From 650862fee0f4e90d8406aa592f8b6840622323c4 Mon Sep 17 00:00:00 2001 From: Simon Bennetts Date: Mon, 6 Jan 2025 16:22:11 +0000 Subject: [PATCH] Exim: Site export fix Signed-off-by: Simon Bennetts --- .../addon/exim/sites/SitesTreeHandler.java | 6 +-- .../exim/sites/SiteTreeHandlerUnitTest.java | 43 ++++++++++++++++++- 2 files changed, 44 insertions(+), 5 deletions(-) diff --git a/addOns/exim/src/main/java/org/zaproxy/addon/exim/sites/SitesTreeHandler.java b/addOns/exim/src/main/java/org/zaproxy/addon/exim/sites/SitesTreeHandler.java index 48bac36a75..c6e39bda92 100644 --- a/addOns/exim/src/main/java/org/zaproxy/addon/exim/sites/SitesTreeHandler.java +++ b/addOns/exim/src/main/java/org/zaproxy/addon/exim/sites/SitesTreeHandler.java @@ -128,9 +128,9 @@ private static void outputNode( if (HttpRequestHeader.POST.equals(href.getMethod())) { try { HttpMessage msg = href.getHttpMessage(); - if (!msg.getRequestHeader() - .getHeader(HttpHeader.CONTENT_TYPE) - .startsWith(HttpHeader.FORM_MULTIPART_CONTENT_TYPE)) { + String contentType = msg.getRequestHeader().getHeader(HttpHeader.CONTENT_TYPE); + if (contentType == null + || !contentType.startsWith(HttpHeader.FORM_MULTIPART_CONTENT_TYPE)) { List params = Model.getSingleton().getSession().getParameters(msg, Type.form); StringBuilder sb = new StringBuilder(); diff --git a/addOns/exim/src/test/java/org/zaproxy/addon/exim/sites/SiteTreeHandlerUnitTest.java b/addOns/exim/src/test/java/org/zaproxy/addon/exim/sites/SiteTreeHandlerUnitTest.java index 7ffe71edd6..f356cfd891 100644 --- a/addOns/exim/src/test/java/org/zaproxy/addon/exim/sites/SiteTreeHandlerUnitTest.java +++ b/addOns/exim/src/test/java/org/zaproxy/addon/exim/sites/SiteTreeHandlerUnitTest.java @@ -171,6 +171,36 @@ void shouldOutputNodeWithData() throws Exception { assertThat(result.getCount(), is(2)); } + @Test + void shouldOutputNodeWithDataButNoContentType() throws Exception { + // Given + String expectedYaml = + "- node: Sites\n" + + " children: \n" + + " - node: https://www.example.com\n" + + " url: https://www.example.com?aa=bb&cc=dd\n" + + " method: POST\n" + + " responseLength: 61\n" + + " statusCode: 200\n" + + " data: eee=&ggg=\n"; + HttpMessage msg = + new HttpMessage( + "POST https://www.example.com?aa=bb&cc=dd HTTP/1.1\r\n", + "eee=fff&ggg=hhh".getBytes(), + "HTTP/1.1 200 OK\r\n" + "content-length: 20", + "12345678901234567890".getBytes()); + siteMap.addPath(getHref(msg)); + StringWriter sw = new StringWriter(); + ExporterResult result = new ExporterResult(); + + // When + SitesTreeHandler.exportSitesTree(sw, siteMap, result); + + // Then + assertThat(sw.toString(), is(expectedYaml)); + assertThat(result.getCount(), is(2)); + } + @Test void shouldOutputNodes() throws Exception { // Given @@ -181,13 +211,22 @@ void shouldOutputNodes() throws Exception { + " url: https://www.example.com\n" + " method: GET\n" + " children: \n" - + " - node: POST:/()\n" + + " - node: POST:/()(aaa)\n" + " url: https://www.example.com/\n" + " method: POST\n" + + " responseLength: 61\n" + + " statusCode: 200\n" + + " data: aaa=\n" + " - node: PUT:aaa\n" + " url: https://www.example.com/aaa\n" + " method: PUT\n"; - siteMap.addPath(getHref("https://www.example.com/", "POST")); + HttpMessage msg = + new HttpMessage( + "POST https://www.example.com/ HTTP/1.1\r\n", + "aaa=bbb".getBytes(), + "HTTP/1.1 200 OK\r\n" + "content-length: 20", + "12345678901234567890".getBytes()); + siteMap.addPath(getHref(msg)); siteMap.addPath(getHref("https://www.example.com/aaa", "PUT")); StringWriter sw = new StringWriter();