Merge pull request #8422 from kingthorin/msgs-by-tag

search: Support using Tags as a search item
zaproxy · Apr 22, 2024 · 4f8de81 · 4f8de81
2 parents 6c4d6a9 + ead5cda
commit 4f8de81
Show file tree

Hide file tree

Showing 5 changed files with 61 additions and 3 deletions.
diff --git a/zap/src/main/java/org/zaproxy/zap/extension/search/ExtensionSearch.java b/zap/src/main/java/org/zaproxy/zap/extension/search/ExtensionSearch.java
@@ -47,6 +47,7 @@ public enum Type {
         Request,
         Response,
         Header,
+        Tag,
         Custom
     }
 

diff --git a/zap/src/main/java/org/zaproxy/zap/extension/search/SearchAPI.java b/zap/src/main/java/org/zaproxy/zap/extension/search/SearchAPI.java
@@ -56,16 +56,19 @@ public class SearchAPI extends ApiImplementor {
     private static final String PREFIX = "search";
 
     private static final String VIEW_URLS_BY_URL_REGEX = "urlsByUrlRegex";
+    private static final String VIEW_URLS_BY_TAG_REGEX = "urlsByTagRegex";
     private static final String VIEW_URLS_BY_REQUEST_REGEX = "urlsByRequestRegex";
     private static final String VIEW_URLS_BY_RESPONSE_REGEX = "urlsByResponseRegex";
     private static final String VIEW_URLS_BY_HEADER_REGEX = "urlsByHeaderRegex";
 
     private static final String VIEW_MESSAGES_BY_URL_REGEX = "messagesByUrlRegex";
+    private static final String VIEW_MESSAGES_BY_TAG_REGEX = "messagesByTagRegex";
     private static final String VIEW_MESSAGES_BY_REQUEST_REGEX = "messagesByRequestRegex";
     private static final String VIEW_MESSAGES_BY_RESPONSE_REGEX = "messagesByResponseRegex";
     private static final String VIEW_MESSAGES_BY_HEADER_REGEX = "messagesByHeaderRegex";
 
     private static final String OTHER_HAR_BY_URL_REGEX = "harByUrlRegex";
+    private static final String OTHER_HAR_BY_TAG_REGEX = "harByTagRegex";
     private static final String OTHER_HAR_BY_REQUEST_REGEX = "harByRequestRegex";
     private static final String OTHER_HAR_BY_RESPONSE_REGEX = "harByResponseRegex";
     private static final String OTHER_HAR_BY_HEADER_REGEX = "harByHeaderRegex";
@@ -92,6 +95,8 @@ public SearchAPI(ExtensionSearch extension) {
 
         this.addApiView(
                 new ApiView(VIEW_URLS_BY_URL_REGEX, searchMandatoryParams, searchOptionalParams));
+        this.addApiView(
+                new ApiView(VIEW_URLS_BY_TAG_REGEX, searchMandatoryParams, searchOptionalParams));
         this.addApiView(
                 new ApiView(
                         VIEW_URLS_BY_REQUEST_REGEX, searchMandatoryParams, searchOptionalParams));
@@ -105,6 +110,9 @@ public SearchAPI(ExtensionSearch extension) {
         this.addApiView(
                 new ApiView(
                         VIEW_MESSAGES_BY_URL_REGEX, searchMandatoryParams, searchOptionalParams));
+        this.addApiView(
+                new ApiView(
+                        VIEW_MESSAGES_BY_TAG_REGEX, searchMandatoryParams, searchOptionalParams));
         this.addApiView(
                 new ApiView(
                         VIEW_MESSAGES_BY_REQUEST_REGEX,
@@ -123,6 +131,8 @@ public SearchAPI(ExtensionSearch extension) {
 
         this.addApiOthers(
                 new ApiOther(OTHER_HAR_BY_URL_REGEX, searchMandatoryParams, searchOptionalParams));
+        this.addApiOthers(
+                new ApiOther(OTHER_HAR_BY_TAG_REGEX, searchMandatoryParams, searchOptionalParams));
         this.addApiOthers(
                 new ApiOther(
                         OTHER_HAR_BY_REQUEST_REGEX, searchMandatoryParams, searchOptionalParams));
@@ -154,6 +164,14 @@ public ApiResponse handleApiView(final String name, JSONObject params) throws Ap
                 searchType = ExtensionSearch.Type.URL;
                 responseType = SearchViewResponseType.MESSAGE;
                 break;
+            case VIEW_URLS_BY_TAG_REGEX:
+                searchType = ExtensionSearch.Type.Tag;
+                responseType = SearchViewResponseType.URL;
+                break;
+            case VIEW_MESSAGES_BY_TAG_REGEX:
+                searchType = ExtensionSearch.Type.Tag;
+                responseType = SearchViewResponseType.MESSAGE;
+                break;
             case VIEW_URLS_BY_REQUEST_REGEX:
                 searchType = ExtensionSearch.Type.Request;
                 responseType = SearchViewResponseType.URL;
@@ -249,6 +267,9 @@ public HttpMessage handleApiOther(HttpMessage msg, String name, JSONObject param
             case OTHER_HAR_BY_URL_REGEX:
                 searchType = ExtensionSearch.Type.URL;
                 break;
+            case OTHER_HAR_BY_TAG_REGEX:
+                searchType = ExtensionSearch.Type.Tag;
+                break;
             case OTHER_HAR_BY_REQUEST_REGEX:
                 searchType = ExtensionSearch.Type.Request;
                 break;

diff --git a/zap/src/main/java/org/zaproxy/zap/extension/search/SearchPanel.java b/zap/src/main/java/org/zaproxy/zap/extension/search/SearchPanel.java
@@ -179,7 +179,7 @@ private GridBagConstraints newGBC(int gridx) {
         GridBagConstraints gridBagConstraints = new GridBagConstraints();
         gridBagConstraints.gridx = gridx;
         gridBagConstraints.gridy = 0;
-        gridBagConstraints.insets = new java.awt.Insets(0, 0, 0, 0);
+        gridBagConstraints.insets = new java.awt.Insets(2, 2, 2, 2);
         gridBagConstraints.anchor = java.awt.GridBagConstraints.WEST;
         return gridBagConstraints;
     }
@@ -530,7 +530,7 @@ private void displayMessage(SearchResult sr) {
     }
 
     private void highlightMatch(SearchMatch sm) {
-        if (sm == null) {
+        if (sm == null || sm.getLocation() == null) {
             return;
         }
 
@@ -654,7 +654,18 @@ private JComboBox<SearchOption> getSearchType() {
                     new SearchOption(
                             Constant.messages.getString("search.toolbar.label.type.header"),
                             ExtensionSearch.Type.Header));
-        }
+            searchType.addItem(
+                    new SearchOption(
+                            Constant.messages.getString("search.toolbar.label.type.tag"),
+                            ExtensionSearch.Type.Tag));
+        }
+        searchType.addActionListener(
+                e -> {
+                    ExtensionSearch.Type selectedopt =
+                            ((SearchOption) searchType.getSelectedItem()).getType();
+                    // Inverse matching not enabled for Tags
+                    getChkInverse().setEnabled(!selectedopt.equals(ExtensionSearch.Type.Tag));
+                });
         return searchType;
     }
 

diff --git a/zap/src/main/java/org/zaproxy/zap/extension/search/SearchThread.java b/zap/src/main/java/org/zaproxy/zap/extension/search/SearchThread.java
@@ -270,6 +270,15 @@ private void search() {
                             }
                         }
                     }
+                    if (Type.Tag.equals(reqType) && !pcc.allMatchesProcessed()) {
+                        for (String tag : message.getHistoryRef().getTags()) {
+                            matcher = pattern.matcher(tag);
+                            if (matcher.find()) {
+                                notifyMatchFound(currentRecordId, tag, message, null, 0, 0);
+                                break;
+                            }
+                        }
+                    }
                     if (Type.Header.equals(reqType)) {
                         // Header
                         // Request header

diff --git a/zap/src/main/resources/org/zaproxy/zap/resources/Messages.properties b/zap/src/main/resources/org/zaproxy/zap/resources/Messages.properties
@@ -2550,6 +2550,11 @@ search.api.other.harByResponseRegex.param.baseurl =
 search.api.other.harByResponseRegex.param.count = 
 search.api.other.harByResponseRegex.param.regex = 
 search.api.other.harByResponseRegex.param.start = 
+search.api.other.harByTagRegex = Returns the HTTP messages, in HAR format, that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
+search.api.other.harByTagRegex.param.baseurl = The highest URL in the Sites tree under which URLs should be included.
+search.api.other.harByTagRegex.param.count = 
+search.api.other.harByTagRegex.param.regex = 
+search.api.other.harByTagRegex.param.start = 
 search.api.other.harByUrlRegex = Returns the HTTP messages, in HAR format, that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.
 search.api.other.harByUrlRegex.param.baseurl = 
 search.api.other.harByUrlRegex.param.count = 
@@ -2570,6 +2575,11 @@ search.api.view.messagesByResponseRegex.param.baseurl = The highest URL in the S
 search.api.view.messagesByResponseRegex.param.count = 
 search.api.view.messagesByResponseRegex.param.regex = 
 search.api.view.messagesByResponseRegex.param.start = 
+search.api.view.messagesByTagRegex = Returns the HTTP messages that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
+search.api.view.messagesByTagRegex.param.baseurl = The highest URL in the Sites tree under which messages should be included.
+search.api.view.messagesByTagRegex.param.count = 
+search.api.view.messagesByTagRegex.param.regex = 
+search.api.view.messagesByTagRegex.param.start = 
 search.api.view.messagesByUrlRegex = Returns the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.
 search.api.view.messagesByUrlRegex.param.baseurl = The highest URL in the Sites tree under which messages should be included.
 search.api.view.messagesByUrlRegex.param.count = 
@@ -2590,6 +2600,11 @@ search.api.view.urlsByResponseRegex.param.baseurl = The highest URL in the Sites
 search.api.view.urlsByResponseRegex.param.count = 
 search.api.view.urlsByResponseRegex.param.regex = 
 search.api.view.urlsByResponseRegex.param.start = 
+search.api.view.urlsByTagRegex = Returns the URLs of the HTTP messages that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
+search.api.view.urlsByTagRegex.param.baseurl = The highest URL in the Sites tree under which URLs should be included.
+search.api.view.urlsByTagRegex.param.count = 
+search.api.view.urlsByTagRegex.param.regex = 
+search.api.view.urlsByTagRegex.param.start = 
 search.api.view.urlsByUrlRegex = Returns the URLs of the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.
 search.api.view.urlsByUrlRegex.param.baseurl = The highest URL in the Sites tree under which URLs should be included.
 search.api.view.urlsByUrlRegex.param.count = 
@@ -2614,6 +2629,7 @@ search.toolbar.label.type.all = All
 search.toolbar.label.type.header = Header
 search.toolbar.label.type.request = Request
 search.toolbar.label.type.response = Response
+search.toolbar.label.type.tag = Tag
 search.toolbar.label.type.url = URL
 search.toolbar.prompt.regex = Search word or regular expression
 search.toolbar.tooltip.inverse = Show message that DO NOT match the regular expression