public void Add(string Host, List<string> Cookies)
{
List<SetCookie> NewCookies = new List<SetCookie>();
foreach (string CookieString in Cookies)
{
SetCookie SC = new SetCookie(CookieString);
if (SC.Domain.Length == 0) SC.SetDomain(Host);
NewCookies.Add(SC);
}
lock (SetCookies)
{
foreach (SetCookie SC in NewCookies)
{
List<int> OverWritePositions = new List<int>();
for (int i = 0; i < SetCookies.Count; i++)
{
if (SetCookies[i].Name.Equals(SC.Name))
{
if ((SetCookies[i].Domain.Equals(SC.Domain) || SetCookies[i].Domain.EndsWith("." + SC.Domain))
&& (SetCookies[i].Path.Equals(SC.Path) || Regex.IsMatch(SetCookies[i].Path, "^" + SC.Path + "\\W+.*") || SetCookies[i].Path.Length == 0 || SetCookies[i].Path.Equals("/")))
{
OverWritePositions.Add(i);
}
}
}
for (int i = 0; i < OverWritePositions.Count; i++)
{
SetCookies.RemoveAt(OverWritePositions[i] - i);
}
SetCookies.Add(SC);
}
}
}
internal void CreateSetCookieListFromParameters(HeaderParameters Headers)
{
this.setCookies = new List <SetCookie>();
if (Headers.Has("Set-Cookie"))
{
foreach (string SCString in Headers.GetAll("Set-Cookie"))
{
SetCookie SC = new SetCookie(SCString);
this.SetCookies.Add(SC);
}
}
}
public void Add(string Host, List <string> Cookies)
{
List <SetCookie> NewCookies = new List <SetCookie>();
foreach (string CookieString in Cookies)
{
SetCookie SC = new SetCookie(CookieString);
if (SC.Domain.Length == 0)
{
SC.SetDomain(Host);
}
NewCookies.Add(SC);
}
lock (SetCookies)
{
foreach (SetCookie SC in NewCookies)
{
List <int> OverWritePositions = new List <int>();
for (int i = 0; i < SetCookies.Count; i++)
{
if (SetCookies[i].Name.Equals(SC.Name))
{
if ((SetCookies[i].Domain.Equals(SC.Domain) || SetCookies[i].Domain.EndsWith("." + SC.Domain)) &&
(SetCookies[i].Path.Equals(SC.Path) || Regex.IsMatch(SetCookies[i].Path, "^" + SC.Path + "\\W+.*") || SetCookies[i].Path.Length == 0 || SetCookies[i].Path.Equals("/")))
{
OverWritePositions.Add(i);
}
}
}
for (int i = 0; i < OverWritePositions.Count; i++)
{
SetCookies.RemoveAt(OverWritePositions[i] - i);
}
SetCookies.Add(SC);
}
}
}
public void SetCookie(SetCookie SetCookie)
{
this.Cookie.Set(SetCookie.Name, SetCookie.Value);
}
internal void CreateSetCookieListFromParameters(HeaderParameters Headers)
{
this.setCookies = new List<SetCookie>();
if (Headers.Has("Set-Cookie"))
{
foreach (string SCString in Headers.GetAll("Set-Cookie"))
{
SetCookie SC = new SetCookie(SCString);
this.SetCookies.Add(SC);
}
}
}
internal static ScanTraceBehaviourAnalysisResultsUiInformation GetUiDisplayResults(string ResultsXml, string BaselineCode, string BaselineRoundtrip)
{
List <BehaviourAnalysisResult> Results = BehaviourAnalysisResult.ToObjectList(ResultsXml);
List <int> Codes = new List <int>();
List <string> Keywords = new List <string>();
List <string> Roundtrips = new List <string>();
List <int> InsertedChars = new List <int>();
List <string> SetCookies = new List <string>();
List <string> Headers = new List <string>();
List <object[]> CodeGridRows = new List <object[]>();
List <object[]> KeywordGridRows = new List <object[]>();
List <object[]> SetCookieGridRows = new List <object[]>();
List <object[]> HeadersGridRows = new List <object[]>();
List <object[]> BodyGridRows = new List <object[]>();
List <object[]> TimeGridRows = new List <object[]>();
Dictionary <string, string> HeaderVariationMessage = new Dictionary <string, string>()
{
{ "+", "Header added, this header was missing in baseline response" },
{ "-", "Missing header, this header was present in baseline response" },
{ ">", "Value added, this header had an empty value in baseline" },
{ "<", "Empty value, this header had a non-empty value in baseline" }
};
Dictionary <string, string> SetCookieVariationMessage = new Dictionary <string, string>()
{
{ "+", "Cookie added, this cookie was missing in baseline response" },
{ "-", "Missing cookie, this cookie was present in baseline response" },
{ ">", "Value added, this cookie had an empty value in baseline" },
{ "<", "Empty value, this cookie had a non-empty value in baseline" }
};
Dictionary <string, string> HeaderVariationMessageForSummary = new Dictionary <string, string>()
{
{ "+", "header added, this header was missing in baseline response" },
{ "-", "header is missing, this header was present in baseline response" },
{ ">", "header's value added, this header had an empty value in baseline" },
{ "<", "header's value is empty, this header had a non-empty value in baseline" }
};
Dictionary <string, string> SetCookieVariationMessageForSummary = new Dictionary <string, string>()
{
{ "+", "cookie added, this cookie was missing in baseline response" },
{ "-", "cookie is missing, this cookie was present in baseline response" },
{ ">", "cookie's value added, this cookie had an empty value in baseline" },
{ "<", "cookie's value is empty, this cookie had a non-empty value in baseline" }
};
foreach (BehaviourAnalysisResult Result in Results)
{
if (Result.ResponseCodeResult > 0)
{
CodeGridRows.Add(new object[] { Result.LogId, Result.ResponseCodeResult, Result.Payload });
if (!Codes.Contains(Result.ResponseCodeResult))
{
Codes.Add(Result.ResponseCodeResult);
}
}
if (Result.ResponseContentResult > 0)
{
BodyGridRows.Add(new object[] { Result.LogId, Result.ResponseContentResult, Result.Payload });
if (!InsertedChars.Contains(Result.ResponseContentResult))
{
InsertedChars.Add(Result.ResponseContentResult);
}
}
if (Result.RoundtripTimeResult.Length > 0)
{
TimeGridRows.Add(new object[] { Result.LogId, Result.RoundtripTimeResult, Result.Payload });
if (Int32.Parse(Result.RoundtripTimeResult.Trim(new char[] { '+', '-', 'm', 's' })) > 0)
{
if (!Roundtrips.Contains(Result.RoundtripTimeResult))
{
Roundtrips.Add(Result.RoundtripTimeResult);
}
}
}
if (Result.ResponseKeywordsResult.Count > 0)
{
KeywordGridRows.Add(new object[] { Result.LogId, string.Join(", ", Result.ResponseKeywordsResult.ToArray()), Result.Payload });
}
foreach (string Keyword in Result.ResponseKeywordsResult)
{
if (!Keywords.Contains(Keyword))
{
Keywords.Add(Keyword);
}
}
if (Result.SetCookieHeaderResult.Count > 0)
{
foreach (string SetCook in Result.SetCookieHeaderResult)
{
SetCookieGridRows.Add(new object[] { Result.LogId, SetCook.Substring(1), SetCookieVariationMessage[SetCook[0].ToString()], Result.Payload });
}
}
foreach (string SC in Result.SetCookieHeaderResult)
{
if (!SetCookies.Contains(SC))
{
SetCookies.Add(SC);
}
}
if (Result.ResponseHeadersResult.Count > 0)
{
foreach (string HeaderRes in Result.ResponseHeadersResult)
{
HeadersGridRows.Add(new object[] { Result.LogId, HeaderRes.Substring(1), HeaderVariationMessage[HeaderRes[0].ToString()], Result.Payload });
}
}
foreach (string H in Result.ResponseHeadersResult)
{
if (!Headers.Contains(H))
{
Headers.Add(H);
}
}
}
StringBuilder Summary = new StringBuilder();
if (Codes.Count > 0)
{
Summary.Append(string.Format("Response codes changed from the baseline value of <i<cg>><i<b>>{0}<i</b>><i</cg>> to ", BaselineCode));
for (int i = 0; i < Codes.Count; i++)
{
Summary.Append(string.Format("<i<cb>><i<b>>{0}<i</b>><i</cb>>", Codes[i]));
if (i < Codes.Count - 1)
{
Summary.Append(", ");
}
}
Summary.Append("<i<br>><i<br>>");
}
if (Keywords.Count > 0)
{
Summary.Append("Occurance of the following keywords in the response: ");
for (int i = 0; i < Keywords.Count; i++)
{
Summary.Append("<i<cr>><i<b>>"); Summary.Append(Keywords[i]); Summary.Append("<i</b>><i</cr>>");
if (i < Keywords.Count - 1)
{
Summary.Append(", ");
}
}
Summary.Append("<i<br>><i<br>>");
}
if (InsertedChars.Count > 0)
{
InsertedChars.Sort();
Summary.Append(string.Format("Up to <i<cb>><i<b>>{0}<i</b>><i</cb>> characters of new content found in some responses.", InsertedChars[0]));
Summary.Append("<i<br>><i<br>>");
}
if (SetCookies.Count > 0)
{
Summary.Append("Changes in Set-Cookie values:<i<br>>");
foreach (string SetCookie in SetCookies)
{
Summary.Append(" ");
Summary.Append("<i<co>><i<b>>"); Summary.Append(SetCookie.Substring(1)); Summary.Append("<i</b>><i</co>> ");
Summary.Append(SetCookieVariationMessageForSummary[SetCookie[0].ToString()]);
Summary.Append("<i<br>>");
}
Summary.Append("<i<br>>");
}
if (Headers.Count > 0)
{
Summary.Append("Changes in Response Headers:<i<br>>");
foreach (string Header in Headers)
{
Summary.Append(" ");
Summary.Append("<i<co>><i<b>>"); Summary.Append(Header.Substring(1)); Summary.Append("<i</b>><i</co>> ");
Summary.Append(HeaderVariationMessageForSummary[Header[0].ToString()]);
Summary.Append("<i<br>>");
}
Summary.Append("<i<br>>");
}
if (Roundtrips.Count > 0)
{
int BaselineRoundtripInt = Int32.Parse(BaselineRoundtrip);
List <int> PlusRoundtripIntList = new List <int>();
List <int> MinusRoundtripIntList = new List <int>();
for (int i = 0; i < Roundtrips.Count; i++)
{
int RoundtripDiff = Int32.Parse(Roundtrips[i].Trim(new char[] { '+', '-', 'm', 's', ' ' }));
if (Roundtrips[i][0] == '+')
{
PlusRoundtripIntList.Add(BaselineRoundtripInt + RoundtripDiff);
}
else
{
MinusRoundtripIntList.Add(BaselineRoundtripInt - RoundtripDiff);
}
}
PlusRoundtripIntList.Sort();
MinusRoundtripIntList.Sort();
Summary.Append(string.Format("Variation in the response roundtrip time from baseline value {0} ms:<i<br>><i<br>>", BaselineRoundtripInt));
string BaselineTimeStr = string.Format("{0} ms (Normal)", BaselineRoundtripInt);
string HighestTimeStr = "";
string LowestTimeStr = "";
double Factor = (double)BaselineRoundtripInt / 100.0;
if (Factor == 0)
{
Factor = 1.0; //To avoid divide by 0 exception or multiply by 0 and get 0
}
if (PlusRoundtripIntList.Count > 0)
{
HighestTimeStr = string.Format("{0} ms (Highest variation)", PlusRoundtripIntList[0]);
if ((double)PlusRoundtripIntList[0] / Factor > 250.0)
{
Factor = (double)PlusRoundtripIntList[0] / 250.0;
if (Factor == 0)
{
Factor = 1.0;
}
}
else if ((double)PlusRoundtripIntList[0] / Factor < 100.0)
{
Factor = (double)PlusRoundtripIntList[0] / 100.0;
if (Factor == 0)
{
Factor = 1.0;
}
}
}
if (MinusRoundtripIntList.Count > 0)
{
LowestTimeStr = string.Format("{0} ms (Lowest variation)", MinusRoundtripIntList[0]);
}
Summary.Append("<i<hlg>>");
Summary.Append(new String(' ', (int)Math.Round(((double)BaselineRoundtripInt / Factor))));
Summary.Append("<i</hlg>>");
Summary.Append(" "); Summary.Append(BaselineTimeStr); Summary.Append("<i<br>>");
if (HighestTimeStr.Length > 0)
{
Summary.Append("<i<hlb>>");
Summary.Append(new String(' ', (int)Math.Round(((double)PlusRoundtripIntList[0] / Factor))));
Summary.Append("<i</hlb>>");
Summary.Append(" "); Summary.Append(HighestTimeStr); Summary.Append("<i<br>>");
}
if (LowestTimeStr.Length > 0)
{
Summary.Append("<i<hlo>>");
Summary.Append(new String(' ', (int)Math.Round(((double)MinusRoundtripIntList[0] / Factor))));
Summary.Append("<i</hlo>>");
Summary.Append(" "); Summary.Append(LowestTimeStr); Summary.Append("<i<br>>");
}
Summary.Append("<i<br>>");
}
ScanTraceBehaviourAnalysisResultsUiInformation UiResult = new ScanTraceBehaviourAnalysisResultsUiInformation();
string SummaryText = Summary.ToString();
if (Summary.Length == 0)
{
UiResult.SummaryText = "<i<h1>>No significant variations could be observed<i</h1>><i<br>><i<br>>";
}
else
{
UiResult.SummaryText = string.Format("<i<h1>>Some payloads caused the following effects:<i</h1>><i<br>><i<br>>{0}", SummaryText);
}
UiResult.SummaryText = Summary.ToString();
UiResult.CodeGridRows = new List <object[]>(CodeGridRows);
UiResult.KeywordGridRows = new List <object[]>(KeywordGridRows);
UiResult.SetCookieGridRows = new List <object[]>(SetCookieGridRows);
UiResult.HeadersGridRows = new List <object[]>(HeadersGridRows);
UiResult.BodyGridRows = new List <object[]>(BodyGridRows);
UiResult.TimeGridRows = new List <object[]>(TimeGridRows);
return(UiResult);
}
public void Add(Request Req, SetCookie SC)
{
Add(Req.Host, SC.FullString);
}
public void SetCookie(SetCookie SetCookie)
{
this.Cookie.Set(SetCookie.Name, SetCookie.Value);
}
public void Add(Request Req, SetCookie SC)
{
Add(Req.Host, SC.FullString);
}
