1
package httpapi
2

3
import (
4
	"net/http"
5
	"time"
6

7
	"github.com/projectdiscovery/nuclei/v3/pkg/js/compiler"
8
	"github.com/projectdiscovery/nuclei/v3/pkg/types"
9
	"github.com/projectdiscovery/nuclei/v3/pkg/utils/json"
10
)
11

12
type Concurrency struct {
13
	BulkSize              int    `json:"bulk_size"`
14
	Threads               int    `json:"threads"`
15
	RateLimit             int    `json:"rate_limit"`
16
	RateLimitDuration     string `json:"rate_limit_duration"`
17
	PayloadConcurrency    int    `json:"payload_concurrency"`
18
	ProbeConcurrency      int    `json:"probe_concurrency"`
19
	JavascriptConcurrency int    `json:"javascript_concurrency"`
20
}
21

22
// Server represents the HTTP server that handles the concurrency settings endpoints.
23
type Server struct {
24
	addr   string
25
	config *types.Options
26
}
27

28
// New creates a new instance of Server.
29
func New(addr string, config *types.Options) *Server {
30
	return &Server{
31
		addr:   addr,
32
		config: config,
33
	}
34
}
35

36
// Start initializes the server and its routes, then starts listening on the specified address.
37
func (s *Server) Start() error {
38
	http.HandleFunc("/api/concurrency", s.handleConcurrency)
39
	if err := http.ListenAndServe(s.addr, nil); err != nil {
40
		return err
41
	}
42
	return nil
43
}
44

45
// handleConcurrency routes the request based on its method to the appropriate handler.
46
func (s *Server) handleConcurrency(w http.ResponseWriter, r *http.Request) {
47
	switch r.Method {
48
	case http.MethodGet:
49
		s.getSettings(w, r)
50
	case http.MethodPut:
51
		s.updateSettings(w, r)
52
	default:
53
		http.Error(w, "Unsupported HTTP method", http.StatusMethodNotAllowed)
54
	}
55
}
56

57
// GetSettings handles GET requests and returns the current concurrency settings
58
func (s *Server) getSettings(w http.ResponseWriter, _ *http.Request) {
59
	concurrencySettings := Concurrency{
60
		BulkSize:              s.config.BulkSize,
61
		Threads:               s.config.TemplateThreads,
62
		RateLimit:             s.config.RateLimit,
63
		RateLimitDuration:     s.config.RateLimitDuration.String(),
64
		PayloadConcurrency:    s.config.PayloadConcurrency,
65
		ProbeConcurrency:      s.config.ProbeConcurrency,
66
		JavascriptConcurrency: compiler.PoolingJsVmConcurrency,
67
	}
68
	w.Header().Set("Content-Type", "application/json")
69
	if err := json.NewEncoder(w).Encode(concurrencySettings); err != nil {
70
		http.Error(w, err.Error(), http.StatusInternalServerError)
71
		return
72
	}
73
}
74

75
// UpdateSettings handles PUT requests to update the concurrency settings
76
func (s *Server) updateSettings(w http.ResponseWriter, r *http.Request) {
77
	var newSettings Concurrency
78
	if err := json.NewDecoder(r.Body).Decode(&newSettings); err != nil {
79
		http.Error(w, err.Error(), http.StatusBadRequest)
80
		return
81
	}
82

83
	if newSettings.RateLimitDuration != "" {
84
		if duration, err := time.ParseDuration(newSettings.RateLimitDuration); err == nil {
85
			s.config.RateLimitDuration = duration
86
		} else {
87
			http.Error(w, "Invalid duration format", http.StatusBadRequest)
88
			return
89
		}
90
	}
91
	if newSettings.BulkSize > 0 {
92
		s.config.BulkSize = newSettings.BulkSize
93
	}
94
	if newSettings.Threads > 0 {
95
		s.config.TemplateThreads = newSettings.Threads
96
	}
97
	if newSettings.RateLimit > 0 {
98
		s.config.RateLimit = newSettings.RateLimit
99
	}
100
	if newSettings.PayloadConcurrency > 0 {
101
		s.config.PayloadConcurrency = newSettings.PayloadConcurrency
102
	}
103
	if newSettings.ProbeConcurrency > 0 {
104
		s.config.ProbeConcurrency = newSettings.ProbeConcurrency
105
	}
106
	if newSettings.JavascriptConcurrency > 0 {
107
		compiler.PoolingJsVmConcurrency = newSettings.JavascriptConcurrency
108
		s.config.JsConcurrency = newSettings.JavascriptConcurrency // no-op on speed change
109
	}
110

111
	w.WriteHeader(http.StatusOK)
112
}
113

114