class Arachni::HTTP::CookieJar

Basic CookieJar implementation.

@author Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Public Class Methods

from_file( *args ) click to toggle source

Same as {#initialize}.

@return [Arachni::HTTP::CookieJar]

# File lib/arachni/http/cookie_jar.rb, line 35
def self.from_file( *args )
    new.load( *args )
end
new( cookie_jar_file = nil ) click to toggle source

@param [String] cookie_jar_file

Path to a Netscape cookie-jar.
# File lib/arachni/http/cookie_jar.rb, line 41
def initialize( cookie_jar_file = nil )
    @cookies = {}
    load( cookie_jar_file ) if cookie_jar_file
end

Public Instance Methods

<<( cookies ) click to toggle source

@param [Cookie, Array<Cookie>] cookies

Cookies with which to update the cookie-jar.

@return [CookieJar]

`self`
# File lib/arachni/http/cookie_jar.rb, line 69
def <<( cookies )
    [cookies].flatten.each do |cookie|
        next if !cookie
        set_cookie( cookie )
    end
    self
end
==( other ) click to toggle source

@param [CookieJar] other

# File lib/arachni/http/cookie_jar.rb, line 168
def ==( other )
    hash == other.hash
end
any?() click to toggle source

@return [Bool]

`true` if cookiejar is not empty, `false` otherwise.
# File lib/arachni/http/cookie_jar.rb, line 163
def any?
    !empty?
end
clear() click to toggle source

Empties the cookiejar.

# File lib/arachni/http/cookie_jar.rb, line 151
def clear
    @cookies.clear
end
cookies( include_expired = false ) click to toggle source

@param [Bool] include_expired

Include expired cookies.

@return [Array<Cookie>]

All cookies.
# File lib/arachni/http/cookie_jar.rb, line 138
def cookies( include_expired = false )
    @cookies.values.map do |cookie|
        next if !include_expired && cookie.expired?
        cookie
    end.compact
end
empty?() click to toggle source

@return [Bool]

`true` if cookiejar is empty, `false` otherwise.
# File lib/arachni/http/cookie_jar.rb, line 157
def empty?
    @cookies.empty?
end
for_url( url ) click to toggle source

@param [String] url

URL for which to retrieve cookies.

@return [Array<Cookie>]

URL which should be sent to the resource at `url`.
# File lib/arachni/http/cookie_jar.rb, line 111
def for_url( url )
    uri = to_uri( url )
    request_path   = uri.path
    request_domain = uri.host

    return [] if !request_domain || !request_path

    unique_cookies = {}
    @cookies.values.map do |cookie|
        if cookie.expired? || !request_path.start_with?( cookie.path ) ||
            !in_domain?( cookie.domain, request_domain )
            next
        end

        unique_cookies[cookie.name] = cookie
    end

    unique_cookies.values.sort do |lhs, rhs|
        rhs.path.length <=> lhs.path.length
    end
end
hash() click to toggle source
# File lib/arachni/http/cookie_jar.rb, line 172
def hash
    cookies.map(&:to_s).hash
end
load( cookie_jar_file, url = '' ) click to toggle source

Loads cookies from a Netscape cookiejar file.

@param [String] cookie_jar_file

Path to a Netscape cookie-jar.

@param [String] url

Cookie owner.

@return [CookieJar] self

# File lib/arachni/http/cookie_jar.rb, line 54
def load( cookie_jar_file, url = '' )
    if !File.exist?( cookie_jar_file )
        fail Error::CookieJarFileNotFound,
             "Cookie-jar '#{cookie_jar_file}' doesn't exist."
    end

    update( cookies_from_file( url, cookie_jar_file ) )
    self
end
merge!( other ) click to toggle source

@param [CookieJar] other

# File lib/arachni/http/cookie_jar.rb, line 146
def merge!( other )
    update other.cookies
end
update( cookies ) click to toggle source

Updates the jar with ‘cookies`.

@param [Array<String, Hash, Cookie>] cookies

Cookies with which to update the cookie-jar.

@return [CookieJar] self

# File lib/arachni/http/cookie_jar.rb, line 83
def update( cookies )
    [cookies].flatten.each do |c|
        next if !c

        self << case c
                    when String
                        Cookie.from_set_cookie( ::Arachni::Options.url.to_s, c )

                    when Hash
                        next if c.empty?

                        if c.size > 1
                            Cookie.new( { url: ::Arachni::Options.url.to_s }.merge( c ) )
                        else
                            Cookie.new( url: ::Arachni::Options.url.to_s, inputs: c )
                        end
                    when Cookie
                        c
                end
    end
    self
end

Private Instance Methods

in_domain?( cookie_domain, request_domain ) click to toggle source
# File lib/arachni/http/cookie_jar.rb, line 197
def in_domain?( cookie_domain, request_domain )
    request_domain == cookie_domain ||
        (
            cookie_domain.start_with?( '.' ) &&
                request_domain.end_with?( cookie_domain[1...cookie_domain.size] )
        )
end
make_key( cookie ) click to toggle source
# File lib/arachni/http/cookie_jar.rb, line 193
def make_key( cookie )
    "#{cookie.domain}:#{cookie.path}:#{cookie.name}".hash
end
to_uri( url ) click to toggle source
# File lib/arachni/http/cookie_jar.rb, line 205
def to_uri( url )
    u = url.is_a?( Arachni::URI ) ? url : Arachni::URI( url.to_s )

    if !u
        fail "Failed to parse: #{url}"
    end

    if !u.absolute?
        fail ArgumentError,
             "Complete absolute URL required, got: #{url} (#{u})"
    end

    u
end