-
Notifications
You must be signed in to change notification settings - Fork 61
Plugins
A plugin is a piece of code used to help wordpot in processing and analyzing incoming requests.
How it works: a plugin register itself to one or more hooks which are points triggered by incoming requests. When a hook is triggered it puts in execution every plugin attached to it.
This feature is to be considered in beta. Please report bugs and drop suggestions to the issue page.
There are 4 hooks:
-
themes: is the hook wich is triggered when a theme probe is detected -
plugins: is the hook which is triggered when a plugin probe is detected -
admin: is the hook which is triggered when a a probe against thewp-admin/directory is detected -
commons: is the hook which is triggered whenever there is a request for a page/file in the main Wordpress directory (index.php,readme.html,wp-login.php, etc)
A plugin is made of two file (same name, different extensions):
-
plugin.pyis where the code lives -
plugin.iniis the plugin configuration file
To be installed both of the above files should be placed inside the wordpot/plugins/ directory.
The basic structure of a plugin.py is:
from wordpot.plugins_manager import BasePlugin
class Plugin(BasePlugin):
def run(self, **kwargs):
# code here
return {}
Depending on the hooks linked the run() function receives as input different arguments:
-
themes: -
requestwhich contain details about the request -
themewhich contain the theme that has been probed -
subpathwhich contain the path inside the directory of the theme that has been probed -
plugins: -
requestwhich contain details about the request -
pluginwhich contain the plugin that has been probed -
subpathwhich contain the path inside the directory of the plugin that has been probed -
admin: -
requestwhich contain details about the request -
subpathwhich contain the path inside the admin directory that has been probed -
commons: -
requestwhich contain details about the request -
filewhich contain the name of the file probed -
extwhich contain the extension of the file probed
You are free to parse input arguments as you wish, for example:
# Store input arguments
args = {}
for k, v in kwargs.iteritems():
args[k] = v
The main function must always return a dict, even empty. This dict might be used to pass informations back to the hook which will use them to redirect the request to a certain template or to interact with the main logger.
Every hook can understand the followings:
-
logwhich should contain a message to log trough the main logger -
templatewhich should contain the name of a template (e.g.dummy.html) to which we want to redirect the request to -
template_varsa dictionary of vars to be passed to the template
An example code:
# Result dict to return
res = {}
res['template_vars'] = {}
# CODE HERE
res['log'] = 'this plugin is awesome!'
res['template'] = 'dummy.html'
res['template_vars']['var1'] = 'Value var1'
res['template_vars']['var2'] = 'Value var2'
return res
The last component of a plugin is its configuration file which contains general informations and a list of hooks to use:
[plugin]
name = Plugin Name
author = John Doe <j@mailinator.com>
link = http://jdoe.com/my-plugins/
description = This plugin is useless and ugly
version = 1.0
hooks = commons, themes, plugins, admin
This is the plugin actually used to detect timthumb probes.
timthumb.py:
from wordpot.plugins_manager import BasePlugin
import re
TIMTHUMB_RE = re.compile('[tim]*thumb|uploadify', re.I)
class Plugin(BasePlugin):
def run(self, **kwargs):
# Result dict to return
res = {}
# Store input arguments
args = {}
for k, v in kwargs.iteritems():
args[k] = v
# Logic
if TIMTHUMB_RE.search(args['subpath']) is not None:
# Message to log
log = '%s probed for timthumb: %s' % (args['request'].remote_addr, args['subpath'])
res['log'] = log
# Template to render
res['template'] = 'timthumb.html'
return res
timthumb.ini:
[plugin]
name = Timthumb Detector
author = Gianluca Brindisi <g@brindi.si>
link = http://brindi.si/g/
description = detects if a request was probing for timthumb
version = 1.0
hooks = plugins, themes