mirror of
https://github.com/projectdiscovery/httpx.git
synced 2024-11-28 22:01:28 +03:00
Fixed gomnd issues
This commit is contained in:
Víctor Zamanillo
parent
18e5dae704
commit
e9aa081544
@ -6,6 +6,7 @@ import (
|
||||
"flag"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"os"
|
||||
"path"
|
||||
"regexp"
|
||||
@ -30,6 +31,11 @@ import (
|
||||
"github.com/remeh/sizedwaitgroup"
|
||||
)
|
||||
|
||||
const (
|
||||
maxFileNameLenght = 255
|
||||
tokenParts = 2
|
||||
)
|
||||
|
||||
func main() {
|
||||
options := ParseOptions()
|
||||
|
||||
@ -45,9 +51,9 @@ func main() {
|
||||
var key, value string
|
||||
httpxOptions.CustomHeaders = make(map[string]string)
|
||||
for _, customHeader := range options.CustomHeaders {
|
||||
tokens := strings.SplitN(customHeader, ":", 2)
|
||||
tokens := strings.SplitN(customHeader, ":", tokenParts)
|
||||
// if it's an invalid header skip it
|
||||
if len(tokens) < 2 {
|
||||
if len(tokens) < tokenParts {
|
||||
continue
|
||||
}
|
||||
key = strings.TrimSpace(tokens[0])
|
||||
@ -96,7 +102,7 @@ func main() {
|
||||
scanopts.Methods = append(scanopts.Methods, stringz.SplitByCharAndTrimSpace(options.Methods, ",")...)
|
||||
}
|
||||
if len(scanopts.Methods) == 0 {
|
||||
scanopts.Methods = append(scanopts.Methods, "GET")
|
||||
scanopts.Methods = append(scanopts.Methods, http.MethodGet)
|
||||
}
|
||||
protocol := httpx.HTTPS
|
||||
scanopts.VHost = options.VHost
|
||||
@ -392,13 +398,13 @@ retry:
|
||||
if !scanopts.OutputWithNoColor {
|
||||
// Color the status code based on its value
|
||||
switch {
|
||||
case resp.StatusCode >= 200 && resp.StatusCode < 300:
|
||||
case resp.StatusCode >= http.StatusOK && resp.StatusCode < http.StatusMultipleChoices:
|
||||
builder.WriteString(aurora.Green(strconv.Itoa(resp.StatusCode)).String())
|
||||
case resp.StatusCode >= 300 && resp.StatusCode < 400:
|
||||
case resp.StatusCode >= http.StatusMultipleChoices && resp.StatusCode < http.StatusBadRequest:
|
||||
builder.WriteString(aurora.Yellow(strconv.Itoa(resp.StatusCode)).String())
|
||||
case resp.StatusCode >= 400 && resp.StatusCode < 500:
|
||||
case resp.StatusCode >= http.StatusBadRequest && resp.StatusCode < http.StatusInternalServerError:
|
||||
builder.WriteString(aurora.Red(strconv.Itoa(resp.StatusCode)).String())
|
||||
case resp.StatusCode > 500:
|
||||
case resp.StatusCode > http.StatusInternalServerError:
|
||||
builder.WriteString(aurora.Bold(aurora.Yellow(strconv.Itoa(resp.StatusCode))).String())
|
||||
}
|
||||
} else {
|
||||
@ -535,9 +541,9 @@ retry:
|
||||
}
|
||||
// On various OS the file max file name length is 255 - https://serverfault.com/questions/9546/filename-length-limits-on-linux
|
||||
// Truncating length at 255
|
||||
if len(domainFile) >= 255 {
|
||||
if len(domainFile) >= maxFileNameLenght {
|
||||
// leaving last 4 bytes free to append ".txt"
|
||||
domainFile = domainFile[:251]
|
||||
domainFile = domainFile[:maxFileNameLenght-1]
|
||||
}
|
||||
|
||||
domainFile = strings.ReplaceAll(domainFile, "/", "_") + ".txt"
|
||||
|
||||
6
common/cache/cache.go
vendored
6
common/cache/cache.go
vendored
@ -7,6 +7,8 @@ import (
|
||||
dns "github.com/projectdiscovery/httpx/common/resolve"
|
||||
)
|
||||
|
||||
const megaByteBytes = 1048576
|
||||
|
||||
// Cache is a structure for caching DNS lookups
|
||||
type Cache struct {
|
||||
dnsClient Resolver
|
||||
@ -49,7 +51,7 @@ func New(options Options) (*Cache, error) {
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
cache := freecache.NewCache(options.CacheSize * 1024 * 1024)
|
||||
cache := freecache.NewCache(options.CacheSize * megaByteBytes)
|
||||
return &Cache{dnsClient: dnsClient, cache: cache, defaultExpirationTime: options.ExpirationTime}, nil
|
||||
}
|
||||
|
||||
@ -61,7 +63,7 @@ func (c *Cache) Lookup(hostname string) (*dns.Result, error) {
|
||||
hostnameBytes := []byte(hostname)
|
||||
value, err := c.cache.Get(hostnameBytes)
|
||||
if err != nil {
|
||||
if len(err.Error()) != 15 {
|
||||
if err != freecache.ErrNotFound {
|
||||
return nil, err
|
||||
}
|
||||
result, err := c.dnsClient.Resolve(hostname)
|
||||
|
||||
2
common/cache/dialer.go
vendored
2
common/cache/dialer.go
vendored
@ -32,7 +32,7 @@ func NewDialer(options Options) (DialerFunc, error) {
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
dialerHistory = freecache.NewCache(options.CacheSize * 1024 * 1024)
|
||||
dialerHistory = freecache.NewCache(options.CacheSize * megaByteBytes)
|
||||
dialer := &net.Dialer{
|
||||
Timeout: 10 * time.Second,
|
||||
KeepAlive: 10 * time.Second,
|
||||
|
||||
@ -9,6 +9,8 @@ func init() {
|
||||
Ports = make(map[int]struct{})
|
||||
}
|
||||
|
||||
const portRangeParts = 2
|
||||
|
||||
// Ports to scan
|
||||
var Ports map[int]struct{}
|
||||
|
||||
@ -30,7 +32,7 @@ func (c *CustomPorts) Set(value string) error {
|
||||
for _, potentialPort := range potentialPorts {
|
||||
potentialRange := strings.Split(strings.TrimSpace(potentialPort), "-")
|
||||
// it's a single port?
|
||||
if len(potentialRange) < 2 {
|
||||
if len(potentialRange) < portRangeParts {
|
||||
if p, err := strconv.Atoi(potentialPort); err == nil {
|
||||
Ports[p] = struct{}{}
|
||||
}
|
||||
|
||||
@ -12,6 +12,11 @@ import (
|
||||
"github.com/projectdiscovery/retryablehttp-go"
|
||||
)
|
||||
|
||||
const (
|
||||
headerParts = 2
|
||||
requestParts = 3
|
||||
)
|
||||
|
||||
// DumpRequest to string
|
||||
func DumpRequest(req *retryablehttp.Request) (string, error) {
|
||||
dump, err := httputil.DumpRequestOut(req.Request, true)
|
||||
@ -22,7 +27,7 @@ func DumpRequest(req *retryablehttp.Request) (string, error) {
|
||||
// DumpResponse to string
|
||||
func DumpResponse(resp *http.Response) (string, error) {
|
||||
// httputil.DumpResponse does not work with websockets
|
||||
if resp.StatusCode == 101 {
|
||||
if resp.StatusCode == http.StatusContinue {
|
||||
raw := resp.Status + "\n"
|
||||
for h, v := range resp.Header {
|
||||
raw += fmt.Sprintf("%s: %s\n", h, v)
|
||||
@ -44,7 +49,7 @@ func ParseRequest(req string) (method, path string, headers map[string]string, b
|
||||
return
|
||||
}
|
||||
parts := strings.Split(s, " ")
|
||||
if len(parts) < 3 {
|
||||
if len(parts) < requestParts {
|
||||
err = fmt.Errorf("malformed request supplied")
|
||||
return
|
||||
}
|
||||
@ -58,8 +63,8 @@ func ParseRequest(req string) (method, path string, headers map[string]string, b
|
||||
break
|
||||
}
|
||||
|
||||
p := strings.SplitN(line, ":", 2)
|
||||
if len(p) != 2 {
|
||||
p := strings.SplitN(line, ":", headerParts)
|
||||
if len(p) != headerParts {
|
||||
continue
|
||||
}
|
||||
|
||||
|
||||
@ -1,29 +1,18 @@
|
||||
package httputilz
|
||||
|
||||
// HTTP methods were copied from net/http - fasthttp
|
||||
const (
|
||||
MethodGet = "GET" // RFC 7231, 4.3.1
|
||||
MethodHead = "HEAD" // RFC 7231, 4.3.2
|
||||
MethodPost = "POST" // RFC 7231, 4.3.3
|
||||
MethodPut = "PUT" // RFC 7231, 4.3.4
|
||||
MethodPatch = "PATCH" // RFC 5789
|
||||
MethodDelete = "DELETE" // RFC 7231, 4.3.5
|
||||
MethodConnect = "CONNECT" // RFC 7231, 4.3.6
|
||||
MethodOptions = "OPTIONS" // RFC 7231, 4.3.7
|
||||
MethodTrace = "TRACE" // RFC 7231, 4.3.8
|
||||
)
|
||||
import "net/http"
|
||||
|
||||
// AllHTTPMethods contains all available HTTP methods
|
||||
func AllHTTPMethods() []string {
|
||||
return []string{
|
||||
MethodGet,
|
||||
MethodHead,
|
||||
MethodPost,
|
||||
MethodPut,
|
||||
MethodPatch,
|
||||
MethodDelete,
|
||||
MethodConnect,
|
||||
MethodOptions,
|
||||
MethodTrace,
|
||||
http.MethodGet,
|
||||
http.MethodHead,
|
||||
http.MethodPost,
|
||||
http.MethodPut,
|
||||
http.MethodPatch,
|
||||
http.MethodDelete,
|
||||
http.MethodConnect,
|
||||
http.MethodOptions,
|
||||
http.MethodTrace,
|
||||
}
|
||||
}
|
||||
|
||||
@ -33,7 +33,7 @@ func (h *HTTPX) SupportHTTP2(protocol, method, targetURL string) bool {
|
||||
io.Copy(ioutil.Discard, httpresp.Body)
|
||||
httpresp.Body.Close()
|
||||
|
||||
return httpresp.StatusCode == 101
|
||||
return httpresp.StatusCode == http.StatusSwitchingProtocols
|
||||
}
|
||||
|
||||
// attempts a direct http2 connection
|
||||
|
||||
@ -138,7 +138,7 @@ func (h *HTTPX) Do(req *retryablehttp.Request) (*Response, error) {
|
||||
|
||||
var respbody []byte
|
||||
// websockets don't have a readable body
|
||||
if httpresp.StatusCode != 101 {
|
||||
if httpresp.StatusCode != http.StatusSwitchingProtocols {
|
||||
var err error
|
||||
respbody, err = ioutil.ReadAll(httpresp.Body)
|
||||
if err != nil {
|
||||
|
||||
@ -16,7 +16,7 @@ type Options struct {
|
||||
// RetryMax is the maximum number of retries
|
||||
RetryMax int
|
||||
CustomHeaders map[string]string
|
||||
// VHostimilarityRatio 1 - 100
|
||||
// VHostSimilarityRatio 1 - 100
|
||||
VHostSimilarityRatio int
|
||||
FollowRedirects bool
|
||||
FollowHostRedirects bool
|
||||
|
||||
@ -8,6 +8,8 @@ import (
|
||||
"github.com/rs/xid"
|
||||
)
|
||||
|
||||
const simMultiplier = 100
|
||||
|
||||
// IsVirtualHost checks if the target endpoint is a virtual host
|
||||
func (h *HTTPX) IsVirtualHost(req *retryablehttp.Request) (bool, error) {
|
||||
httpresp1, err := h.Do(req)
|
||||
@ -44,7 +46,7 @@ func (h *HTTPX) IsVirtualHost(req *retryablehttp.Request) (bool, error) {
|
||||
}
|
||||
|
||||
// Similarity Ratio - if similarity is under threshold we consider it a valid vHost
|
||||
if int(strsim.Compare(httpresp1.Raw, httpresp2.Raw)*100) <= h.Options.VHostSimilarityRatio {
|
||||
if int(strsim.Compare(httpresp1.Raw, httpresp2.Raw)*simMultiplier) <= h.Options.VHostSimilarityRatio {
|
||||
return true, nil
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user