From 935dd68355dcf141316fa7c188e9df2331bad207 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 28 Sep 2022 22:44:26 +0000 Subject: [PATCH] Auto Generate Syntax Docs + JSONSchema [Wed Sep 28 22:44:26 UTC 2022] :robot: --- SYNTAX-REFERENCE.md | 15 ++++++++ nuclei-jsonschema.json | 5 +++ v2/pkg/templates/templates_doc.go | 63 +++++++++++++++++-------------- 3 files changed, 54 insertions(+), 29 deletions(-) diff --git a/SYNTAX-REFERENCE.md b/SYNTAX-REFERENCE.md index 8431e220..e8e1a509 100755 --- a/SYNTAX-REFERENCE.md +++ b/SYNTAX-REFERENCE.md @@ -1292,6 +1292,21 @@ This can be used in conjunction with `max-redirects` to control the HTTP request
+host-redirects bool + +
+
+ +Redirects specifies whether only redirects to the same host should be followed by the HTTP Client. + +This can be used in conjunction with `max-redirects` to control the HTTP request redirects. + +
+ +
+ +
+ pipeline bool
diff --git a/nuclei-jsonschema.json b/nuclei-jsonschema.json index 7a86d2fd..bf4ba95c 100755 --- a/nuclei-jsonschema.json +++ b/nuclei-jsonschema.json @@ -873,6 +873,11 @@ "title": "follow http redirects", "description": "Specifies whether redirects should be followed by the HTTP Client" }, + "host-redirects": { + "type": "boolean", + "title": "follow same host http redirects", + "description": "Specifies whether redirects to the same host should be followed by the HTTP Client" + }, "pipeline": { "type": "boolean", "title": "perform HTTP 1.1 pipelining", diff --git a/v2/pkg/templates/templates_doc.go b/v2/pkg/templates/templates_doc.go index 60795456..4f7c2f1c 100644 --- a/v2/pkg/templates/templates_doc.go +++ b/v2/pkg/templates/templates_doc.go @@ -400,7 +400,7 @@ func init() { Value: "HTTP response headers in name:value format", }, } - HTTPRequestDoc.Fields = make([]encoder.Doc, 31) + HTTPRequestDoc.Fields = make([]encoder.Doc, 32) HTTPRequestDoc.Fields[0].Name = "matchers" HTTPRequestDoc.Fields[0].Type = "[]matchers.Matcher" HTTPRequestDoc.Fields[0].Note = "" @@ -543,51 +543,56 @@ func init() { HTTPRequestDoc.Fields[21].Note = "" HTTPRequestDoc.Fields[21].Description = "Redirects specifies whether redirects should be followed by the HTTP Client.\n\nThis can be used in conjunction with `max-redirects` to control the HTTP request redirects." HTTPRequestDoc.Fields[21].Comments[encoder.LineComment] = "Redirects specifies whether redirects should be followed by the HTTP Client." - HTTPRequestDoc.Fields[22].Name = "pipeline" + HTTPRequestDoc.Fields[22].Name = "host-redirects" HTTPRequestDoc.Fields[22].Type = "bool" HTTPRequestDoc.Fields[22].Note = "" - HTTPRequestDoc.Fields[22].Description = "Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining\n\nAll requests must be idempotent (GET/POST). This can be used for race conditions/billions requests." - HTTPRequestDoc.Fields[22].Comments[encoder.LineComment] = "Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining" - HTTPRequestDoc.Fields[23].Name = "unsafe" + HTTPRequestDoc.Fields[22].Description = "Redirects specifies whether only redirects to the same host should be followed by the HTTP Client.\n\nThis can be used in conjunction with `max-redirects` to control the HTTP request redirects." + HTTPRequestDoc.Fields[22].Comments[encoder.LineComment] = "Redirects specifies whether only redirects to the same host should be followed by the HTTP Client." + HTTPRequestDoc.Fields[23].Name = "pipeline" HTTPRequestDoc.Fields[23].Type = "bool" HTTPRequestDoc.Fields[23].Note = "" - HTTPRequestDoc.Fields[23].Description = "Unsafe specifies whether to use rawhttp engine for sending Non RFC-Compliant requests.\n\nThis uses the [rawhttp](https://github.com/projectdiscovery/rawhttp) engine to achieve complete\ncontrol over the request, with no normalization performed by the client." - HTTPRequestDoc.Fields[23].Comments[encoder.LineComment] = "Unsafe specifies whether to use rawhttp engine for sending Non RFC-Compliant requests." - HTTPRequestDoc.Fields[24].Name = "race" + HTTPRequestDoc.Fields[23].Description = "Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining\n\nAll requests must be idempotent (GET/POST). This can be used for race conditions/billions requests." + HTTPRequestDoc.Fields[23].Comments[encoder.LineComment] = "Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining" + HTTPRequestDoc.Fields[24].Name = "unsafe" HTTPRequestDoc.Fields[24].Type = "bool" HTTPRequestDoc.Fields[24].Note = "" - HTTPRequestDoc.Fields[24].Description = "Race determines if all the request have to be attempted at the same time (Race Condition)\n\nThe actual number of requests that will be sent is determined by the `race_count` field." - HTTPRequestDoc.Fields[24].Comments[encoder.LineComment] = "Race determines if all the request have to be attempted at the same time (Race Condition)" - HTTPRequestDoc.Fields[25].Name = "req-condition" + HTTPRequestDoc.Fields[24].Description = "Unsafe specifies whether to use rawhttp engine for sending Non RFC-Compliant requests.\n\nThis uses the [rawhttp](https://github.com/projectdiscovery/rawhttp) engine to achieve complete\ncontrol over the request, with no normalization performed by the client." + HTTPRequestDoc.Fields[24].Comments[encoder.LineComment] = "Unsafe specifies whether to use rawhttp engine for sending Non RFC-Compliant requests." + HTTPRequestDoc.Fields[25].Name = "race" HTTPRequestDoc.Fields[25].Type = "bool" HTTPRequestDoc.Fields[25].Note = "" - HTTPRequestDoc.Fields[25].Description = "ReqCondition automatically assigns numbers to requests and preserves their history.\n\nThis allows matching on them later for multi-request conditions." - HTTPRequestDoc.Fields[25].Comments[encoder.LineComment] = "ReqCondition automatically assigns numbers to requests and preserves their history." - HTTPRequestDoc.Fields[26].Name = "stop-at-first-match" + HTTPRequestDoc.Fields[25].Description = "Race determines if all the request have to be attempted at the same time (Race Condition)\n\nThe actual number of requests that will be sent is determined by the `race_count` field." + HTTPRequestDoc.Fields[25].Comments[encoder.LineComment] = "Race determines if all the request have to be attempted at the same time (Race Condition)" + HTTPRequestDoc.Fields[26].Name = "req-condition" HTTPRequestDoc.Fields[26].Type = "bool" HTTPRequestDoc.Fields[26].Note = "" - HTTPRequestDoc.Fields[26].Description = "StopAtFirstMatch stops the execution of the requests and template as soon as a match is found." - HTTPRequestDoc.Fields[26].Comments[encoder.LineComment] = "StopAtFirstMatch stops the execution of the requests and template as soon as a match is found." - HTTPRequestDoc.Fields[27].Name = "skip-variables-check" + HTTPRequestDoc.Fields[26].Description = "ReqCondition automatically assigns numbers to requests and preserves their history.\n\nThis allows matching on them later for multi-request conditions." + HTTPRequestDoc.Fields[26].Comments[encoder.LineComment] = "ReqCondition automatically assigns numbers to requests and preserves their history." + HTTPRequestDoc.Fields[27].Name = "stop-at-first-match" HTTPRequestDoc.Fields[27].Type = "bool" HTTPRequestDoc.Fields[27].Note = "" - HTTPRequestDoc.Fields[27].Description = "SkipVariablesCheck skips the check for unresolved variables in request" - HTTPRequestDoc.Fields[27].Comments[encoder.LineComment] = "SkipVariablesCheck skips the check for unresolved variables in request" - HTTPRequestDoc.Fields[28].Name = "iterate-all" + HTTPRequestDoc.Fields[27].Description = "StopAtFirstMatch stops the execution of the requests and template as soon as a match is found." + HTTPRequestDoc.Fields[27].Comments[encoder.LineComment] = "StopAtFirstMatch stops the execution of the requests and template as soon as a match is found." + HTTPRequestDoc.Fields[28].Name = "skip-variables-check" HTTPRequestDoc.Fields[28].Type = "bool" HTTPRequestDoc.Fields[28].Note = "" - HTTPRequestDoc.Fields[28].Description = "IterateAll iterates all the values extracted from internal extractors" - HTTPRequestDoc.Fields[28].Comments[encoder.LineComment] = "IterateAll iterates all the values extracted from internal extractors" - HTTPRequestDoc.Fields[29].Name = "digest-username" - HTTPRequestDoc.Fields[29].Type = "string" + HTTPRequestDoc.Fields[28].Description = "SkipVariablesCheck skips the check for unresolved variables in request" + HTTPRequestDoc.Fields[28].Comments[encoder.LineComment] = "SkipVariablesCheck skips the check for unresolved variables in request" + HTTPRequestDoc.Fields[29].Name = "iterate-all" + HTTPRequestDoc.Fields[29].Type = "bool" HTTPRequestDoc.Fields[29].Note = "" - HTTPRequestDoc.Fields[29].Description = "DigestAuthUsername specifies the username for digest authentication" - HTTPRequestDoc.Fields[29].Comments[encoder.LineComment] = "DigestAuthUsername specifies the username for digest authentication" - HTTPRequestDoc.Fields[30].Name = "digest-password" + HTTPRequestDoc.Fields[29].Description = "IterateAll iterates all the values extracted from internal extractors" + HTTPRequestDoc.Fields[29].Comments[encoder.LineComment] = "IterateAll iterates all the values extracted from internal extractors" + HTTPRequestDoc.Fields[30].Name = "digest-username" HTTPRequestDoc.Fields[30].Type = "string" HTTPRequestDoc.Fields[30].Note = "" - HTTPRequestDoc.Fields[30].Description = "DigestAuthPassword specifies the password for digest authentication" - HTTPRequestDoc.Fields[30].Comments[encoder.LineComment] = "DigestAuthPassword specifies the password for digest authentication" + HTTPRequestDoc.Fields[30].Description = "DigestAuthUsername specifies the username for digest authentication" + HTTPRequestDoc.Fields[30].Comments[encoder.LineComment] = "DigestAuthUsername specifies the username for digest authentication" + HTTPRequestDoc.Fields[31].Name = "digest-password" + HTTPRequestDoc.Fields[31].Type = "string" + HTTPRequestDoc.Fields[31].Note = "" + HTTPRequestDoc.Fields[31].Description = "DigestAuthPassword specifies the password for digest authentication" + HTTPRequestDoc.Fields[31].Comments[encoder.LineComment] = "DigestAuthPassword specifies the password for digest authentication" MATCHERSMatcherDoc.Type = "matchers.Matcher" MATCHERSMatcherDoc.Comments[encoder.LineComment] = " Matcher is used to match a part in the output from a protocol."