1
package yaml
2

3
import (
4
	"io"
5
	"strings"
6

7
	"github.com/pkg/errors"
8
	"github.com/projectdiscovery/gologger"
9
	"github.com/projectdiscovery/nuclei/v3/pkg/input/formats"
10
	"github.com/projectdiscovery/nuclei/v3/pkg/input/types"
11
	YamlUtil "gopkg.in/yaml.v3"
12
)
13

14
// YamlMultiDocFormat is a Yaml format parser for nuclei
15
// input HTTP requests with multiple documents separated by ---
16
type YamlMultiDocFormat struct {
17
	opts formats.InputFormatOptions
18
}
19

20
// New creates a new JSON format parser
21
func New() *YamlMultiDocFormat {
22
	return &YamlMultiDocFormat{}
23
}
24

25
var _ formats.Format = &YamlMultiDocFormat{}
26

27
// proxifyRequest is a request for proxify
28
type proxifyRequest struct {
29
	URL     string `json:"url"`
30
	Request struct {
31
		Header map[string]string `json:"header"`
32
		Body   string            `json:"body"`
33
		Raw    string            `json:"raw"`
34
	} `json:"request"`
35
}
36

37
// Name returns the name of the format
38
func (j *YamlMultiDocFormat) Name() string {
39
	return "yaml"
40
}
41

42
func (j *YamlMultiDocFormat) SetOptions(options formats.InputFormatOptions) {
43
	j.opts = options
44
}
45

46
// Parse parses the input and calls the provided callback
47
// function for each RawRequest it discovers.
48
func (j *YamlMultiDocFormat) Parse(input io.Reader, resultsCb formats.ParseReqRespCallback, filePath string) error {
49
	decoder := YamlUtil.NewDecoder(input)
50
	for {
51
		var request proxifyRequest
52
		err := decoder.Decode(&request)
53
		if err == io.EOF {
54
			break
55
		}
56
		if err != nil {
57
			return errors.Wrap(err, "could not decode json file")
58
		}
59
		if strings.TrimSpace(request.Request.Raw) == "" {
60
			continue
61
		}
62

63
		rawRequest, err := types.ParseRawRequestWithURL(request.Request.Raw, request.URL)
64
		if err != nil {
65
			gologger.Warning().Msgf("multidoc-yaml: Could not parse raw request %s: %s\n", request.URL, err)
66
			continue
67
		}
68
		resultsCb(rawRequest)
69
	}
70
	return nil
71
}
72

73