reports/html.rb in arachni-0.4.1 vs reports/html.rb in arachni-0.4.1.1
- old
+ new
@@ -21,11 +21,11 @@
#
# Creates an HTML report of the audit.
#
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
#
-# @version 0.3.1
+# @version 0.3.2
#
class Arachni::Reports::HTML < Arachni::Report::Base
module Utils
@@ -147,14 +147,15 @@
def self.info
{
name: 'HTML Report',
description: %q{Exports a report as an HTML document.},
author: 'Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>',
- version: '0.3.1',
+ version: '0.3.2',
options: [
Options::Path.new( 'tpl', [false, 'Template to use.', File.dirname( __FILE__ ) + '/html/default.erb'] ),
- Options.outfile( '.html' )
+ Options.outfile( '.html' ),
+ Options.skip_responses
]
}
end
private
@@ -227,27 +228,21 @@
verification = issue.verification ? 'Yes' : 'No'
graph_data[:verification][verification] += 1
total_verifications += 1
issue.variations.each_with_index do |variation, j|
-
if variation['response'] && !variation['response'].empty?
variation['response'] = normalize( variation['response'] )
+ if skip_responses?
+ variation['response'] = 'Inclusion of HTTP response bodies has been disabled.'
+ else
+ variation['response'] = normalize( variation['response'] )
+ end
+
auditstore.issues[i].variations[j]['escaped_response'] =
Base64.encode64( variation['response'] ).gsub( /\n/, '' )
end
-
- response = {}
- if !variation['headers']['response'].is_a?( Hash )
- variation['headers']['response'].split( "\n" ).each do |line|
- field, value = line.split( ':', 2 )
- next if !value
- response[field] = value
- end
- end
-
- variation['headers']['response'] = response.dup
end
if !anomalous?( anomalous_meta_results, issue )
filtered_hashes << issue.digest
graph_data[:trust]['Trusted'] += 1