private string GetAllowScriptAccessValue(ref UtilityHtmlParser parser, ref bool flag, string allowScriptAccessValue, ref string html)
{
String name = null;
String val = null;
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.sTag == "param" && chunk.oParams.ContainsKey("name") && chunk.oParams.ContainsKey("value"))
{
name = chunk.oParams["name"].ToString();
if (Utility.ToSafeLower(name) == "movie")
{
val = chunk.oParams["value"].ToString();
val = Utility.ToSafeLower(val);
if (val.Trim().EndsWith(".swf"))
{
flag = true;
}
}
if (Utility.ToSafeLower(name) == "allowscriptaccess")
{
allowScriptAccessValue = chunk.oParams["value"].ToString();
// Return the HTML where we want to report an issue.
html = chunk.oHTML;
}
}
}
return(allowScriptAccessValue);
}
public override void Check(Session session)
{
String[] bods = null;
String body = null;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
if (parser.Parser == null)
{
return;
}
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.Script)
{
CheckDomainLowering(session, chunk.oHTML);
}
}
parser.Close();
}
if (Utility.IsResponseJavascript(session))
{
body = Utility.GetResponseText(session);
CheckDomainLowering(session, body);
}
}
}
}
public override void Check(Session session)
{
String id;
bool filter = configpanel.enablefiltercheckBox.Checked;
//alertbody = "";
//findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session) && session.responseBodyBytes.Length > 0)
{
if (!filter || SiteNotChecked(session.hostname))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
if (parser.Parser == null)
{
return;
}
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "input")
{
if (chunk.oParams.ContainsKey("id"))
{
id = chunk.oParams["id"].ToString();
// Find ones where id="__VIEWSTATE"
if (id.Equals("__VIEWSTATE", StringComparison.InvariantCultureIgnoreCase))
{
// Get the __VIEWSTATE value
if (chunk.oParams.ContainsKey("value"))
{
String val = chunk.oParams["value"].ToString();
// If the VIEWSTATE is not secured with a MAC, then raise an alert.
if (!IsViewStateSecure(val))
{
lock (hosts)
{
hosts.Add(session.hostname);
}
AddAlert(session);
}
}
}
}
}
}
parser.Close();
}
}
}
}
}
public override void Check(Session session)
{
String bod = null;
alertbody = "";
alertbody2 = "";
alertbody3 = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
parser.Parser.bKeepRawHTML = true;
if (parser.Parser == null)
{
return;
}
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.OpenTag)
{
if (chunk.sTag == "object")
{
CheckObjectTag(chunk, ref parser);
}
if (chunk.sTag == "embed")
{
CheckEmbedxTag(chunk);
}
}
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session, WatcherResultSeverity.Medium, alertbody);
}
if (!String.IsNullOrEmpty(alertbody2))
{
AddAlert(session, WatcherResultSeverity.Informational, alertbody2);
}
if (!String.IsNullOrEmpty(alertbody3))
{
AddAlert(session, WatcherResultSeverity.Medium, alertbody3);
}
}
}
}
}
public override void Check(Session session)
{
String pat = null;
String bod = null;
String dom = null;
alertbody = "";
findingnum = 0;
// This is a check for cross-domain issues. So if Watcher is not configured with
// an origin domain, treat the session response hostname as the origin.
//
// For details of the Silverlight clientaccesspolicy.xml DTD see:
// http://msdn.microsoft.com/en-us/library/cc645032(v=vs.95).aspx
//
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname, session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseXml(session) || Utility.IsResponsePlain(session))
{
pat = Path.GetFileName(session.PathAndQuery);
if (pat != null && pat.ToLower() == "clientaccesspolicy.xml")
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
parser.Parser.bKeepRawHTML = true;
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
// The easy thing to do here is just scan for all 'domain uri' declarations
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "domain" && chunk.oParams.ContainsKey("uri"))
{
dom = chunk.oParams["uri"].ToString();
if (!WatcherEngine.Configuration.IsOriginDomain(dom, session.hostname) && !WatcherEngine.Configuration.IsTrustedDomain(dom))
{
AssembleAlert(dom, chunk.oHTML);
}
}
}
parser.Close();
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
}
}
public override void Check(Session session)
{
NameValueCollection parms = null;
String bod = null;
alertbody = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
parms = Utility.GetRequestParameters(session);
if (parms != null && parms.Keys.Count > 0)
{
if (Utility.IsResponseHtml(session))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
if (parser.Parser == null)
{
return;
}
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.Script)
{
CheckUserControllableJavascriptReferenceProperty(parms, chunk.oHTML, "src");
CheckUserControllableJavascriptReferenceProperty(parms, chunk.oHTML, "href");
CheckUserControllableJavascriptReferenceWindowOpen(parms, chunk.oHTML);
}
}
parser.Close();
}
if (Utility.IsResponseJavascript(session))
{
CheckUserControllableJavascriptReferenceProperty(parms, bod, "src");
CheckUserControllableJavascriptReferenceProperty(parms, bod, "href");
CheckUserControllableJavascriptReferenceWindowOpen(parms, bod);
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
}
public override void Check(Session session)
{
String bod = null;
alertbody = "";
alertbody2 = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
parser.Parser.bKeepRawHTML = true;
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "object")
{
CheckObjectTag(parser, chunk);
}
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "embed")
{
CheckEmbedTag(chunk);
}
}
//bod = Utility.GetResponseText(session);
//if (bod != null)
//{
// bod = Utility.ToSafeLower(bod); ;
// CheckObjectTag(bod);
// CheckEmbedTag(bod);
//}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session, WatcherResultSeverity.Medium, alertbody);
}
if (!String.IsNullOrEmpty(alertbody2))
{
AddAlert(session, WatcherResultSeverity.Low, alertbody2);
}
}
}
}
}
public override void Check(Session session)
{
String act = null;
String dom = null;
alertbody = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname, session.hostname) || WatcherEngine.Configuration.IsOriginDomain(""))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
parser.Parser.bKeepRawHTML = true;
if (parser.Parser == null)
{
return;
}
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag.ToLower() == "form" && chunk.oParams.ContainsKey("action"))
{
act = chunk.oParams["action"].ToString();
if (!String.IsNullOrEmpty(act))
{
dom = Utility.GetUriDomainName(act);
if (!String.IsNullOrEmpty(dom))
{
if (!WatcherEngine.Configuration.IsOriginDomain(dom, session.hostname) && !WatcherEngine.Configuration.IsTrustedDomain(dom))
{
AssembleAlert(dom, chunk.oHTML);
}
}
}
}
}
parser.Close();
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
}
public override void Check(Session session)
{
NameValueCollection parms = null;
alertbody = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200 && session.responseBodyBytes.Length > 0)
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
if (parser.Parser == null)
{
return;
}
HTMLchunk chunk;
parms = Utility.GetRequestParameters(session);
// If there was no user-supplied parms we don't care to continue.
if (parms != null && parms.Keys.Count > 0)
{
while ((chunk = parser.Parser.ParseNext()) != null)
{
// Check every open tag we encounter
if (chunk.oType == HTMLchunkType.OpenTag)
{
// Check the attributes of this tag
CheckTags(parms, chunk);
}
}
parser.Close();
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
private void CheckObjectTag(HTMLchunk chunk, ref UtilityHtmlParser parser)
{
String[] bods = null;
String attr = null;
String html = null;
String allowScriptAccessValue = null;
bool flag = false;
string b = chunk.oHTML;
// Check the param elements of an object element
if (chunk.oParams.ContainsKey("classid"))
{
attr = chunk.oParams["classid"].ToString();
if ((attr == "clsid:d27cdb6e-ae6d-11cf-96b8-444553540000") || (attr == "x-shockwave-flash")) // flash clsid
{
allowScriptAccessValue = GetAllowScriptAccessValue(ref parser, ref flag, allowScriptAccessValue, ref html);
if (flag)
{
CheckAllowScriptAccessValue(allowScriptAccessValue, b);
}
}
}
// Otherwise check the attributes of the object element
if (chunk.oParams.ContainsKey("type"))
{
string type = chunk.oParams["type"].ToString();
if (Utility.ToSafeLower(type) == "application/x-shockwave-flash" && chunk.oParams.ContainsKey("allowscriptaccess"))
{
allowScriptAccessValue = chunk.oParams["allowscriptaccess"].ToString();
CheckAllowScriptAccessValue(allowScriptAccessValue, chunk.oHTML);
}
// Start looking through the param elements.
else if (Utility.ToSafeLower(type) == "application/x-shockwave-flash")
{
allowScriptAccessValue = GetAllowScriptAccessValue(ref parser, ref flag, allowScriptAccessValue, ref html);
CheckAllowScriptAccessValue(allowScriptAccessValue, html);
}
}
}
public override void Check(Session session)
{
String[] bods = null;
String body = null;
alertbody = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session) || Utility.IsResponseJavascript(session))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
if (parser.Parser == null)
{
return;
}
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.Script)
{
CheckJavascriptEvalUsage(session, chunk.oHTML);
}
}
parser.Close();
}
if (Utility.IsResponseJavascript(session))
{
body = Utility.GetResponseText(session);
CheckJavascriptEvalUsage(session, body);
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
public override void Check(Session session, UtilityHtmlParser htmlparser)
{
NameValueCollection parms = null;
String body = null;
alertbody = "";
findingnum = 0;
List <HtmlElement> htmlElements = htmlparser.HtmlElementCollection;
List <String> htmlText = htmlparser.HtmlTextCollection;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session))
{
body = Utility.GetResponseText(session);
if (body != null)
{
parms = GetRequestParameters(session);
if (parms != null && parms.Keys.Count > 0)
{
//CheckResponseBody(parms, body
// Lazy match any attribute in any HTML element/tag
CheckHtmlElements(parms, htmlElements);
CheckHtmlText(parms, htmlText);
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
}
}
//public override void Check(WatcherEngine watcher, Session session, UtilityHtmlParser htmlparser)
public override void Check(Session session)
{
String body = null;
String hteq = null;
String cont = null;
String enc = null;
String header = null;
alertbody = String.Empty;
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.UrlNotInList(session.fullUrl, urls))
{
// We only care about HTML and XML content, see:
// http://www.w3.org/International/O-charset
//
if (Utility.IsResponseHtml(session))
{
header = session.oResponse.headers.GetTokenValue("Content-Type", "charset");
// skip cases where the HTTP Header is null or empty, these are covered by another check.
if (session.responseBodyBytes.Length > 0 && !String.IsNullOrEmpty(header))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "meta")
{
if (chunk.oParams.ContainsKey("http-equiv") && chunk.oParams.ContainsKey("content"))
{
hteq = chunk.oParams["http-equiv"].ToString();
if (hteq.ToString().Equals("content-type", StringComparison.InvariantCultureIgnoreCase))
{
cont = chunk.oParams["content"].ToString();
if (!String.IsNullOrEmpty(cont))
{
CheckContentTypeCharset(cont, "html", header);
}
}
}
}
}
parser.Close();
}
}
else if (Utility.IsResponseXml(session))
{
header = session.oResponse.headers.GetTokenValue("Content-Type", "charset");
// skip cases where the HTTP Header is null or empty, these are covered by another check.
if (session.responseBodyBytes.Length > 0 && !String.IsNullOrEmpty(header))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "?xml")
{
if (chunk.oParams.ContainsKey("encoding"))
{
enc = chunk.oParams["encoding"].ToString();
if (!String.IsNullOrEmpty(enc))
{
CheckContentTypeCharset(enc, "xml", header);
}
}
}
}
parser.Close();
}
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
}
public override void Check(Session session)
{
String[] bods = null;
String body = null;
alertbody = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname, session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
parser.Parser.bAutoKeepScripts = true;
if (parser.Parser == null)
{
return;
}
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.Script)
{
CheckJavascriptCrossDomainReferenceProperty(session, chunk.oHTML, "src");
CheckJavascriptCrossDomainReferenceProperty(session, chunk.oHTML, "href");
CheckJavascriptCrossDomainReferenceWindowOpen(session, chunk.oHTML);
}
}
parser.Close();
//body = Utility.GetResponseText(session);
//if (body != null)
//{
// bods = Utility.GetHtmlTagBodies(body, "script");
// if (bods != null)
// {
// foreach (String b in bods)
// {
// CheckJavascriptCrossDomainReferenceProperty(session, b, "src");
// CheckJavascriptCrossDomainReferenceProperty(session, b, "href");
// CheckJavascriptCrossDomainReferenceWindowOpen(session, b);
// }
// }
//}
}
if (Utility.IsResponseJavascript(session))
{
body = Utility.GetResponseText(session);
if (body != null)
{
CheckJavascriptCrossDomainReferenceProperty(session, body, "src");
CheckJavascriptCrossDomainReferenceProperty(session, body, "href");
CheckJavascriptCrossDomainReferenceWindowOpen(session, body);
}
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
/// <summary>
/// Check the OBJECT tag for an enableHtmlAccess parameter set to 'true'.
/// See http://msdn.microsoft.com/en-us/library/cc189089(VS.95).aspx
/// </summary>
/// <param name="bod">The OBJECT tag content</param>
private void CheckObjectTag(UtilityHtmlParser parser, HTMLchunk chunk)
{
String attr = null;
String attr2 = null;
String attr3 = null;
String enableHtmlAccessValue = null;
String val = null;
bool flag = false;
// Get the attributes from the object tag
if (chunk.oParams.ContainsKey("classid"))
{
attr = chunk.oParams["classid"].ToString();
}
if (chunk.oParams.ContainsKey("type"))
{
attr2 = chunk.oParams["type"].ToString();
}
if (chunk.oParams.ContainsKey("data"))
{
attr3 = chunk.oParams["data"].ToString();
}
if ((attr != null && attr == "clsid:89F4137D-6C26-4A84-BDB8-2E5A4BB71E00".ToLower()) ||
(attr != null && (attr.Contains("x-silverlight"))) ||
(attr2 != null && (attr2.Contains("x-silverlight"))) ||
(attr3 != null && (attr3.Contains("x-silverlight")))
)
{
while ((chunk = parser.Parser.ParseNext()) != null)
{
// Get out if we reach the end of the object tag
if (chunk.oType == HTMLchunkType.CloseTag && chunk.sTag == "object")
{
break;
}
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "param")
{
String name = chunk.oParams["name"].ToString();
// The PARAM should contain an attribute named SOURCE pointing to
// the .XAP or .XAML file to load.
if (name == "source")
{
val = chunk.oParams["value"].ToString().ToLower();
if ((val.Trim().EndsWith(".xap")) || (val.Trim().EndsWith(".xaml")))
{
flag = true;
}
}
if (name == "enablehtmlaccess")
{
enableHtmlAccessValue = chunk.oParams["value"].ToString().ToLower();
}
if (flag)
{
CheckEnableHtmlAccessValue(enableHtmlAccessValue, chunk.oHTML);
}
}
}
}
//bods = Utility.GetHtmlTagBodies(bod, "object", false);
//if (bods != null)
//{
// foreach (String b in bods)
// {
// attr = Utility.ToSafeLower(Utility.GetHtmlTagAttribute(b, "classid"));
// attr2 = Utility.ToSafeLower(Utility.GetHtmlTagAttribute(b, "type"));
// attr3 = Utility.ToSafeLower(Utility.GetHtmlTagAttribute(b, "data"));
// if ((attr != null && attr == "clsid:89F4137D-6C26-4A84-BDB8-2E5A4BB71E00".ToLower()) ||
// (attr != null && (attr.Contains("x-silverlight"))) ||
// (attr2 != null && (attr2.Contains("x-silverlight"))) ||
// (attr3 != null && (attr2.Contains("x-silverlight")))
// )
// {
// foreach (Match param in Utility.GetHtmlTags(b, "param"))
// {
// name = Utility.ToSafeLower(Utility.GetHtmlTagAttribute(param.ToString(), "name"));
// if (name != null)
// {
// // The PARAM should contain an attribute named SOURCE pointing to
// // the .XAP or .XAML file to load.
// if (name == "source")
// {
// val = Utility.ToSafeLower(Utility.GetHtmlTagAttribute(param.ToString(), "value"));
// if (val != null)
// if ((val.Trim().EndsWith(".xap")) || (val.Trim().EndsWith(".xaml")))
// flag = true;
// }
// if (name == "enablehtmlaccess")
// {
// enableHtmlAccessValue = Utility.ToSafeLower((Utility.GetHtmlTagAttribute(param.ToString(), "value")));
// }
// }
// }
// if (flag)
// {
// CheckEnableHtmlAccessValue(enableHtmlAccessValue, b);
// }
// }
// String type = null;
// type = Utility.GetHtmlTagAttribute(b, "type");
// if (type != null)
// if (type.ToLower().Contains("x-silverlight"))
// CheckEnableHtmlAccessValue(Utility.GetHtmlTagAttribute(b, "enablehtmlaccess"), b);
// }
//}
}
public override void Check(Session session)
{
String bod = null;
String src = null;
String dom = null;
String rel = null;
String[] bods = null;
alertbody = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname, session.hostname))
{
if (session.responseCode == 200 && session.responseBodyBytes.Length > 0)
{
if (Utility.IsResponseHtml(session))
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
parser.Parser.bKeepRawHTML = true;
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "style")
{
// Get the stuff between style tags
chunk = parser.Parser.ParseNext();
CheckCssImport(session, chunk.oHTML);
}
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "link" && chunk.oParams.ContainsKey("rel"))
{
rel = chunk.oParams["rel"].ToString().ToLower();
if (rel == "stylesheet" && chunk.oParams.ContainsKey("href"))
{
src = chunk.oParams["href"].ToString();
if (!String.IsNullOrEmpty(src))
{
dom = Utility.GetUriDomainName(src);
if (dom != null)
{
if (!WatcherEngine.Configuration.IsOriginDomain(dom, session.hostname) && !WatcherEngine.Configuration.IsTrustedDomain(dom))
{
AssembleAlert(dom, chunk.oHTML);
}
}
}
}
}
}
// close the parser
parser.Close();
}
if (Utility.IsResponseCss(session))
{
bod = Utility.GetResponseText(session);
if (bod != null)
{
CheckCssImport(session, bod);
}
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
public override void Check(Session session)
{
String body = null;
String comment = null;
String script = null;
alertbody = "";
findingnum = 0;
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseHtml(session) && session.responseBodyBytes.Length > 0)
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
if (chunk.oType == HTMLchunkType.Comment)
{
// TODO: Must call Finalise() first!
comment = chunk.oHTML;
if (comment != null)
{
CheckComment(session, comment);
}
}
if (chunk.oType == HTMLchunkType.Script)
{
script = chunk.oHTML.Trim();
if (script != null)
{
foreach (Match comments in Utility.GetJavascriptMultiLineComment(script))
{
comment = comments.ToString();
CheckComment(session, comment);
}
foreach (Match comments in Utility.GetJavascriptSingleLineComment(script))
{
comment = comments.ToString();
CheckComment(session, comment);
}
}
}
}
parser.Close();
}
if (Utility.IsResponseJavascript(session))
{
body = Utility.GetResponseText(session);
// Look at application/javascript responses
if (Utility.IsResponseJavascript(session))
{
foreach (Match comments in Utility.GetJavascriptMultiLineComment(body))
{
comment = comments.ToString();
if (comment != null)
{
CheckComment(session, comment);
}
}
foreach (Match comments in Utility.GetJavascriptSingleLineComment(body))
{
comment = comments.ToString();
if (comment != null)
{
CheckComment(session, comment);
}
}
}
}
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
public override void Check(Session session)
{
String pat = null;
String bod = null;
String dom = null;
alertbody = "";
findingnum = 0;
// This is a check for cross-domain issues. So if Watcher is not configured with
// an origin domain, treat the session response hostname as the origin.
if (WatcherEngine.Configuration.IsOriginDomain(session.hostname, session.hostname))
{
if (session.responseCode == 200)
{
if (Utility.IsResponseXml(session) || Utility.IsResponsePlain(session))
{
pat = Path.GetFileName(session.PathAndQuery);
if (pat != null && pat.ToLower() == "crossdomain.xml")
{
UtilityHtmlParser parser = new UtilityHtmlParser();
parser.Open(session);
parser.Parser.bKeepRawHTML = true;
HTMLchunk chunk;
while ((chunk = parser.Parser.ParseNext()) != null)
{
// Check if this is a Flash cross-domain-policy
//if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "cross-domain-policy")
//{
//}
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "allow-access-from")
{
try
{
dom = chunk.oParams["domain"].ToString();
}
catch (ArgumentOutOfRangeException)
{
continue;
}
if (!WatcherEngine.Configuration.IsOriginDomain(dom, session.hostname) && !WatcherEngine.Configuration.IsTrustedDomain(dom))
{
AssembleAlert(dom, chunk.oHTML);
}
}
if (chunk.oType == HTMLchunkType.OpenTag && chunk.sTag == "allow-http-request-headers-from")
{
try
{
dom = chunk.oParams["domain"].ToString();
}
catch (ArgumentOutOfRangeException)
{
continue;
}
if (!WatcherEngine.Configuration.IsOriginDomain(dom, session.hostname) && !WatcherEngine.Configuration.IsTrustedDomain(dom))
{
AssembleAlert(dom, chunk.oHTML);
}
}
}
parser.Close();
if (!String.IsNullOrEmpty(alertbody))
{
AddAlert(session);
}
}
}
}
}
}
