?/test|.*\.cdn\.org|wp\-lamp)\\?/?}i }
137 its(:scope_url_pattern) do
138 should eql %r{https?:\\?/\\?/(?:e\.org\\?/blog\\?/test|.*\.cdn\.org|192\.168\.1\.1|wp\-lamp)\\?/?}i
139 end
125140 end
126141 end
127142 end