Best Go-testdeep code snippet using util.CheckTag
director.go
Source:director.go
1package director2import (3 "context"4 "fmt"5 "path"6 "sync"7 "time"8 log "github.com/Sirupsen/logrus"9 etcd "github.com/coreos/etcd/client"10 looper "github.com/relistan/go-director"11 "github.com/9corp/9volt/base"12 "github.com/9corp/9volt/config"13 "github.com/9corp/9volt/dal"14 "github.com/9corp/9volt/overwatch"15 "github.com/9corp/9volt/util"16)17const (18 COLLECT_CHECK_STATS_INTERVAL = time.Duration(5 * time.Second)19 UNTAGGED_MEMBER_MAP_ENTRY = "!UNTAGGED!"20)21type IDirector interface {22 Start() error23}24type Director struct {25 MemberID string26 Config *config.Config27 Log log.FieldLogger28 State bool29 StateChan <-chan bool30 DistributeChan <-chan bool31 OverwatchChan chan<- *overwatch.Message32 StateLock *sync.Mutex33 DalClient dal.IDal34 CheckStatsLooper looper.Looper35 CheckStats map[string]*dal.MemberStat36 CheckStatsMutex *sync.Mutex37 base.Component38}39func New(cfg *config.Config, stateChan <-chan bool, distributeChan <-chan bool, overwatchChan chan<- *overwatch.Message) (*Director, error) {40 dalClient, err := dal.New(cfg.EtcdPrefix, cfg.EtcdMembers, cfg.EtcdUserPass, false, false, false)41 if err != nil {42 return nil, err43 }44 return &Director{45 Config: cfg,46 Log: log.WithField("pkg", "director"),47 MemberID: cfg.MemberID,48 StateChan: stateChan,49 DistributeChan: distributeChan,50 OverwatchChan: overwatchChan,51 StateLock: &sync.Mutex{},52 DalClient: dalClient,53 CheckStats: make(map[string]*dal.MemberStat, 0),54 CheckStatsMutex: &sync.Mutex{},55 CheckStatsLooper: looper.NewTimedLooper(looper.FOREVER, COLLECT_CHECK_STATS_INTERVAL, make(chan error, 1)),56 Component: base.Component{57 Identifier: "director",58 },59 }, nil60}61func (d *Director) Start() error {62 d.Log.Debug("Launching director components...")63 // Generate a new context64 d.Component.Ctx, d.Component.Cancel = context.WithCancel(context.Background())65 go d.runDistributeListener()66 go d.runStateListener()67 go d.collectCheckStats()68 return nil69}70func (d *Director) Stop() error {71 if d.Component.Cancel == nil {72 d.Log.Warning("Looks like .Cancel is nil; is this expected?")73 } else {74 d.Component.Cancel()75 }76 // Some things may not utilize context and use a looper instead77 d.CheckStatsLooper.Quit()78 return nil79}80// This is used for figuring out how many checks are assigned to each member;81// this information is necessary for determining which member is next in line82// to be given/assigned a new check.83func (d *Director) collectCheckStats() {84 llog := d.Log.WithField("method", "collectCheckStats")85 d.CheckStatsLooper.Loop(func() error {86 // To avoid a potential race here; all members have a count of how many87 // checks each member is assigned.88 // This will *probably* be switched to utilize `state` later on.89 checkStats, err := d.DalClient.FetchCheckStats()90 if err != nil {91 d.Config.EQClient.AddWithErrorLog("Unable to fetch check stats", llog, log.Fields{"err": err})92 return nil93 }94 d.CheckStatsMutex.Lock()95 d.CheckStats = checkStats96 d.CheckStatsMutex.Unlock()97 return nil98 })99 llog.Debug("Exiting...")100}101func (d *Director) runDistributeListener() {102 llog := d.Log.WithField("method", "runDistributeListener")103 llog.Debug("Starting...")104OUTER:105 for {106 select {107 case <-d.DistributeChan:108 // safety valve109 if !d.amDirector() {110 llog.Warning("Was asked to distribute checks but am not director!")111 continue112 }113 if err := d.distributeChecks(); err != nil {114 d.Config.EQClient.AddWithErrorLog("Unable to distribute checks", llog, log.Fields{"err": err})115 }116 case <-d.Component.Ctx.Done():117 llog.Debug("Received a notice to shutdown")118 break OUTER119 }120 }121 llog.Debug("Exiting...")122}123func (d *Director) distributeChecks() error {124 llog := d.Log.WithField("method", "distributeChecks")125 llog.Debug("Performing member existence verification")126 if err := d.verifyMemberExistence(); err != nil {127 return fmt.Errorf("%v-distributeChecks: Unable to verify member existence in cluster: %v",128 d.Identifier, err.Error())129 }130 llog.Info("Performing check distribution across cluster")131 // fetch all members in cluster132 members, err := d.DalClient.GetClusterMembersWithTags()133 if err != nil {134 return fmt.Errorf("Unable to fetch cluster members: %v", err.Error())135 }136 if len(members) == 0 {137 return fmt.Errorf("No active cluster members found - bug?")138 }139 llog.Debugf("Distributing checks between %v cluster members", len(members))140 // fetch all check keys141 checkKeys, err := d.DalClient.GetCheckKeysWithMemberTag()142 if err != nil {143 return fmt.Errorf("Unable to fetch all check keys: %v", err.Error())144 }145 if len(checkKeys) == 0 {146 return fmt.Errorf("Check configuration is empty - nothing to distribute!")147 }148 if err := d.performCheckDistribution(members, checkKeys); err != nil {149 return fmt.Errorf("Unable to complete check distribution: %v", err.Error())150 }151 return nil152}153// Distribute checks among cluster members154//155// This is a bit ... rough. The goal is to fairly distribute checks among156// members with (and without) node tags.157//158// What *should* happen:159//160// - Checks that do not have a 'member-tag' will be distributed among nodes that161// do not have any tags162// - Checks that have tags will be distributed among nodes that have the same tag163// - Checks that have tags but do not have a corresponding nodes with the same tag164// are considered 'orphaned' and are logged.165//166// Order of operations:167//168// - Convert our available member map from map[memberID][]tags -> map[tag][]memberIDs169// - If a member does not have any tags, set its tag to '!UNTAGGED!'170//171// - Loop over our new member list map172// - Fetch any check keys that match the currently looped tag173// - If the check key does NOT have a tag and the currently looped tag == '!UNTAGGED!',174// add it to the list of 'checks'175// - Determine the number of checks each node should have176// - Create new check references for each node177// - Last node gets the remainder of checks178//179// Note: The words 'node' and 'member' are used interchangibly here.180func (d *Director) performCheckDistribution(members map[string][]string, checkKeys map[string]string) error {181 llog := d.Log.WithField("method", "distributeChecks")182 memberList := d.convertMembersMap(members)183 for tag, memList := range memberList {184 checks := d.filterCheckKeysByTag(checkKeys, tag)185 checksPerMember := len(checks) / len(memList)186 start := 0187 // This chunk of code is used for figuring out the max number of checks188 // each member in 'memList' should have and assigning each individual189 // member their designated checks.190 for memberNum := 0; memberNum < len(memList); memberNum++ {191 // Blow away any pre-existing config references192 if err := d.DalClient.ClearCheckReferences(memList[memberNum]); err != nil {193 llog.WithFields(log.Fields{194 "id": memList[memberNum],195 "err": err,196 }).Error("Unable to clear existing check references for member")197 return err198 }199 maxChecks := start + checksPerMember200 // last member gets the remainder of the checks201 if memberNum == len(memList)-1 {202 maxChecks = len(checks)203 }204 totalAssigned := 0205 for i := start; i != maxChecks; i++ {206 llog.WithFields(log.Fields{207 "check": checks[i],208 "member": memList[memberNum],209 }).Debug("Assigning check to member")210 if err := d.DalClient.CreateCheckReference(memList[memberNum], checks[i]); err != nil {211 llog.WithFields(log.Fields{212 "id": memList[memberNum],213 "err": err,214 }).Error("Unable to create check reference for member")215 return err216 }217 totalAssigned++218 }219 // Update our start num220 start = maxChecks221 llog.WithFields(log.Fields{222 "totalAssigned": totalAssigned,223 "memberID": memList[memberNum],224 "tag": tag,225 }).Debug("Assigned check(s) to member")226 }227 }228 // entries in checkKeys are deleted during filterCheckKeysByTag()229 if len(checkKeys) != 0 {230 llog.Warningf("Found %v orphaned checks (unable to find any fitting nodes)", len(checkKeys))231 for checkName, checkTag := range checkKeys {232 d.Config.EQClient.AddWithLog("warning", "Unable to find fitting member for check",233 llog, log.Fields{234 "check": checkName,235 "tag": checkTag,236 },237 )238 }239 }240 return nil241}242// Roll through all check keys, return checks that contain given tag; update checkKeys map243func (d *Director) filterCheckKeysByTag(checkKeys map[string]string, tag string) []string {244 newCheckKeys := make([]string, 0)245 for checkName, checkTag := range checkKeys {246 // Append to list if check does not have a member tag and given tag matches '!UNTAGGED!'247 if checkTag == "" && tag == UNTAGGED_MEMBER_MAP_ENTRY {248 newCheckKeys = append(newCheckKeys, checkName)249 delete(checkKeys, checkName)250 continue251 }252 if checkTag == tag {253 newCheckKeys = append(newCheckKeys, checkName)254 delete(checkKeys, checkName)255 }256 }257 return newCheckKeys258}259// Convert map[memberID][]tags -> map[tag][]memberIDs260func (d *Director) convertMembersMap(members map[string][]string) map[string][]string {261 newMemberMap := make(map[string][]string, 0)262 for memberID, tags := range members {263 if len(tags) == 0 {264 if _, ok := newMemberMap[UNTAGGED_MEMBER_MAP_ENTRY]; !ok {265 newMemberMap[UNTAGGED_MEMBER_MAP_ENTRY] = make([]string, 0)266 }267 newMemberMap[UNTAGGED_MEMBER_MAP_ENTRY] = append(newMemberMap[UNTAGGED_MEMBER_MAP_ENTRY], memberID)268 continue269 }270 for _, tag := range tags {271 // Do we already have this tag? If not, let's create the slice272 if _, ok := newMemberMap[tag]; !ok {273 newMemberMap[tag] = make([]string, 0)274 }275 newMemberMap[tag] = append(newMemberMap[tag], memberID)276 }277 }278 return newMemberMap279}280func (d *Director) runStateListener() {281 llog := d.Log.WithField("method", "runStateListener")282 llog.Debug("Starting...")283 var ctx context.Context284 var cancel context.CancelFunc285OUTER:286 for {287 select {288 case state := <-d.StateChan:289 d.setState(state)290 if state {291 llog.WithField("change", "up").Info("Starting up etcd watchers")292 // create new context + cancel func293 ctx, cancel = context.WithCancel(context.Background())294 go d.runCheckConfigWatcher(ctx)295 // distribute checks in case we just took over as director (or first start)296 if err := d.distributeChecks(); err != nil {297 d.Config.EQClient.AddWithErrorLog("Unable to (re)distribute checks", llog, log.Fields{"err": err})298 }299 } else {300 llog.WithField("change", "down").Info("Shutting down etcd watchers")301 cancel()302 }303 case <-d.Component.Ctx.Done():304 llog.Debug("Received a notice to shutdown")305 // Shutdown potential checkConfigWatcher306 if cancel != nil {307 cancel()308 }309 break OUTER310 }311 }312 llog.Debug("Exiting...")313}314// This method exists to deal with a case where a director launches for the315// first time and attempts to distribute checks but the memberHeartbeat() has not316// yet had a chance to populate itself under /cluster/members/*317func (d *Director) verifyMemberExistence() error {318 // TODO: This can probably go into dal.GetClusterMembers()319 llog := d.Log.WithField("method", "verifyMemberExistence")320 // Let's wait a `heartbeatInterval`*2 to ensure that at least 1 active member321 // is in the cluster (if not - there's either a bug or the system is *massively* overloaded)322 tmpCtx, _ := context.WithTimeout(context.Background(), time.Duration(d.Config.HeartbeatInterval)*2)323 tmpWatcher := d.DalClient.NewWatcher("cluster/members/", true)324 for {325 resp, err := tmpWatcher.Next(tmpCtx)326 if err != nil {327 return fmt.Errorf("Error waiting on /cluster/members/*: %v", err.Error())328 }329 if resp.Action != "set" && resp.Action != "update" {330 llog.WithFields(log.Fields{331 "action": resp.Action,332 "key": resp.Node.Key,333 }).Debug("Ignoring etcd action on key")334 }335 llog.WithFields(log.Fields{336 "action": resp.Action,337 "key": resp.Node.Key,338 }).Debug("Detected etcd action on key")339 return nil340 }341}342// Watch /monitor config changes so that we can update individual member configs343// ie. Something under /monitor changes -> figure out which member is responsible344// for that particular check -> NOOP update OR DELETE corresponding member key345func (d *Director) runCheckConfigWatcher(ctx context.Context) {346 llog := d.Log.WithField("method", "runCheckConfigWatcher")347 llog.Debug("Starting...")348 watcher := d.DalClient.NewWatcher("monitor/", true)349 // No need for a looper here since we can control the loop via the context350 for {351 // safety valve352 if !d.amDirector() {353 llog.Warning("Not active director - stopping")354 break355 }356 // watch check config entries357 resp, err := watcher.Next(ctx)358 if err != nil && err.Error() == "context canceled" {359 llog.Warning("Received a notice to shutdown")360 break361 } else if err != nil {362 llog.WithField("err", err).Error("Unexpected error")363 d.OverwatchChan <- &overwatch.Message{364 Error: fmt.Errorf("Unexpected watcher error: %v", err),365 Source: fmt.Sprintf("%v.runCheckConfigWatcher", d.Identifier),366 ErrorType: overwatch.ETCD_WATCHER_ERROR,367 }368 // Let overwatch determine if it should shut things down or not369 continue370 }371 if d.ignorableWatcherEvent(resp) {372 llog.WithField("key", resp.Node.Key).Debug("Received ignorable watcher event")373 continue374 }375 if err := d.handleCheckConfigChange(resp); err != nil {376 llog.WithFields(log.Fields{377 "key": resp.Node.Key,378 "err": err,379 }).Error("Unable to process config change for given key")380 }381 }382 llog.Debug("Exiting...")383}384func (d *Director) handleCheckConfigChange(resp *etcd.Response) error {385 llog := d.Log.WithField("method", "handleCheckConfigChange")386 llog.WithField("key", resp.Node.Key).Debug("Received new response for key")387 // Let's not bother going any further if we got an unsupported action388 knownActions := []string{"set", "update", "create", "delete"}389 if !util.StringSliceContains(knownActions, resp.Action) {390 return fmt.Errorf("Unrecognized etcd action '%v' for check key '%v'", resp.Action, resp.Node.Key)391 }392 memberRefs, _, err := d.DalClient.FetchAllMemberRefs()393 if err != nil {394 return fmt.Errorf("Unable to fetch all member refs: %v", err.Error())395 }396 // If this is a delete, let's get rid of the check397 if resp.Action == "delete" {398 if memberID, ok := memberRefs[resp.Node.Key]; ok {399 if err := d.DalClient.ClearCheckReference(memberID, resp.Node.Key); err != nil {400 return fmt.Errorf("Unable to clear check reference on member '%v' for '%v': %v",401 memberID, resp.Node.Key, err)402 }403 } else {404 llog.Warningf("'delete' action for an orphaned check '%v' -- nothing to do", resp.Node.Key)405 }406 return nil407 }408 // Not a delete, so let's get this check's tag409 checkTag, err := d.DalClient.GetCheckMemberTag(resp.Node.Key)410 if err != nil {411 return fmt.Errorf("Unable to figure out tag for '%v': %v", resp.Node.Key, err)412 }413 var (414 newMemberID string415 newMemberErr error416 )417 // This is the result of 3 or 4 attempts at mapping out all of the logic all418 // thanks to the introduction of node tags and check pinning.419 if existingMemberID, ok := memberRefs[resp.Node.Key]; ok {420 // This check already exists on a node; does that member support the tags421 // this check is configured with?422 tags, err := d.DalClient.GetClusterMemberTags(existingMemberID)423 if err != nil {424 return fmt.Errorf("Unable to determine configured tags for member '%v': %v", existingMemberID, err)425 }426 // Yes! The check is not tagged, and the existing member does not have any tags!427 if checkTag == "" && len(tags) == 0 {428 newMemberID = existingMemberID429 } else if util.StringSliceContains(tags, checkTag) {430 newMemberID = existingMemberID431 } else {432 // No! This member is no longer a feasible place for this check to run.433 // (delete the old check ref, followed by a create on the new member)434 if err := d.DalClient.ClearCheckReference(existingMemberID, resp.Node.Key); err != nil {435 return fmt.Errorf("Unable to remove old reference for check '%v' from member '%v': %v",436 resp.Node.Key, existingMemberID, err)437 }438 newMemberID, newMemberErr = d.PickNextMember(checkTag)439 }440 } else {441 // This is a brand new check442 newMemberID, newMemberErr = d.PickNextMember(checkTag)443 }444 // Did PickNextMember() run into any errors?445 if newMemberErr != nil {446 return fmt.Errorf("Unable to pick next member for check '%v': %v", resp.Node.Key, newMemberErr)447 }448 // Finally, let's create the actual check reference (and cause manager to start the check)449 if err := d.DalClient.CreateCheckReference(newMemberID, resp.Node.Key); err != nil {450 return fmt.Errorf("Unable to complete check config update: %v", err)451 }452 return nil453}454// Return the least taxed cluster member455//456// If check stats are blank; return our own memberid:457// - if the check tag is blank and we have no tags458// - if the check tag is the same as one of our own tags459// - else, return a "no feasible members found" error460//461// If check stats are not blank:462// - build a 'feasible members' slice463// - determine if any of the feasible members have the 'checkTag'464// - if not, return a "no feasible members found" error465//466func (d *Director) PickNextMember(checkTag string) (string, error) {467 d.CheckStatsMutex.Lock()468 defer d.CheckStatsMutex.Unlock()469 // Check stats not yet populated, return self470 if len(d.CheckStats) == 0 {471 // Return ourselves if we do not have any tags configured and the check has no tags either472 if checkTag == "" && len(d.Config.Tags) == 0 {473 return d.MemberID, nil474 }475 // Return ourselves if we have the same tag that the check is tagged to476 if util.StringSliceContains(d.Config.Tags, checkTag) {477 return d.MemberID, nil478 }479 return "", fmt.Errorf("Unable to find a suitable member with empty check stats; required tag: '%v'", checkTag)480 }481 // figure out feasible members482 feasibleMembers := d.filterMembersByTag(d.CheckStats, checkTag)483 if len(feasibleMembers) == 0 {484 return "", fmt.Errorf("No feasible members found after filter; required tag: '%v'", checkTag)485 }486 // Let's figure out the least taxed, *feasible* member now487 var leastTaxedMember string488 var leastChecks int489 for _, memberID := range feasibleMembers {490 if _, ok := d.CheckStats[memberID]; !ok {491 d.Log.Warningf("CheckStats do not (yet) contain cluster member '%v'; new check distribution suboptimal", memberID)492 continue493 }494 // Handle first iteration495 if leastTaxedMember == "" {496 leastTaxedMember = memberID497 leastChecks = d.CheckStats[memberID].NumChecks498 continue499 }500 if d.CheckStats[memberID].NumChecks < leastChecks {501 leastTaxedMember = memberID502 leastChecks = d.CheckStats[memberID].NumChecks503 }504 }505 if leastTaxedMember == "" {506 // Edge case - d.CheckStats do not (yet) contain any of the feasible members507 return "", fmt.Errorf("Unable to find least taxed member")508 }509 // Let's bump up check stats for picked member (so they do not get picked immediately thereafter)510 d.CheckStats[leastTaxedMember].NumChecks++511 return leastTaxedMember, nil512}513// Go through a checkstat map, find any members that are tagged with `checkTag`;514// return slice of memberID's; note that it is _assumed_ that something else515// is managing the mutex for checkStats prior to this method being executed.516func (d *Director) filterMembersByTag(checkStats map[string]*dal.MemberStat, checkTag string) []string {517 members := make([]string, 0)518 for memberID, memberStat := range checkStats {519 // Match, if the check doesn't have a tag and the member doesn't have any tags either520 if len(memberStat.Tags) == 0 && checkTag == "" {521 members = append(members, memberID)522 continue523 }524 if util.StringSliceContains(memberStat.Tags, checkTag) {525 members = append(members, memberID)526 continue527 }528 }529 return members530}531// Determine if a specific event can be ignored532func (d *Director) ignorableWatcherEvent(resp *etcd.Response) bool {533 if resp == nil {534 d.Log.Debug("Received a nil etcd response - bug?")535 return true536 }537 // Ignore `/monitor/`538 if path.Base(resp.Node.Key) == "monitor" {539 return true540 }541 return false542}543func (d *Director) setState(state bool) {544 d.StateLock.Lock()545 d.State = state546 d.StateLock.Unlock()547}548func (d *Director) amDirector() bool {549 d.StateLock.Lock()550 state := d.State551 d.StateLock.Unlock()552 return state553}...
xsschecker.go
Source:xsschecker.go
...32 Script = 433)34type Checktype string35const (36 CheckTag Checktype = "Attibute" //æ£æµæ ç¾37 CheckValue Checktype = "Value" //æ£æµå¼38 CheckConsoleLog Checktype = "Console" //æ£æµæ§å¶å°è¾åº39 CheckDialog Checktype = "Dialog" //æ£æµçªå£å¼¹åº40)41func RandStringRunes(n int) string {42 b := make([]rune, n)43 for i := range b {44 b[i] = letterRunes[rand.Intn(len(letterRunes))]45 }46 return string(b)47}48// Generator wordså extension æ¯æ å°å
³ç³»49type Generator struct {50 i int51 value string52 IsNeedFlag bool53 mode Checktype54 Tag string55 extension []PayloadMode56 flag string57}58func (g *Generator) Next() bool {59 if g.i == len(g.extension) {60 return false61 }62 g.value = g.extension[g.i].payload63 g.mode = g.extension[g.i].Mode64 g.Tag = g.extension[g.i].CheckTag65 g.IsNeedFlag = g.extension[g.i].IsNeedFlag66 g.i++67 return true68}69func (g *Generator) Value() interface{} {70 return g.value71}72type Kv struct {73 K bytes.Buffer74 V bytes.Buffer75}76type PayloadMode struct {77 Mode Checktype78 IsNeedFlag bool79 payload string80 CheckTag string81}82// CheckHtmlNodeAttributesKey æ£æµæ¯å¦åå¨å¯¹åºçkeyå¼83func CheckHtmlNodeAttributes(s ast.Occurence, types string, name string, HasPrefix bool) (bool, Kv) {84 var Attributes Kv85 c := funk.Map(*s.Details.Attributes, func(A ast.Attribute) bool {86 if HasPrefix {87 if types == "key" {88 if strings.HasPrefix(A.Key, name) {89 Attributes.K.Reset()90 Attributes.V.Reset()91 Attributes.K.WriteString(A.Key)92 Attributes.V.WriteString(A.Key)93 return true94 } else {95 }96 } else {97 if strings.HasPrefix(A.Val, name) {98 Attributes.K.Reset()99 Attributes.V.Reset()100 Attributes.K.WriteString(A.Key)101 Attributes.V.WriteString(A.Key)102 return true103 }104 }105 } else {106 if types == "key" {107 if A.Key == name {108 Attributes.K.Reset()109 Attributes.V.Reset()110 Attributes.K.WriteString(A.Key)111 Attributes.V.WriteString(A.Key)112 return true113 }114 } else {115 if A.Val == name {116 Attributes.K.Reset()117 Attributes.V.Reset()118 Attributes.K.WriteString(A.Key)119 Attributes.V.WriteString(A.Key)120 return true121 }122 }123 }124 return false125 })126 if funk.Contains(c, true) {127 return true, Attributes128 }129 return false, Attributes130}131func Test_CheckHtmlNodeAttributesKey() {132 detail := ast.Node{Tagname: "attibute", Content: "key", Attributes: &[]ast.Attribute{{Key: "srcdoc", Val: "dsadsadadsa"}}}133 test := ast.Occurence{Details: detail}134 if ok, _ := CheckHtmlNodeAttributes(test, "key", "srcdoc", false); ok {135 logger.Debug("ok")136 }137}138type Callback func(msg string) string139func (g *Generator) CopyPayLoadtoXSS(payloaddata payload.PayloadData, Tagmode string, callback Callback) {140 xsspayloads := payloaddata.Xss[Tagmode].([]interface{})141 for _, v := range xsspayloads {142 s := v.(map[string]interface{})143 mytype := s["CheckType"].(string)144 PayLoad := s["PayLoad"].(string)145 if callback != nil {146 PayLoad = callback(PayLoad)147 }148 CheckTag := s["CheckTag"].(string)149 var mode PayloadMode150 mode.Mode = Checktype(mytype)151 mode.IsNeedFlag = true152 mode.payload = PayLoad153 mode.CheckTag = CheckTag154 g.extension = append(g.extension, mode)155 }156}157//GeneratorPayload çæpayloadæ¾å
¥è¿ä»£å¨ä¸ï¼å»ºè®®ä¸ä¸ªç±»åçæ ç¾åªè°ç¨ä¸æ¬¡158/*159mode æ ç¾æ¨¡å¼160flag éæºæ°161payloaddata å è½½çpayloadé162checktype æ£æµç±»åï¼çæçpayloadæ¯ä»¥ä»ä¹å½¢å¼è¿è¡æ£æµ163extension æ©å±ç±»å164*/165func (g *Generator) GeneratorPayload(Tagmode int, flag string, payloaddata payload.PayloadData, extension interface{}) interface{} {166 g.flag = flag167 var (168 htmlok bool169 attibuteoK bool170 CommentoK bool171 scriptok bool172 )173 if Htmlmode == Tagmode {174 if !htmlok {175 g.CopyPayLoadtoXSS(payloaddata, "html", nil)176 htmlok = true177 }178 } else if Comment == Tagmode {179 if !CommentoK {180 g.CopyPayLoadtoXSS(payloaddata, "comment", nil)181 CommentoK = true182 }183 } else if Attibute == Tagmode {184 Occurences := extension.([]ast.Occurence)185 for _, Occurence := range Occurences {186 if funk.Contains(Occurence.Type, "key") {187 g.CopyPayLoadtoXSS(payloaddata, "html", nil)188 } else {189 //å¤çé¾æ¥å±æ§190 ok, _ := CheckHtmlNodeAttributes(Occurence, "key", "href", false)191 ok1, _ := CheckHtmlNodeAttributes(Occurence, "val", flag, false)192 if ok && ok1 {193 g.CopyPayLoadtoXSS(payloaddata, "script", func(payload string) string {194 Lstr := strings.Replace(payload, "<", "%26lt;", -1)195 Rstr := strings.Replace(Lstr, ">", "%26gt;", -1)196 return Rstr197 })198 }199 //å¤çonerrorçonå¼å¤´çå±æ§æ
åµ200 if ok, Kv := CheckHtmlNodeAttributes(Occurence, "key", "on", true); ok {201 script := Kv.V.String()202 payload, err := ast.AnalyseJSFuncByFlag(flag, script)203 if err != nil {204 return err205 }206 logger.Info("Attributes generator payload:%s", payload)207 var mode PayloadMode208 mode.Mode = Checktype(CheckConsoleLog)209 mode.IsNeedFlag = true210 mode.payload = payload211 mode.CheckTag = ""212 g.extension = append(g.extension, mode)213 }214 if !attibuteoK {215 g.CopyPayLoadtoXSS(payloaddata, "attibute", func(payload string) string {216 return payload217 })218 // g.CopyPayLoadtoXSS(payloaddata, "html", func(payload string) string {219 // Rstr := `'">` + payload220 // return Rstr221 // })222 attibuteoK = true223 }224 }225 }226 } else if Script == Tagmode {227 if !scriptok {228 Occurence := extension.([]ast.Occurence)229 for _, v := range Occurence {230 payload, err := ast.AnalyseJSFuncByFlag(flag, v.Details.Content)231 if err != nil {232 return err233 }234 var mode PayloadMode235 mode.Mode = Checktype(CheckConsoleLog)236 mode.IsNeedFlag = true237 mode.payload = payload238 mode.CheckTag = ""239 g.extension = append(g.extension, mode)240 scriptok = true241 }242 }243 }244 return nil245}246// GetPayloadValue è¿ä»£ payload247func (g *Generator) GetPayloadValue() (string, Checktype, string) {248 if g.Next() {249 if g.IsNeedFlag {250 switch v := g.Value().(type) {251 case string:252 v = strings.ReplaceAll(v, "flag", g.flag)253 return v, g.mode, g.Tag254 }255 } else {256 switch v := g.Value().(type) {257 case string:258 return v, g.mode, g.Tag259 }260 }261 }262 return "", "", ""263}264// CheckXssVul æ£æµXssæ¼æ´265func (g *Generator) evaluate(locations []ast.Occurence, methods Checktype, checktag string, extension interface{}) bool {266 var VulOK bool = false267 if len(locations) == 0 {268 return VulOK269 }270 if methods == CheckValue {271 for _, location := range locations {272 if checktag == location.Details.Tagname || checktag == "" || checktag == "key" {273 if location.Type == "attibute" {274 for _, Attributes := range *location.Details.Attributes {275 if funk.Contains(Attributes.Key, g.flag) || funk.Contains(Attributes.Val, g.flag) {276 VulOK = true277 return VulOK278 }279 }280 } else if location.Details.Content == g.flag {281 VulOK = true282 return VulOK283 }284 }285 }286 } else if methods == CheckTag {287 for _, location := range locations {288 if checktag == location.Details.Tagname || checktag == "" || location.Details.Tagname == "attibute" {289 if location.Type == "attibute" {290 for _, Attributes := range *location.Details.Attributes {291 if Attributes.Key == g.flag || Attributes.Val == g.flag {292 VulOK = true293 return VulOK294 }295 }296 } else if location.Details.Tagname == g.flag {297 VulOK = true298 return VulOK299 }300 }...
tag.go
Source:tag.go
...7import (8 "errors"9 "unicode"10)11// ErrTagEmpty is the error returned by [CheckTag] for an empty tag.12var ErrTagEmpty = errors.New("A tag cannot be empty")13// ErrTagInvalid is the error returned by [CheckTag] for an invalid tag.14var ErrTagInvalid = errors.New("Invalid tag, should match (Letter|_)(Letter|_|Number)*")15// CheckTag checks that tag is a valid tag (see operator [Tag]) or not.16//17// [Tag]: https://go-testdeep.zetta.rocks/operators/tag/18func CheckTag(tag string) error {19 if tag == "" {20 return ErrTagEmpty21 }22 for i, r := range tag {23 if !(unicode.IsLetter(r) || r == '_' || (i > 0 && unicode.IsNumber(r))) {24 return ErrTagInvalid25 }26 }27 return nil28}...
CheckTag
Using AI Code Generation
1import (2func main() {3 fmt.Println(util.CheckTag("a"))4 fmt.Println(util.CheckTag("b"))5 fmt.Println(util.CheckTag("c"))6 fmt.Println(util.CheckTag("d"))7}8func CheckTag(tag string) string {9 if tag == "a" {10 } else if tag == "b" {
CheckTag
Using AI Code Generation
1import (2func main() {3 fmt.Println(util.CheckTag("test"))4}5func CheckTag(tag string) bool {6}
CheckTag
Using AI Code Generation
1import (2func main() {3 fmt.Scanln(&s)4 if util.CheckTag(s) {5 fmt.Println("Valid")6 } else {7 fmt.Println("Invalid")8 }9}10import (11func CheckTag(s string) bool {12 re := regexp.MustCompile(`^<([A-Za-z0-9]+)(\s[A-Za-z0-9]+=".*?")*\s?/?>$`)
CheckTag
Using AI Code Generation
1import (2func main() {3 fmt.Println(util.CheckTag("1234"))4}5func CheckTag(tag string) bool {6 if tag == "1234" {7 }8}9public void ConfigureServices(IServiceCollection services)10{11 services.AddMvc();12}13public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)14{15 loggerFactory.AddConsole(Configuration.GetSection("Logging"));16 loggerFactory.AddDebug();17 if (env.IsDevelopment())18 {19 app.UseDeveloperExceptionPage();20 }21 app.UseMvc();22}23public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)24{25 loggerFactory.AddConsole(Configuration.GetSection("Logging"));26 loggerFactory.AddDebug();27 loggerFactory.AddProvider(new CustomLoggerProvider(new CustomLoggerProviderConfiguration28 {29 }));30 app.UseMvc();31}32{33 private readonly ILogger _logger;34 public ValuesController(ILogger<ValuesController> logger)35 {36 _logger = logger;37 }38 public IEnumerable<string> Get()39 {40 _logger.LogInformation("Getting all values");41 return new string[] { "value
CheckTag
Using AI Code Generation
1import (2func main() {3 fmt.Println(util.CheckTag("abc"))4}5go run: cannot run *_test.go files (main_test.go)6import "fmt"7func main() {8 fmt.Println("Hello, World!")9}10go run: cannot run *_test.go files (main_test.go)11import "fmt"12func main() {13 fmt.Println("Hello, World!")14}15go run: cannot run *_test.go files (main_test.go)16import "fmt"17func main() {18 fmt.Println("Hello, World!")19}20go run: cannot run *_test.go files (main_test.go)21import "fmt"22func main() {23 fmt.Println("Hello, World!")24}25go run: cannot run *_test.go files (main_test.go)
Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.
You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.
Get 100 minutes of automation test minutes FREE!!