Home

Awesome

request_generator  Build Status

request_generator is an object tree builder and code generator for raw HTTP requests.

request_generator builds an object tree and generates code from it for specific languages/frameworks like HTML form, jQuery or XHR. The tree is built using an HttpRequest object.

Getting Started

To use request_generator, make sure to have request_parser installed or present in PYTHONPATH.

git clone the repository and copy the library directory request_generator to a location that is present in PYTHONPATH or copy somewhere and add that location to PYTHONPATH and use it as follows,

from io import BytesIO

from request_parser.http.request import HttpRequest

from request_generator.html.html_request_builder import RequestBuilder, TargetType
from request_generator.html.jquery.jquery_request_builder import JQueryRequestBuilder
from request_generator.builders import Type

def parse_and_build(requests=None):
    # create an array of HttpRequest objects
    http_requests = []
    for request in requests:
        # create an iterable object out of request bytes
        request_stream = BytesIO(request)
        # create an HttpRequest object for the request
        http_request = HttpRequest(request_stream=request_stream)
        http_requests.append(http_request)

    # parse all the HttpRequest object
    for http_request in http_requests:
        http_request.parse()

    # build an HTML request builder
    html_builder = HtmlRequestBuilder(requests=http_requests)
    # build object tree for from-based request and target as iframe with auto submit to true
    html_builder.build(type=Type.form_request, target_type=TargetType.iframe, auto_submit=auto_submit)
    # generate code
    html_code = html_builder.generate()

    # build a jQuery request builder
    jquery_builder = HtmlRequestBuilder(requests=http_requests)
    # build object tree for jQuery based request and target as iframe with auto submit to true
    jquery_builder.build(target_type=TargetType.iframe, auto_submit=auto_submit)
    # generate code
    jquery_html_code = jquery_builder.generate()

Package and Module Details

dom

A basic unit in an object tree is a Tag object defined in the tag module under the dom package. A Tag object can be used to define a building unit for any type of object tree. For example, this might be a statement in a programming language like Java or Python or an HTML element.

Tag class defines basic navigation, search, modification and code generation methods for an object tree. This Tag class is created by forking beautifulsoup's PageElement.

Specializations and extensions of a Tag is possible by inherting it to change the behavior. The SimpleHTMLElement from simple_html_element for example, forms the basic unit in an HTML object tree. This SimpleHTMLElement is further customized in simple_html_elements module to create other HTML elements like IFrame, Img, Input etc that make up an HTML object tree.

builders

The builders module enumerates the available build types in the Type class.

request_generator

The request_generator module's RequestGenerator class defines the genereate_request(requests=None, type=None, target_type=None, auto_submit=None) method which is a single-point entry to build an object-tree and generate the code in a single call.

requestsan array of HttpRequest objects
typeone of the build types from Type
target_typeone of the value from TargetType from html_request_builder module
auto_submitTrue or False if auto submit of request is desired

request_builder

The request_builder module defines the RequestBuilder class which defines a minimum API any request builder implementation needs to provide.

build(*args, **kwargs)
generate(*args, **kwargs)

utils

The utils.utils module contains the function get_abs_path(*dirs) which returns the absolute path constructed by appending a list of dirs one after another under the request_generator module.

html.*

Building Requests

HTML and jQuery

HTML form request and XHR request

html.html_request_builder module defines the HtmlRequestBuilder class. This class implements the RequestBuilder interface for a builder-generator for form-based and XHR based HTML code. These two types are listed in the Type as form_request = 0 and xhr_request = 1.

build(type=Type.form_request, target_type=TargetType.iframe, auto_submit=False)type, the request type - form based request (Type.form_request) and XHR based request (Type.xhr_request)<br>target_type, where responses should be loaded - iframe (TargetType.iframe) and new tab (TargetType.new_tab)<br>auto_submit, when True generate JavaScript code to submit requests when page is loaded
generate()generate code from the object tree built

Usage

# build an HTML request builder
html_builder = HtmlRequestBuilder(requests=http_requests)
# build object tree for from-based request and target as iframe with auto submit to true
# TargetType.new_tab for loading responses in new tab
builder.build(type=Type.form_request, target_type=TargetType.iframe, auto_submit=auto_submit)
# generate code
html_code = html_builder.generate()

jQuery request

html.jquery.jquery_request_builder module defines the JQueryRequestBuilder class. This class inherits HtmlRequestBuilder for a builder-generator for jQuery based HTML code. This type is listed in the Type as jquery_request = 2.

build(target_type=TargetType.iframe, auto_submit=False)target_type, where responses should be loaded - iframe (TargetType.iframe) and new tab (TargetType.new_tab)<br>auto_submit, when True generate JavaScript code to submit requests when page is loaded
generate()generate code from the object tree built

Usage

# build an HTML request builder
jquery_builder = JQueryRequestBuilder(requests=http_requests)
# build object tree for from-based request and target as iframe with auto submit to true
# TargetType.new_tab for loading responses in new tab
jquery_builder.build(target_type=TargetType.iframe, auto_submit=auto_submit)
# generate code
jquery_code = jquery_builder.generate()

Encoder

The html.dom package has an Encoder class that implements encoding methods based on OWASP's XSS Prevention Cheatsheet to help with proper output encoding during HTML/JS object tree building. This helps prevent context escaping in generated code.