mirror of https://github.com/daffainfo/nuclei.git
Added timeout context cancellation to http requests (#2319)
parent
ad2f0792c4
commit
2873e6ebc8
|
@ -57,11 +57,10 @@ func (g *generatedRequest) URL() string {
|
|||
|
||||
// Make creates a http request for the provided input.
|
||||
// It returns io.EOF as error when all the requests have been exhausted.
|
||||
func (r *requestGenerator) Make(baseURL, data string, payloads, dynamicValues map[string]interface{}) (*generatedRequest, error) {
|
||||
func (r *requestGenerator) Make(ctx context.Context, baseURL, data string, payloads, dynamicValues map[string]interface{}) (*generatedRequest, error) {
|
||||
if r.request.SelfContained {
|
||||
return r.makeSelfContainedRequest(data, payloads, dynamicValues)
|
||||
return r.makeSelfContainedRequest(ctx, data, payloads, dynamicValues)
|
||||
}
|
||||
ctx := context.Background()
|
||||
if r.options.Interactsh != nil {
|
||||
data, r.interactshURLs = r.options.Interactsh.ReplaceMarkers(data, []string{})
|
||||
for payloadName, payloadValue := range payloads {
|
||||
|
@ -105,9 +104,7 @@ func (r *requestGenerator) Make(baseURL, data string, payloads, dynamicValues ma
|
|||
return r.makeHTTPRequestFromModel(ctx, data, values, payloads)
|
||||
}
|
||||
|
||||
func (r *requestGenerator) makeSelfContainedRequest(data string, payloads, dynamicValues map[string]interface{}) (*generatedRequest, error) {
|
||||
ctx := context.Background()
|
||||
|
||||
func (r *requestGenerator) makeSelfContainedRequest(ctx context.Context, data string, payloads, dynamicValues map[string]interface{}) (*generatedRequest, error) {
|
||||
isRawRequest := r.request.isRaw()
|
||||
|
||||
// If the request is a raw request, get the URL from the request
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package http
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/url"
|
||||
"testing"
|
||||
"time"
|
||||
|
@ -88,7 +89,7 @@ func TestMakeRequestFromModal(t *testing.T) {
|
|||
|
||||
generator := request.newGenerator()
|
||||
inputData, payloads, _ := generator.nextValue()
|
||||
req, err := generator.Make("https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
req, err := generator.Make(context.Background(), "https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
require.Nil(t, err, "could not make http request")
|
||||
|
||||
bodyBytes, _ := req.request.BodyBytes()
|
||||
|
@ -116,13 +117,13 @@ func TestMakeRequestFromModalTrimSuffixSlash(t *testing.T) {
|
|||
|
||||
generator := request.newGenerator()
|
||||
inputData, payloads, _ := generator.nextValue()
|
||||
req, err := generator.Make("https://example.com/test.php", inputData, payloads, map[string]interface{}{})
|
||||
req, err := generator.Make(context.Background(), "https://example.com/test.php", inputData, payloads, map[string]interface{}{})
|
||||
require.Nil(t, err, "could not make http request")
|
||||
require.Equal(t, "https://example.com/test.php?query=example", req.request.URL.String(), "could not get correct request path")
|
||||
|
||||
generator = request.newGenerator()
|
||||
inputData, payloads, _ = generator.nextValue()
|
||||
req, err = generator.Make("https://example.com/test/", inputData, payloads, map[string]interface{}{})
|
||||
req, err = generator.Make(context.Background(), "https://example.com/test/", inputData, payloads, map[string]interface{}{})
|
||||
require.Nil(t, err, "could not make http request")
|
||||
require.Equal(t, "https://example.com/test/?query=example", req.request.URL.String(), "could not get correct request path")
|
||||
}
|
||||
|
@ -156,13 +157,13 @@ Accept-Encoding: gzip`},
|
|||
|
||||
generator := request.newGenerator()
|
||||
inputData, payloads, _ := generator.nextValue()
|
||||
req, err := generator.Make("https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
req, err := generator.Make(context.Background(), "https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
require.Nil(t, err, "could not make http request")
|
||||
authorization := req.request.Header.Get("Authorization")
|
||||
require.Equal(t, "Basic admin:admin", authorization, "could not get correct authorization headers from raw")
|
||||
|
||||
inputData, payloads, _ = generator.nextValue()
|
||||
req, err = generator.Make("https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
req, err = generator.Make(context.Background(), "https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
require.Nil(t, err, "could not make http request")
|
||||
authorization = req.request.Header.Get("Authorization")
|
||||
require.Equal(t, "Basic admin:guest", authorization, "could not get correct authorization headers from raw")
|
||||
|
@ -197,13 +198,13 @@ Accept-Encoding: gzip`},
|
|||
|
||||
generator := request.newGenerator()
|
||||
inputData, payloads, _ := generator.nextValue()
|
||||
req, err := generator.Make("https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
req, err := generator.Make(context.Background(), "https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
require.Nil(t, err, "could not make http request")
|
||||
authorization := req.request.Header.Get("Authorization")
|
||||
require.Equal(t, "Basic YWRtaW46YWRtaW4=", authorization, "could not get correct authorization headers from raw")
|
||||
|
||||
inputData, payloads, _ = generator.nextValue()
|
||||
req, err = generator.Make("https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
req, err = generator.Make(context.Background(), "https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
require.Nil(t, err, "could not make http request")
|
||||
authorization = req.request.Header.Get("Authorization")
|
||||
require.Equal(t, "Basic YWRtaW46Z3Vlc3Q=", authorization, "could not get correct authorization headers from raw")
|
||||
|
@ -241,7 +242,7 @@ func TestMakeRequestFromModelUniqueInteractsh(t *testing.T) {
|
|||
require.Nil(t, err, "could not create interactsh client")
|
||||
|
||||
inputData, payloads, _ := generator.nextValue()
|
||||
got, err := generator.Make("https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
got, err := generator.Make(context.Background(), "https://example.com", inputData, payloads, map[string]interface{}{})
|
||||
require.Nil(t, err, "could not make http request")
|
||||
|
||||
// check if all the interactsh markers are replaced with unique urls
|
||||
|
|
|
@ -2,6 +2,7 @@ package http
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"io"
|
||||
|
@ -56,7 +57,7 @@ func (request *Request) executeRaceRequest(reqURL string, previous output.Intern
|
|||
if !ok {
|
||||
return nil
|
||||
}
|
||||
requestForDump, err := generator.Make(reqURL, inputData, payloads, nil)
|
||||
requestForDump, err := generator.Make(context.Background(), reqURL, inputData, payloads, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -84,7 +85,7 @@ func (request *Request) executeRaceRequest(reqURL string, previous output.Intern
|
|||
if !ok {
|
||||
break
|
||||
}
|
||||
generatedRequest, err := generator.Make(reqURL, inputData, payloads, nil)
|
||||
generatedRequest, err := generator.Make(context.Background(), reqURL, inputData, payloads, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -127,7 +128,7 @@ func (request *Request) executeParallelHTTP(reqURL string, dynamicValues output.
|
|||
if !ok {
|
||||
break
|
||||
}
|
||||
generatedHttpRequest, err := generator.Make(reqURL, inputData, payloads, dynamicValues)
|
||||
generatedHttpRequest, err := generator.Make(context.Background(), reqURL, inputData, payloads, dynamicValues)
|
||||
if err != nil {
|
||||
if err == io.EOF {
|
||||
break
|
||||
|
@ -194,7 +195,7 @@ func (request *Request) executeTurboHTTP(reqURL string, dynamicValues, previous
|
|||
if !ok {
|
||||
break
|
||||
}
|
||||
generatedHttpRequest, err := generator.Make(reqURL, inputData, payloads, dynamicValues)
|
||||
generatedHttpRequest, err := generator.Make(context.Background(), reqURL, inputData, payloads, dynamicValues)
|
||||
if err != nil {
|
||||
request.options.Progress.IncrementFailedRequestsBy(int64(generator.Total()))
|
||||
return err
|
||||
|
@ -252,7 +253,10 @@ func (request *Request) ExecuteWithResults(reqURL string, dynamicValues, previou
|
|||
variablesMap, interactURLs := request.options.Variables.EvaluateWithInteractsh(generators.MergeMaps(dynamicValues, payloads), request.options.Interactsh)
|
||||
dynamicValue = generators.MergeMaps(variablesMap, dynamicValue)
|
||||
|
||||
generatedHttpRequest, err := generator.Make(reqURL, data, payloads, dynamicValue)
|
||||
ctx, cancel := context.WithTimeout(context.Background(), time.Duration(request.options.Options.Timeout)*time.Second)
|
||||
defer cancel()
|
||||
|
||||
generatedHttpRequest, err := generator.Make(ctx, reqURL, data, payloads, dynamicValue)
|
||||
if err != nil {
|
||||
if err == io.EOF {
|
||||
return true, nil
|
||||
|
|
Loading…
Reference in New Issue