Remove unused plugins

2017-04-04 00:45:35 +03:00 · 2017-04-04 00:45:35 +03:00 · 94350243ee
parent e0739aac9d
commit 94350243ee
2 changed files with 0 additions and 107 deletions
--- a/gixy/plugins/_internal_rewrite.py
+++ b/gixy/plugins/_internal_rewrite.py
@ -1,87 +0,0 @@
 import re
 import logging
 import gixy
 from gixy.plugins.plugin import Plugin
 from gixy.core.regexp import Regexp
 from gixy.core.variable import EXTRACT_RE
 from gixy.core.utils import is_indexed_name
 LOG = logging.getLogger(__name__)
 # TODO(buglloc): Complete it!
 class internal_rewrite(Plugin):
    """
    Insecure example:
        location ~* ^/internal-proxy/(https?)/(.*?)/(.*) {
            internal;
            proxy_pass $1://$2/$3;
        }
        rewrite "^/([^?.]+[^/?.])(?:\?(.*))?$"                                  "/$1.xml" last;
    """
    summary = 'Some internal rewrite'
    severity = gixy.severity.HIGH
    description = 'Some descr'
    help_url = 'https://github.com/yandex/gixy/wiki/ru/internalrewrite'
    directives = ['location']
    def audit(self, directive):
        if not directive.is_internal:
            # Not internal location
            return
        values = _gen_location_values(directive)
        # print([x for x in values])
        for rewrite in directive.parent.find('rewrite', flat=True):
            if rewrite.flag not in {None, 'last', 'break'}:
                # Not internal rewrite
                continue
            rewrite_regex = _construct_rewrite_regex(rewrite)
            if not rewrite_regex:
                # We can't build results regexp  :(
                continue
            for value in values:
                if re.match(rewrite_regex, value):
                    # YAY!
                    self.add_issue([directive, rewrite])
 def _gen_location_values(location):
    if location.modifier not in ('~', '~*'):
        # Prefixed location
        return [location.path]
    regex = Regexp(location.path, case_sensitive=location.modifier == '~*', strict=True)
    return regex.generate(char='a', anchored=False)
 def _construct_rewrite_regex(rewrite):
    regex = Regexp(rewrite.pattern, case_sensitive=True)
    parts = {}
    for name, group in regex.groups.items():
        parts[name] = group
    return _compile_script(rewrite.replace, parts)
 def _compile_script(script, parts):
    result = []
    for i, var in enumerate(EXTRACT_RE.split(str(script))):
        if i % 2:
            # Variable
            var = var.strip('{}\x20')
            if is_indexed_name(var):
                var = int(var)
            if var not in parts:
                LOG.warn('Can\'t find variable "{}"'.format(var))
                return
            result.append(str(parts[var]))
        elif var:
            # Literal
            result.append(var)
    return ''.join(result)
--- a/gixy/plugins/force_https.py
+++ b/gixy/plugins/force_https.py
@ -1,20 +0,0 @@
 import gixy
 from gixy.plugins.plugin import Plugin
 class force_https(Plugin):
    """
    Insecure example:
        rewrite ^.*/(foo)(/|/index.xml)?$ http://test.com/foo?;
    """
    summary = 'Found redirection to HTTP URL.'
    severity = gixy.severity.LOW
    description = 'Should be https://... URL while redirection.'
    help_url = 'https://github.com/yandex/gixy/wiki/ru/forcehttps'
    directives = ['rewrite', 'return']
    def audit(self, directive):
        for a in directive.args:
            if a.startswith('http://'):
                self.add_issue(directive=directive)
                break