DefaultValueGenerator.java

/*
 * Zed Attack Proxy (ZAP) and its related class files.
 * 
 * ZAP is an HTTP/HTTPS proxy for assessing web application security.
 * 
 * Copyright 2017 The ZAP Development Team
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.zaproxy.zap.model;


import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;
import java.util.Map;

import org.apache.commons.httpclient.URI;

import net.htmlparser.jericho.FormControlType;

/**
 *   Default implementation of the ValueGenerator
 *
 *   @since 2.6.0
 */

public class DefaultValueGenerator implements ValueGenerator{

	private static final String ATTR_TYPE = "type";
	private static final String DEFAULT_NUMBER_VALUE = "1";
	private static final String DEFAULT_TEXT_VALUE = org.parosproxy.paros.Constant.PROGRAM_NAME_SHORT;
	private static final String DEFAULT_PASS_VALUE = DEFAULT_TEXT_VALUE;
	private static final String DEFAULT_FILE_VALUE = "test_file.txt";
	private static final String DEFAULT_EMPTY_VALUE = "";

	private Date defaultDate;

	/**
	 * Gets the default {@code Date}, to be used for default values of date fields.
	 *
	 * @return the date, never {@code null}.
	 * @see #setDefaultDate(Date)
	 */
	public Date getDefaultDate() {
		if (defaultDate == null) {
			return new Date();
		}
		return defaultDate;
	}

	public void setDefaultDate(Date date) {
		this.defaultDate = date;
	}

	/**
	 * Generates accurate field values for following types:
	 * <ul>
	 * <li>Text/Password/Search - DEFAULT_TEXT_VALUE</li>
	 * <li>number/range - if min is defined, then use min. If max is defined use max,
	 * otherwise DEFAULT_NUMBER_VALUE</li>
	 * <li>url - http://www.example.com</li>
	 * <li>email - foo-bar@example.com</li>
	 * <li>color - #ffffff</li>
	 * <li>tel - 9999999999</li>
	 * <li>date/datetime/time/month/week/datetime-local - current date in the proper format</li>
	 * <li>file - DEFAULT_FILE_VALUE</li>
	 * </ul>
	 * @return the default String value for each control type
	 */

	@Override
	public String getValue(URI uri, String url, String fieldId, String defaultValue, List<String> definedValues, Map<String, String> envAttributes, Map<String, String> fieldAttributes) {

		//If there is a default value provided, return it
		if (!defaultValue.isEmpty()){
			return defaultValue;
		}

		if (fieldAttributes.get("Control Type").equalsIgnoreCase(FormControlType.TEXT.toString())) {
			// Converted FormControlType to String to allow for case insensitive comparison
			// If the control type was reduced to a TEXT type by the Jericho library, check the
			// HTML5 type and use proper values
			String type = fieldAttributes.get(ATTR_TYPE);
			if (type == null || type.equalsIgnoreCase("text")) {
				return DEFAULT_TEXT_VALUE;
			}
			if (type.equalsIgnoreCase("number") || type.equalsIgnoreCase("range")) {
				String min = fieldAttributes.get("min");
				if (min != null) {
					return min;
				}
				String max = fieldAttributes.get("max");
				if (max != null) {
					return max;
				}
				return DEFAULT_NUMBER_VALUE;
			}
			if (type.equalsIgnoreCase("url")) {
				return "http://www.example.com";
			}
			if (type.equalsIgnoreCase("email")) {
				return "foo-bar@example.com";
			}
			if (type.equalsIgnoreCase("color")) {
				return "#ffffff";
			}
			if (type.equalsIgnoreCase("tel")) {
				return "9999999999";
			}
			if (type.equalsIgnoreCase("datetime")) {
				SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
				return format.format(getDefaultDate());
			}
			if (type.equalsIgnoreCase("datetime-local")) {
				SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss");
				return format.format(getDefaultDate());
			}
			if (type.equalsIgnoreCase("date")) {
				SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd");
				return format.format(getDefaultDate());
			}
			if (type.equalsIgnoreCase("time")) {
				SimpleDateFormat format = new SimpleDateFormat("HH:mm:ss");
				return format.format(getDefaultDate());
			}
			if (type.equalsIgnoreCase("month")) {
				SimpleDateFormat format = new SimpleDateFormat("yyyy-MM");
				return format.format(getDefaultDate());
			}
			if (type.equalsIgnoreCase("week")) {
				SimpleDateFormat format = new SimpleDateFormat("yyyy-'W'ww");
				return format.format(getDefaultDate());
			}
		} else if (fieldAttributes.get("Control Type").equalsIgnoreCase(FormControlType.PASSWORD.toString())) {
			return DEFAULT_PASS_VALUE;
		} else if (fieldAttributes.get("Control Type").equalsIgnoreCase(FormControlType.FILE.toString())) {
			return DEFAULT_FILE_VALUE;
		}
		return DEFAULT_EMPTY_VALUE;
	}
}