mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-28 12:33:49 +03:00
support for nested payloads
This commit is contained in:
parent
1141f21dee
commit
5ab5f5811f
|
@ -10,6 +10,7 @@ import json
|
||||||
from lib.core.data import logger
|
from lib.core.data import logger
|
||||||
from lib.core.exception import SqlmapSyntaxException
|
from lib.core.exception import SqlmapSyntaxException
|
||||||
from lib.core.exception import SqlmapSkipTargetException
|
from lib.core.exception import SqlmapSkipTargetException
|
||||||
|
from typing import Dict
|
||||||
|
|
||||||
class Operation:
|
class Operation:
|
||||||
|
|
||||||
|
@ -70,28 +71,39 @@ class Operation:
|
||||||
hdrs.append((hp["name"], "%s*" %hp["example"]))
|
hdrs.append((hp["name"], "%s*" %hp["example"]))
|
||||||
return hdrs
|
return hdrs
|
||||||
|
|
||||||
def _ref(swagger, refPath):
|
def _obj(swagger, objOrRefPath):
|
||||||
paths = refPath.replace("#/", "", 1).split('/')
|
if isinstance(objOrRefPath, Dict):
|
||||||
|
return objOrRefPath
|
||||||
|
paths = objOrRefPath.replace("#/", "", 1).split('/')
|
||||||
r = swagger
|
r = swagger
|
||||||
for p in paths:
|
for p in paths:
|
||||||
r = r[p]
|
r = r[p]
|
||||||
return r
|
return r
|
||||||
|
|
||||||
def _example(swagger, refPath):
|
def _example(swagger, objOrRefPath):
|
||||||
example = {}
|
example = {}
|
||||||
ref = _ref(swagger, refPath)
|
obj = _obj(swagger, objOrRefPath)
|
||||||
if "type" in ref and ref["type"] == "object" and "properties" in ref:
|
|
||||||
properties = ref["properties"]
|
if "type" in obj and obj["type"] == "object" and "properties" in obj:
|
||||||
|
properties = obj["properties"]
|
||||||
for prop in properties:
|
for prop in properties:
|
||||||
if "example" in properties[prop]:
|
if properties[prop]["type"] == "object":
|
||||||
value = properties[prop]["example"]
|
example[prop] = {}
|
||||||
example[prop] = value
|
for objectProp in properties[prop]["properties"]:
|
||||||
|
example[prop][objectProp] = _example(swagger, properties[prop]["properties"][objectProp])
|
||||||
elif "$ref" in properties[prop]:
|
elif "$ref" in properties[prop]:
|
||||||
example[prop] = _example(swagger, properties[prop]["$ref"])
|
example[prop] = _example(swagger, properties[prop]["$ref"])
|
||||||
elif properties[prop]["type"] == "array" and "$ref" in properties[prop]["items"]:
|
elif properties[prop]["type"] == "array" and "$ref" in properties[prop]["items"]:
|
||||||
example[prop] = [ _example(swagger, properties[prop]["items"]["$ref"]) ]
|
example[prop] = [ _example(swagger, properties[prop]["items"]["$ref"]) ]
|
||||||
|
elif "example" in properties[prop]:
|
||||||
|
value = properties[prop]["example"]
|
||||||
|
example[prop] = value
|
||||||
else:
|
else:
|
||||||
raise SqlmapSkipTargetException("missing example for parameter '%s'" %prop)
|
raise SqlmapSkipTargetException("missing example for parameter '%s'" %prop)
|
||||||
|
elif "example" in obj:
|
||||||
|
return obj["example"]
|
||||||
|
else:
|
||||||
|
raise SqlmapSkipTargetException("missing example for object '%s'" %obj)
|
||||||
|
|
||||||
|
|
||||||
return example
|
return example
|
||||||
|
|
Loading…
Reference in New Issue
Block a user