paramdigger: Handle session change & previous PR follow-up

- CHANGELOG > Add change note. - CacheController > Remove unnecessary else block and conditional handling. - ExtensionParamDigger > Add and use SessionChangedListener. - HeaderGuesser > Make constant final. Signed-off-by: kingthorin <kingthorin@users.noreply.github.com>
zaproxy · Feb 18, 2024 · 230711e · 230711e
1 parent c19ddb5
commit 230711e
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 14 deletions.
diff --git a/addOns/paramdigger/CHANGELOG.md b/addOns/paramdigger/CHANGELOG.md
@@ -7,6 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Changed
 - Maintenance changes.
 - Update minimum ZAP version to 2.14.0.
+- The output panel is now properly reset on ZAP session change (part of Issue 7694).
 
 ## [0.2.0] - 2023-06-06
 ### Fixed

diff --git a/addOns/paramdigger/src/main/java/org/zaproxy/addon/paramdigger/CacheController.java b/addOns/paramdigger/src/main/java/org/zaproxy/addon/paramdigger/CacheController.java
@@ -861,20 +861,16 @@ private boolean checkAlwaysMiss(String url, Method method, Cache cache) {
             String indicValue = msg.getResponseHeader().getHeader(cache.getIndicator());
             if (indicValue == null || indicValue.isEmpty()) {
                 return true;
-            } else {
-                if (!this.checkCacheHit(indicValue, cache) && cache.getIndicator() != null) {
-                    sleeper(2000);
-                    httpSender.sendAndReceive(msg);
-                    addCacheMessage(msg);
-                    indicValue = msg.getResponseHeader().getHeader(cache.getIndicator());
-                    if (this.checkCacheHit(indicValue, cache)) {
-                        return false;
-                    } else {
-                        return true;
-                    }
-                }
-                return false;
             }
+            if (!this.checkCacheHit(indicValue, cache) && cache.getIndicator() != null) {
+                sleeper(2000);
+                httpSender.sendAndReceive(msg);
+                addCacheMessage(msg);
+                indicValue = msg.getResponseHeader().getHeader(cache.getIndicator());
+                // Not cache hit, is always miss
+                return !this.checkCacheHit(indicValue, cache);
+            }
+            return false;
 
         } catch (Exception e) {
             return false;

diff --git a/addOns/paramdigger/src/main/java/org/zaproxy/addon/paramdigger/ExtensionParamDigger.java b/addOns/paramdigger/src/main/java/org/zaproxy/addon/paramdigger/ExtensionParamDigger.java
@@ -21,9 +21,12 @@
 
 import javax.swing.ImageIcon;
 import org.parosproxy.paros.Constant;
+import org.parosproxy.paros.control.Control.Mode;
 import org.parosproxy.paros.extension.ExtensionAdaptor;
 import org.parosproxy.paros.extension.ExtensionHook;
 import org.parosproxy.paros.extension.ExtensionPopupMenuItem;
+import org.parosproxy.paros.extension.SessionChangedListener;
+import org.parosproxy.paros.model.Session;
 import org.parosproxy.paros.network.HttpMessage;
 import org.zaproxy.addon.paramdigger.gui.ParamDiggerDialog;
 import org.zaproxy.addon.paramdigger.gui.ParamDiggerPanel;
@@ -83,6 +86,8 @@ public void hook(ExtensionHook extensionHook) {
             extensionHook.getHookMenu().addToolsMenuItem(getMenu());
             extensionHook.getHookView().addStatusPanel(getParamDiggerPanel());
             extensionHook.getHookMenu().addPopupMenuItem(getPopupMsg());
+
+            extensionHook.addSessionListener(new SessionChangedListenerImpl());
         }
     }
 
@@ -153,4 +158,27 @@ public void showParamDiggerDialog(HttpMessage node) {
     public String getDescription() {
         return Constant.messages.getString(PREFIX + ".desc");
     }
+
+    private class SessionChangedListenerImpl implements SessionChangedListener {
+
+        @Override
+        public void sessionChanged(Session session) {
+            getParamDiggerPanel().reset();
+        }
+
+        @Override
+        public void sessionAboutToChange(Session session) {
+            // Nothing to do
+        }
+
+        @Override
+        public void sessionScopeChanged(Session session) {
+            // Nothing to do
+        }
+
+        @Override
+        public void sessionModeChanged(Mode mode) {
+            // Nothing to do
+        }
+    }
 }
diff --git a/addOns/paramdigger/src/main/java/org/zaproxy/addon/paramdigger/HeaderGuesser.java b/addOns/paramdigger/src/main/java/org/zaproxy/addon/paramdigger/HeaderGuesser.java
@@ -74,7 +74,7 @@ public class HeaderGuesser implements Runnable {
     private static final String POISON_DEFINITION = "paramdigger.results.poison.definition";
     private static final String POISON_DEFINITION_FIRST =
             "paramdigger.results.poison.definition.first";
-    private static List<Integer> ERROR_CODES = List.of(400, 413, 418, 429, 503);
+    private static final List<Integer> ERROR_CODES = List.of(400, 413, 418, 429, 503);
 
     private static final int PORT = 31337;
     private static final String[] PORTS = {":" + PORT, ":@" + PORT, " " + PORT};