-
Notifications
You must be signed in to change notification settings - Fork 1
/
export-meta.py
54 lines (45 loc) · 2.32 KB
/
export-meta.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
import sqlite3
import sys
db_conn = sqlite3.connect('profile.db')
db_cursor = db_conn.cursor()
def get_csp_policy(document_domain):
directive_dict = {
'report-uri': 'https://example.org/CSP-REPORT-URI',
'default-src': "'none' ",
'style-src': "'none' ",
'img-src': "'none' ",
'frame-src': "'none' ",
'frame-ancestors': "'none' ",
'media-src': "'none' ",
'manifest-src': "'none' ",
'connect-src': "'none' ",
'worker-src': "'none' ",
'font-src': "'none' ",
'script-src': "'none' "
}
def add_directive(directive, resource_domain):
if not directive in directive_dict.keys() or "'none'" in directive_dict[directive]:
directive_dict[directive] = ''
directive_dict[directive] += resource_domain + ' '
for (directive, resource_domain, action) in db_cursor.execute('SELECT directive, resource_domain, action FROM known_relations WHERE document_domain=?', (document_domain,)):
if action == 'PERMIT':
add_directive(directive, resource_domain)
policy = '; '.join([k + ' ' + directive_dict[k].strip()
for k in directive_dict.keys()])
return policy
def get_sri_hashes(resource_domain):
return sorted(set(db_cursor.execute('SELECT possibly_dynamic,resource_uri,sha256,sha384,sha512 FROM sri_hashes WHERE resource_domain=?', (resource_domain,)).fetchall()))
if '*' in sys.argv:
sys.argv = sorted(set([_[0] for _ in
db_cursor.execute('SELECT document_domain FROM known_relations').fetchall() +
db_cursor.execute('SELECT resource_domain FROM known_relations').fetchall() +
db_cursor.execute('SELECT resource_domain FROM sri_hashes').fetchall()]))
for document_domain in sorted((set(sys.argv[1:]))):
print('CSP {}: {}'.format(document_domain, get_csp_policy(document_domain)))
for sri_hash_result in get_sri_hashes(document_domain):
if sri_hash_result[0] == '0' or sri_hash_result[0] == 0:
print('STATIC-SRI {}: {}'.format(document_domain,
' '.join(sri_hash_result[1:])))
else:
print('DYNAMICISH-SRI {}: {}'.format(document_domain,
' '.join(sri_hash_result[1:])))