|
@@ -11,6 +11,23 @@ import (
|
|
|
"strings"
|
|
|
)
|
|
|
|
|
|
+//Zregexp is the regular expression used by ZARDOZ to process headers
|
|
|
+var Zregexp string
|
|
|
+
|
|
|
+func init() {
|
|
|
+
|
|
|
+ var expressions = []string{
|
|
|
+ `([ ]([A-Za-z0-9-_]+\.)*\w+)`, // domain name
|
|
|
+ `([ ]/[A-Za-z0-9-_/.]*[ ])`, // URI path (also partial)
|
|
|
+ `[[:alpha:]]{4,32}`, // alpha digit token
|
|
|
+ `([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})`, // IP address
|
|
|
+ `([0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12})`, // UUID
|
|
|
+ }
|
|
|
+
|
|
|
+ Zregexp = strings.Join(expressions, "|")
|
|
|
+
|
|
|
+}
|
|
|
+
|
|
|
func passAndLearn(resp *http.Response) error {
|
|
|
|
|
|
ProxyFlow.response = resp
|
|
@@ -69,7 +86,11 @@ func blockAndlearn(resp *http.Response) error {
|
|
|
|
|
|
func sanitizeHeaders(s string) string {
|
|
|
|
|
|
- re := regexp.MustCompile(`[[:alnum:]]{6,32}|[[:alpha:]]{4,32}|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|([0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12})`)
|
|
|
+ re, rerr := regexp.Compile(Zregexp)
|
|
|
+ if rerr != nil {
|
|
|
+ log.Println("Error Compiling regular expression: ", Zregexp)
|
|
|
+ }
|
|
|
+
|
|
|
matched := re.FindAllString(s, -1)
|
|
|
|
|
|
uMatched := Unique(matched)
|