[Bug] Fortiguard parser error

[ebdavison]

Describe the bug
Trying to run Fortiguard URL Categorizer and get the following error:

Traceback (most recent call last):
  File "/worker/Fortiguard/urlcategory.py", line 53, in <module>
    URLCategoryAnalyzer().run()
  File "/worker/Fortiguard/urlcategory.py", line 44, in run
    'category': category_match.group(1)
                ^^^^^^^^^^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'group'

To Reproduce
Steps to reproduce the behavior:

1. enable FortiGuard_URL_Category
2. analyze URL

Expected behavior
A category is returned from the analyzer.

Complementary information
If applicable, add screenshots and any additional information that might help explain your problem.

Work environment

• Client OS: fedora linux
• Server OS: fedora linux / docker install
• Browse type and version: Firefox 118.0.1 (64-bit)
• Cortex version: 3.1.7-1
• Cortex Analyzer/Responder name: Fortiguard URL Category
• Cortex Analyzer/Responder version: 2.1

Possible solutions
If applicable, indicate possible solutions to the problem.

Additional context
Add any other context about the problem here.

[scove]

Think I see the issue here. Are you able to adjust the input and run it successfully on different URLs by any chance?

[ebdavison]

I think I can try a different URL. What is needed?

[ghalib-bello]

I delved further into the source of the error, and it seems to be because requests are being blocked by fortiguard, as a result the request output is <Response [403]>. Since the subsequent line in the code (category_match = re.search(pattern, req.text, flags=0)) erroneously assumes the request was successful (and not <Response [403]>), category_match ends up being None - hence the observed AttributeError above