|
@@ -11,21 +11,13 @@ import (
|
|
|
"strings"
|
|
|
)
|
|
|
|
|
|
-//Zregexp is the regular expression used by ZARDOZ to process headers
|
|
|
-var Zregexp string
|
|
|
-
|
|
|
-func init() {
|
|
|
-
|
|
|
- var expressions = []string{
|
|
|
- `([ ]([A-Za-z0-9-_]{4,}\.)+\w+)`, // domain name
|
|
|
- `([ ]/[A-Za-z0-9-_/.]{4,}[ ])`, // URI path (also partial)
|
|
|
- `[[:alpha:]]{4,32}`, // alpha digit token
|
|
|
- `([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})`, // IP address
|
|
|
- `([0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12})`, // UUID
|
|
|
- }
|
|
|
-
|
|
|
- Zregexp = strings.Join(expressions, "|")
|
|
|
-
|
|
|
+//Zexpression is the set of regexp being used by zardoz
|
|
|
+var Zexpressions = []string{
|
|
|
+ `[[:alpha:]]{4,32}`, // alpha digit token
|
|
|
+ `[ ]([A-Za-z0-9-_]{4,}\.)+\w+`, // domain name
|
|
|
+ `[ ]/[A-Za-z0-9-_/.]{4,}[ ]`, // URI path (also partial)
|
|
|
+ `[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}`, // IP address
|
|
|
+ `[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}`, // UUID
|
|
|
}
|
|
|
|
|
|
func passAndLearn(resp *http.Response) error {
|
|
@@ -86,20 +78,30 @@ func blockAndlearn(resp *http.Response) error {
|
|
|
|
|
|
func sanitizeHeaders(s string) string {
|
|
|
|
|
|
- re, rerr := regexp.Compile(Zregexp)
|
|
|
- if rerr != nil {
|
|
|
- log.Println("Error Compiling regular expression: ", Zregexp)
|
|
|
- }
|
|
|
+ var collect []string
|
|
|
+ ss := strings.ToLower(s)
|
|
|
+
|
|
|
+ for _, zregexp := range Zexpressions {
|
|
|
+
|
|
|
+ re, rerr := regexp.Compile(zregexp)
|
|
|
+ if rerr != nil {
|
|
|
+ log.Println("Error Compiling regular expression: ", zregexp)
|
|
|
+ }
|
|
|
|
|
|
- matched := re.FindAllString(s, -1)
|
|
|
+ matched := re.FindAllString(ss, -1)
|
|
|
+ if matched == nil {
|
|
|
+ matched = []string{"null"}
|
|
|
+ }
|
|
|
|
|
|
- uMatched := Unique(matched)
|
|
|
+ collect = append(collect, matched...)
|
|
|
+
|
|
|
+ }
|
|
|
|
|
|
- tmpSt := strings.ToLower(strings.Join(uMatched, " "))
|
|
|
+ uMatched := Unique(collect)
|
|
|
|
|
|
- log.Println("Matched: " + tmpSt)
|
|
|
+ log.Println("Matched: ", uMatched)
|
|
|
|
|
|
- return tmpSt
|
|
|
+ return strings.Join(uMatched, " ")
|
|
|
|
|
|
}
|
|
|
|
|
@@ -165,5 +167,5 @@ func isAuth(resp *http.Response) bool {
|
|
|
}
|
|
|
|
|
|
func IsError(resp *http.Response) bool {
|
|
|
- return resp.StatusCode >= 400
|
|
|
+ return resp.StatusCode >= 400 && resp.StatusCode != 401
|
|
|
}
|