[OWASP-WEBSCARAB] Need a little more help on the script part...
Rogan Dawes
rogan at dawes.za.net
Wed Jan 18 03:05:06 EST 2006
David Stidolph wrote:
> This is made from the script you gave me:
>
> import com.ZipProxy.ZipProxyController;
>
> public Response fetchResponse(HTTPClient nextPlugin, Request request)
> throws IOException {
> controller = bsf.lookupBean("controller"); // <<< error here
> if (controller == null) {
> // create an instance of your class
> controller = new ZipProxyController();
> // register it so that we can get it
> // back on a later invocation of this script
> bsf.registerBean("controller", controller);
> }
> ZipProxyController controller = new ZipProxyController();
> return controller.fetchResponse(nextPlugin, request);
> }
>
> The script processor does seem to understand bsf or lookupBean. What do
> I have to import and define?
>
> Thanks,
>
> David
Ah! My mistake. I forgot that the Proxy->Beanshell plugin is strictly
BeanShell, and not Bean Scripting Framework. The "bsf" object is
obviously created by the BSF, not BSH.
Ok, slight change in plan, then, which will require you to modify 2
lines in src/org/owasp/webscarab/plugin/proxy/ConnectionHandler.java,
and rebuild WebScarab.
The changes you need to make are at line 228.
Change
Response response = null;
to
Response response = connection.getResponse();
if (response != null) return response;
Now you can use the Tools->ScriptManager part of WebScarab, and attach
your script to the Proxy->InterceptRequest event.
Get the Request from the connection using
request = connection.getRequest();
and set the Response using
connection.setResponse(response);
Your script here should now be able to make use of the bsf.* calls . . .
Regards,
Rogan
More information about the Owasp-webscarab
mailing list