nuclei/v2/pkg/protocols/headless/engine/action.go

package engine

import "strings"

// ActionType defines the action type for a browser action
type ActionType int8

// Types to be executed by the user.
const (
	// ActionNavigate performs a navigation to the specified URL
	// URL can include nuclei payload data such as URL, Hostname, etc.
	ActionNavigate ActionType = iota + 1
	// ActionScript executes a JS snippet on the page.
	ActionScript
	// ActionClick performs the left-click action on an Element.
	ActionClick
	// ActionRightClick performs the right-click action on an Element.
	ActionRightClick
	// ActionTextInput performs an action for a text input
	ActionTextInput
	// ActionScreenshot performs the screenshot action writing to a file.
	ActionScreenshot
	// ActionTimeInput performs an action on a time input.
	ActionTimeInput
	// ActionSelectInput performs an action on a select input.
	ActionSelectInput
	// ActionFilesInput performs an action on a file input.
	ActionFilesInput
	// ActionWaitLoad waits for the page to stop loading.
	ActionWaitLoad
	// ActionGetResource performs a get resource action on an element
	ActionGetResource
	// ActionExtract performs an extraction on an element
	ActionExtract
	// ActionSetMethod sets the request method
	ActionSetMethod
	// ActionAddHeader adds a header to the request
	ActionAddHeader
	// ActionSetHeader sets a header in the request
	ActionSetHeader
	// ActionDeleteHeader deletes a header from the request
	ActionDeleteHeader
	// ActionSetBody sets the value of the request body
	ActionSetBody
	// ActionWaitEvent waits for a specific event.
	ActionWaitEvent
	// ActionKeyboard performs a keyboard action event on a page.
	ActionKeyboard
	// ActionDebug debug slows down headless and adds a sleep to each page.
	ActionDebug
	// ActionSleep executes a sleep for a specified duration
	ActionSleep
	// ActionWaitVisible waits until an element appears.
	ActionWaitVisible
)

// ActionStringToAction converts an action from string to internal representation
var ActionStringToAction = map[string]ActionType{
	"navigate":     ActionNavigate,
	"script":       ActionScript,
	"click":        ActionClick,
	"rightclick":   ActionRightClick,
	"text":         ActionTextInput,
	"screenshot":   ActionScreenshot,
	"time":         ActionTimeInput,
	"select":       ActionSelectInput,
	"files":        ActionFilesInput,
	"waitload":     ActionWaitLoad,
	"getresource":  ActionGetResource,
	"extract":      ActionExtract,
	"setmethod":    ActionSetMethod,
	"addheader":    ActionAddHeader,
	"setheader":    ActionSetHeader,
	"deleteheader": ActionDeleteHeader,
	"setbody":      ActionSetBody,
	"waitevent":    ActionWaitEvent,
	"keyboard":     ActionKeyboard,
	"debug":        ActionDebug,
	"sleep":        ActionSleep,
	"waitvisible":  ActionWaitVisible,
}

// ActionToActionString converts an action from  internal representation to string
var ActionToActionString = map[ActionType]string{
	ActionNavigate:     "navigate",
	ActionScript:       "script",
	ActionClick:        "click",
	ActionRightClick:   "rightclick",
	ActionTextInput:    "text",
	ActionScreenshot:   "screenshot",
	ActionTimeInput:    "time",
	ActionSelectInput:  "select",
	ActionFilesInput:   "files",
	ActionWaitLoad:     "waitload",
	ActionGetResource:  "getresource",
	ActionExtract:      "extract",
	ActionSetMethod:    "set-method",
	ActionAddHeader:    "addheader",
	ActionSetHeader:    "setheader",
	ActionDeleteHeader: "deleteheader",
	ActionSetBody:      "setbody",
	ActionWaitEvent:    "waitevent",
	ActionKeyboard:     "keyboard",
	ActionDebug:        "debug",
	ActionSleep:        "sleep",
	ActionWaitVisible:  "waitvisible",
}

// Action is an action taken by the browser to reach a navigation
//
// Each step that the browser executes is an action. Most navigations
// usually start from the ActionLoadURL event, and further navigations
// are discovered on the found page. We also keep track and only
// scrape new navigation from pages we haven't crawled yet.
type Action struct {
	// description:
	//   Args contain arguments for the headless action.
	//
	//   Per action arguments are described in detail [here](https://nuclei.projectdiscovery.io/templating-guide/protocols/headless/).
	Data map[string]string `yaml:"args,omitempty" jsonschema:"title=arguments for headless action,description=Args contain arguments for the headless action"`
	// description: |
	//   Name is the name assigned to the headless action.
	//
	//   This can be used to execute code, for instance in browser
	//   DOM using script action, and get the result in a variable
	//   which can be matched upon by nuclei. An Example template [here](https://github.com/projectdiscovery/nuclei-templates/blob/master/headless/prototype-pollution-check.yaml).
	Name string `yaml:"name,omitempty" jsonschema:"title=name for headless action,description=Name is the name assigned to the headless action"`
	// description: |
	//   Description is the optional description of the headless action
	Description string `yaml:"description,omitempty" jsonschema:"title=description for headless action,description=Description of the headless action"`
	// description: |
	//   Action is the type of the action to perform.
	// values:
	//   - "navigate"
	//   - "script"
	//   - "click"
	//   - "rightclick"
	//   - "text"
	//   - "screenshot"
	//   - "time"
	//   - "select"
	//   - "files"
	//   - "waitload"
	//   - "getresource"
	//   - "extract"
	//   - "setmethod"
	//   - "addheader"
	//   - "setheader"
	//   - "deleteheader"
	//   - "setbody"
	//   - "waitevent"
	//   - "keyboard"
	//   - "debug"
	//   - "sleep"
	ActionType string `yaml:"action" jsonschema:"title=action to perform,description=Type of actions to perform,enum=navigate,enum=script,enum=click,enum=rightclick,enum=text,enum=screenshot,enum=time,enum=select,enum=files,enum=waitload,enum=getresource,enum=extract,enum=setmethod,enum=addheader,enum=setheader,enum=deleteheader,enum=setbody,enum=waitevent,enum=keyboard,enum=debug,enum=sleep"`
}

// String returns the string representation of an action
func (a *Action) String() string {
	builder := &strings.Builder{}
	builder.WriteString(a.ActionType)
	if a.Name != "" {
		builder.WriteString(" Name:")
		builder.WriteString(a.Name)
	}
	builder.WriteString(" ")
	for k, v := range a.Data {
		builder.WriteString(k)
		builder.WriteString(":")
		builder.WriteString(v)
		builder.WriteString(",")
	}
	return strings.TrimSuffix(builder.String(), ",")
}

// GetArg returns an arg for a name
func (a *Action) GetArg(name string) string {
	v, ok := a.Data[name]
	if !ok {
		return ""
	}
	return v
}
Add headless chrome based templates support (#562) 2021-02-21 16:31:34 +05:30			`package engine`

			`import "strings"`

			`// ActionType defines the action type for a browser action`
			`type ActionType int8`

			`// Types to be executed by the user.`
			`const (`
			`// ActionNavigate performs a navigation to the specified URL`
			`// URL can include nuclei payload data such as URL, Hostname, etc.`
			`ActionNavigate ActionType = iota + 1`
			`// ActionScript executes a JS snippet on the page.`
			`ActionScript`
			`// ActionClick performs the left-click action on an Element.`
			`ActionClick`
			`// ActionRightClick performs the right-click action on an Element.`
			`ActionRightClick`
			`// ActionTextInput performs an action for a text input`
			`ActionTextInput`
			`// ActionScreenshot performs the screenshot action writing to a file.`
			`ActionScreenshot`
			`// ActionTimeInput performs an action on a time input.`
			`ActionTimeInput`
			`// ActionSelectInput performs an action on a select input.`
			`ActionSelectInput`
			`// ActionFilesInput performs an action on a file input.`
			`ActionFilesInput`
			`// ActionWaitLoad waits for the page to stop loading.`
			`ActionWaitLoad`
			`// ActionGetResource performs a get resource action on an element`
			`ActionGetResource`
			`// ActionExtract performs an extraction on an element`
			`ActionExtract`
			`// ActionSetMethod sets the request method`
			`ActionSetMethod`
			`// ActionAddHeader adds a header to the request`
			`ActionAddHeader`
			`// ActionSetHeader sets a header in the request`
			`ActionSetHeader`
			`// ActionDeleteHeader deletes a header from the request`
			`ActionDeleteHeader`
			`// ActionSetBody sets the value of the request body`
			`ActionSetBody`
			`// ActionWaitEvent waits for a specific event.`
			`ActionWaitEvent`
			`// ActionKeyboard performs a keyboard action event on a page.`
			`ActionKeyboard`
Adding correct godoc prefixes 2021-09-03 17:25:50 +03:00			`// ActionDebug debug slows down headless and adds a sleep to each page.`
Misc changes to headless 2021-03-01 14:20:56 +05:30			`ActionDebug`
			`// ActionSleep executes a sleep for a specified duration`
			`ActionSleep`
feat: expose WaitVisible method from the rod library 2021-10-09 08:38:42 +02:00			`// ActionWaitVisible waits until an element appears.`
			`ActionWaitVisible`
Add headless chrome based templates support (#562) 2021-02-21 16:31:34 +05:30			`)`

			`// ActionStringToAction converts an action from string to internal representation`
			`var ActionStringToAction = map[string]ActionType{`
			`"navigate": ActionNavigate,`
			`"script": ActionScript,`
			`"click": ActionClick,`
			`"rightclick": ActionRightClick,`
			`"text": ActionTextInput,`
			`"screenshot": ActionScreenshot,`
			`"time": ActionTimeInput,`
			`"select": ActionSelectInput,`
			`"files": ActionFilesInput,`
			`"waitload": ActionWaitLoad,`
			`"getresource": ActionGetResource,`
			`"extract": ActionExtract,`
			`"setmethod": ActionSetMethod,`
			`"addheader": ActionAddHeader,`
			`"setheader": ActionSetHeader,`
			`"deleteheader": ActionDeleteHeader,`
			`"setbody": ActionSetBody,`
			`"waitevent": ActionWaitEvent,`
			`"keyboard": ActionKeyboard,`
Misc changes to headless 2021-03-01 14:20:56 +05:30			`"debug": ActionDebug,`
			`"sleep": ActionSleep,`
feat: expose WaitVisible method from the rod library 2021-10-09 08:38:42 +02:00			`"waitvisible": ActionWaitVisible,`
Add headless chrome based templates support (#562) 2021-02-21 16:31:34 +05:30			`}`

			`// ActionToActionString converts an action from internal representation to string`
			`var ActionToActionString = map[ActionType]string{`
			`ActionNavigate: "navigate",`
			`ActionScript: "script",`
			`ActionClick: "click",`
			`ActionRightClick: "rightclick",`
			`ActionTextInput: "text",`
			`ActionScreenshot: "screenshot",`
			`ActionTimeInput: "time",`
			`ActionSelectInput: "select",`
			`ActionFilesInput: "files",`
			`ActionWaitLoad: "waitload",`
			`ActionGetResource: "getresource",`
			`ActionExtract: "extract",`
			`ActionSetMethod: "set-method",`
			`ActionAddHeader: "addheader",`
			`ActionSetHeader: "setheader",`
			`ActionDeleteHeader: "deleteheader",`
			`ActionSetBody: "setbody",`
			`ActionWaitEvent: "waitevent",`
			`ActionKeyboard: "keyboard",`
Misc changes to headless 2021-03-01 14:20:56 +05:30			`ActionDebug: "debug",`
			`ActionSleep: "sleep",`
feat: expose WaitVisible method from the rod library 2021-10-09 08:38:42 +02:00			`ActionWaitVisible: "waitvisible",`
Add headless chrome based templates support (#562) 2021-02-21 16:31:34 +05:30			`}`

			`// Action is an action taken by the browser to reach a navigation`
			`//`
			`// Each step that the browser executes is an action. Most navigations`
			`// usually start from the ActionLoadURL event, and further navigations`
			`// are discovered on the found page. We also keep track and only`
			`// scrape new navigation from pages we haven't crawled yet.`
			`type Action struct {`
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description:`
			`// Args contain arguments for the headless action.`
			`//`
			`// Per action arguments are described in detail [here](https://nuclei.projectdiscovery.io/templating-guide/protocols/headless/).`
Added jsonschema generation for yaml syntax 2021-08-23 23:50:45 +05:30			Data map[string]string `yaml:"args,omitempty" jsonschema:"title=arguments for headless action,description=Args contain arguments for the headless action"`
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Name is the name assigned to the headless action.`
			`//`
			`// This can be used to execute code, for instance in browser`
			`// DOM using script action, and get the result in a variable`
			`// which can be matched upon by nuclei. An Example template [here](https://github.com/projectdiscovery/nuclei-templates/blob/master/headless/prototype-pollution-check.yaml).`
Added jsonschema generation for yaml syntax 2021-08-23 23:50:45 +05:30			Name string `yaml:"name,omitempty" jsonschema:"title=name for headless action,description=Name is the name assigned to the headless action"`
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Description is the optional description of the headless action`
Added jsonschema generation for yaml syntax 2021-08-23 23:50:45 +05:30			Description string `yaml:"description,omitempty" jsonschema:"title=description for headless action,description=Description of the headless action"`
Added new YAML based doc to structures 2021-07-27 16:03:56 +05:30			`// description: \|`
			`// Action is the type of the action to perform.`
			`// values:`
			`// - "navigate"`
			`// - "script"`
			`// - "click"`
			`// - "rightclick"`
			`// - "text"`
			`// - "screenshot"`
			`// - "time"`
			`// - "select"`
			`// - "files"`
			`// - "waitload"`
			`// - "getresource"`
			`// - "extract"`
			`// - "setmethod"`
			`// - "addheader"`
			`// - "setheader"`
			`// - "deleteheader"`
			`// - "setbody"`
			`// - "waitevent"`
			`// - "keyboard"`
			`// - "debug"`
			`// - "sleep"`
Added jsonschema generation for yaml syntax 2021-08-23 23:50:45 +05:30			ActionType string `yaml:"action" jsonschema:"title=action to perform,description=Type of actions to perform,enum=navigate,enum=script,enum=click,enum=rightclick,enum=text,enum=screenshot,enum=time,enum=select,enum=files,enum=waitload,enum=getresource,enum=extract,enum=setmethod,enum=addheader,enum=setheader,enum=deleteheader,enum=setbody,enum=waitevent,enum=keyboard,enum=debug,enum=sleep"`
Add headless chrome based templates support (#562) 2021-02-21 16:31:34 +05:30			`}`

			`// String returns the string representation of an action`
			`func (a *Action) String() string {`
			`builder := &strings.Builder{}`
			`builder.WriteString(a.ActionType)`
			`if a.Name != "" {`
			`builder.WriteString(" Name:")`
			`builder.WriteString(a.Name)`
			`}`
			`builder.WriteString(" ")`
			`for k, v := range a.Data {`
			`builder.WriteString(k)`
			`builder.WriteString(":")`
			`builder.WriteString(v)`
			`builder.WriteString(",")`
			`}`
			`return strings.TrimSuffix(builder.String(), ",")`
			`}`

			`// GetArg returns an arg for a name`
			`func (a *Action) GetArg(name string) string {`
			`v, ok := a.Data[name]`
			`if !ok {`
			`return ""`
			`}`
			`return v`
			`}`