try { final byte[] fileContent = IOUtils.toByteArray(new FileInputStream(dependency.getActualFile())); final ScannerFacade scanner = new ScannerFacade(jsRepository); final List<JsLibraryResult> results = scanner.scanScript(dependency.getActualFile().getAbsolutePath(), fileContent, 0);
/** * Obtain the singleton instance. It make sure the repo is loaded the first time. * @return Will always return the same instance * @throws IOException Unable to load the repository */ public static ScannerFacade getInstance() throws IOException { if(instance == null) { instance = new ScannerFacade(); } return instance; }
/** * Analyze a script with only its path is available. * For example a path in a HTML pages. * @param path File path (ie: /js/jquery/jquery-1.3.3.7.js) * @return */ public List<JsLibraryResult> scanPath(String path) { return scanScript(path,"".getBytes(),0); }
/** * Look for potential script in the HTML code <script src="//cdn.server.com/jquery/1.3.3.7.js"></script> * @param respBytes Content of the JavaScript file (exclude HTTP headers) * @param offset * @return */ public List<JsLibraryResult> scanHtml(byte[] respBytes, int offset) { String contentString = new String(respBytes,offset,respBytes.length-offset); List<JsLibraryResult> res = new ArrayList<JsLibraryResult>(); for(String url : findScriptUrl(contentString)) { res.addAll(scanPath(url)); } return res; }
String filename = getFilename(path); res = repo.findByFilename(filename);
public static ScannerFacade loadInstance(VulnerabilitiesRepository repo) throws IOException { if(instance == null) { instance = new ScannerFacade(repo); } return instance; }
try { final byte[] fileContent = IOUtils.toByteArray(new FileInputStream(dependency.getActualFile())); final ScannerFacade scanner = new ScannerFacade(jsRepository); final List<JsLibraryResult> results = scanner.scanScript(dependency.getActualFile().getAbsolutePath(), fileContent, 0);