RemoteFileInclusionRule.java

/*
 * Copyright 2011 NCHOVY
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 * http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.krakenapps.rule.http;

public class RemoteFileInclusionRule extends HttpRequestRule {
	private String var;

	public RemoteFileInclusionRule(String id, String msg, String path, String var) {
		super("rfi", id, msg, path);
		this.var = var;
	}

	@Override
	public boolean match(HttpRequestContext c) {
		String value = c.getParameters().get(var);
		if (value == null)
			return false;

		return value.startsWith("http://");
	}

	@Override
	public String toString() {
		return getId() + " " + getMessage();
	}
}